In message <[email protected]>, Jaap Winius writes:
> Hi folks,
>
> Occasionally I set up a slave zone on my DNS so that I don't always
> have to wait for updates from the master. However, my named.conf has
> separate internal and external views. This file has separate internal
> and external entries for the above slave zone, although these share
> the same cached zone file.
Don't do that. Cache files should NEVER be shared.
> What I find irritating about this configuration is that, although the
> external slave zone, including its cache in memory, almost immediately
> reflects the changes that are made to the master, the internal slave
> zone is only updated after bind9 is restarted -- that's when it reads
> it's already updated cached zone file.
>
> Is this a security feature that cannot be circumvented, or is it
> possible for the cached information of the internal slave zone to be
> updated together with the external one?
You can just have the internal view transfer from the external view.
key external {
....
};
view internal {
match-clients { !key external; 127.0.0.1; .... };
zone xxx {
type slave;
masters { 127.0.0.1 key external; .....};
file "internal/xxx";
};
};
view external {
match-clients { key external; any; };
zone xxx {
type slave;
masters { .... };
file "external/xxx";
notify explict;
also-notify { 127.0.0.1; };
allow-transfer { key external; .... };
};
};
> Thanks,
>
> Jaap
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [email protected]
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
