In article <gqq1nm$2tc...@sf1.isc.org>, terry+bindus...@tmk.com wrote:
> > > Let me clarify - for a zone in more than one of the views, that zone's
> > > data doesn't vary by zone. The "internal" view has some zones not found
> > > in the "customer" or "external" views.
> >
> > This sounds like a job for the allow-query option in the zone statements.
>
> I should have mentioned that I tried that, but got:
> "option 'allow-query' is not allowed in 'forward' zone 'xxx.yyy.com'"
>
> In fact, that's what forced me into views in the first place.
Since forwarding is part of recursion, this will be handled by the
allow-recursion global option.
>
> > >
> > > Also, the external view doesn't provide recursion, while the customer
> > > and internal ones do.
> >
> > And this is a job for allow-query and allow-query-cache.
Sorry, I meant "allow-recursion" there.
> What's the deal with "allow-query"? I did some lookups from a host on an
> outside net (not in either the internal or customer views) and the server
> answered queries for the zones it hosted regardless of whether it was set
> to "allow-query { internal; customer; };" or "allow-query { any; };".
Do you still have views configured? I think the view options override
the global options.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
