I have been struggling with getting two internal views to work on three
BIND servers running on Ubuntu Linux 8.04.2 x64
( kernel 2.6.24-23-server ) for two straight working days
(OK, I have other projects too. :-)
Scope: present different CNAMES and A records to one subnet
(10.x.D.0/24) and another for all remaining (10.x.0.0/16)
This will allow my .5 subnet to automount NFS via UDP
without jiggering the network infrastructure (routers and switches).
NFS and NIS servers are homed on multiple networks
(.A.x/24, .B.x/24, .D.x/24)
Any suggestions or help would be greatly appreciated (virtual beer and
libations are on the way) in finding a working config example.
I have read the ARMs, searched Google and communities, no joy.
I apologize in advance if there is a well known fount of this knowledge,
you know how it is, being a sys/sec/net admin at a dynamically changing
technology company :-)
Best,
Paul Krash
Sys/Sec/Net Administrator
Exegy, Inc.
pkr...@exegy.com
This e-mail and any documents accompanying it may contain legally privileged and/or confidential information belonging to Exegy, Inc. Such information may be protected from disclosure by law. The information is intended for use by only the addressee. If you are not the intended recipient, you are hereby notified that any disclosure or use of the information is strictly prohibited. If you have received this e-mail in error, please immediately contact the sender by e-mail or phone regarding instructions for return or destruction and do not use or disclose the content to others.
Agreed. Will do. As time permits today. Thank you for your help!
Paul Krash from mobile +01.314.283.4942
Note that if the clients are recent Wintel they *already* perform
sortlisting automatically, for addresses on their own subnets. It's
built into the network stack. http://support.microsoft.com/kb/182644/EN-US/
- Kevin
P.S. Why would the CNAMEs need to be differentiated? Surely only the A
records would vary, and the CNAMEs could stay the same (?)
Paul Krash wrote:
> Morning!
>
> I have been struggling with getting two internal views to work on
> three BIND servers running on Ubuntu Linux 8.04.2 x64
> ( kernel 2.6.24-23-server ) for two straight working days
> (OK, I have other projects too. :-)
>
> Scope: present different CNAMES and A records to one subnet
> (10.x.D.0/24) and another for all remaining (10.x.0.0/16)
>
> This will allow my .5 subnet to automount NFS via UDP
> without jiggering the network infrastructure (routers and switches).
> NFS and NIS servers are homed on multiple networks
> (.A.x/24, .B.x/24, .D.x/24)
>
> Any suggestions or help would be greatly appreciated (virtual beer and
> libations are on the way) in finding a working config example.
>
> I have read the ARMs, searched Google and communities, no joy.
>
> I apologize in advance if there is a well known fount of this knowledge,
> you know how it is, being a sys/sec/net admin at a dynamically
> changing technology company :-)
>
> Best,
>
> Paul Krash
> Sys/Sec/Net Administrator
> Exegy, Inc.
> pkr...@exegy.com
>
> This e-mail and any documents accompanying it may contain legally
> privileged and/or confidential information belonging to Exegy, Inc.
> Such information may be protected from disclosure by law. The
> information is intended for use by only the addressee. If you are not
> the intended recipient, you are hereby notified that any disclosure or
> use of the information is strictly prohibited. If you have received
> this e-mail in error, please immediately contact the sender by e-mail
> or phone regarding instructions for return or destruction and do not
> use or disclose the content to others.
> _______________________________________________
> bind-users mailing list
> bind-...@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
All, the 'dot5' view works great. The 'internal' view does not serve.
If I reverse the view order in named.local.conf, the first view gets
served, any views following do not.
I have incremented the files and restarted the daemon. No joy.
Thanks again!
PKrash
from the daemon.log :
Nov 2 14:38:25 bind named[22011]: client 10.x.5.25#45709: view dot5:
query: code.fckd.net IN A +
Nov 2 14:38:36 bind named[22011]: client 10.x.5.25#48023: view dot5:
query: home.fckd.net IN A +
Nov 2 14:39:38 bind named[22011]: client 10.x.4.123#54159: view
internal: query: code.fckd.net IN A +
Nov 2 14:39:38 bind named[22011]: client 10.x.4.123#36511: view
internal: query: code.fckd.net IN A +
Nov 2 14:39:38 bind named[22011]: client 10.x.4.123#37112: view
internal: query: code IN A +
named.local.conf :
________________________________________________________________________________________________________________
> root@bind:/etc/bind# cat named.conf.local
> //
> // Do any local configuration here
> //
>
> // Consider adding the 1918 zones here, if they are not used in your
> // organization
> //include "/etc/bind/zones.rfc1918";
>
> view dot5 {
> match-clients {
> 10.x.5.0/24;
> };
> zone "5.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.5.default.rev";
> };
> zone "eng.exegy.net" {
> type master;
> file "/etc/bind/fckd.net.default.dot5";
> notify yes;
> also-notify {
> 10.x.1.32;
> };
> };
> };
>
> view internal {
>
> zone "eng.exegy.net" {
> type master;
> file "/etc/bind/fckd.net.default.hosts";
> notify yes;
> also-notify {
> 10.x.1.32;
> };
> };
>
>
> zone "0.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.0.default.rev";
> notify yes;
> also-notify {
> 10.x.1.32;
> };
> };
> zone "1.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.1.default.rev";
> notify yes;
> also-notify {
> 10.x.1.32;
> };
> };
> zone "2.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.2.default.rev";
> notify yes;
> also-notify {
> 10.x.1.32;
> };ls -la
> };
> zone "3.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.3.default.rev";
> notify yes;
> also-notify {
> 10.x.1.32;
> };
> };
> zone "4.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.4.default.rev";
> notify yes;
> also-notify {
> 10.x.1.32;
> };
> };
> zone "6.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.6.default.rev";
> notify yes;
> also-notify {
> 10.x.1.32;
> };
> };
> zone "7.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.7.default.rev";
> notify yes;
> also-notify {
> 10.x.1.32;
> };
> };
> zone "8.x.10.in-addr.arpa" {
> type master;
> file "/etc/bind/10.x.8.rev";
> };
> };
fckd.net.default.dot5 :
____________________________________________________________________________________________________________________
> > view internal {
> >
> > zone "eng.exegy.net" {
Do you have anything to match here? By default, match-clients and
match-destinations default to matching all addresses (even not
"internal"). So when you reversed, the other view (dot5) would never
match and wouldn't work.
Hey Mr. Reed!
Would this statement be enough for the second 'internal' view? :
match-clients {
!10.x.5.0/24;
};
Or, do I have to explicitly define a match for every subnet?
e.g.:
match-clients {
!10.x.5.0/24;
10.x.1.0/24;
10.x.2.0/24;
10.x.3.0/24;
10.x.4.0/24;
10.x.6.0/24;
10.x.7.0/24;
10.x.8.0/24;
};
Best,
PKrash
> Morning!
>
> I have been struggling with getting two internal views to work on three
> BIND servers running on Ubuntu Linux 8.04.2 x64
> ( kernel 2.6.24-23-server ) for two straight working days
> (OK, I have other projects too. :-)
>
> Scope: present different CNAMES and A records to one subnet
> (10.x.D.0/24) and another for all remaining (10.x.0.0/16)
>
> This will allow my .5 subnet to automount NFS via UDP
> without jiggering the network infrastructure (routers and switches).
> NFS and NIS servers are homed on multiple networks
> (.A.x/24, .B.x/24, .D.x/24)
>
> Any suggestions or help would be greatly appreciated (virtual beer and
> libations are on the way) in finding a working config example.
>
> I have read the ARMs, searched Google and communities, no joy.
>
> I apologize in advance if there is a well known fount of this knowledge,
> you know how it is, being a sys/sec/net admin at a dynamically changing
> technology company :-)
Make sure you have the views in the appropriate order. Views are
checked in the order they appear in the named.conf file, not order of
specificity. So you need to have the /24 view before the /16 view.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***