Re: Logging statements w.r.t. view in Bind 9.16.18

Tue, 24 Aug 2021 07:46:06 -0700 

Hi Ged, 

Actually recursion is only enabled for selected set of users , using geo ip 
feature of bind.
As server is on public IP, i have added PUBLIC view to log the users who are 
scanning/attempting to connect my server.

I hope i have explained my use case.

Thanks.

----- Original Message -----
From: bind-users@lists.isc.org
To: bind-users@lists.isc.org
Sent: Tuesday, August 24, 2021 5:37:35 PM
Subject: Re: Logging statements w.r.t. view in Bind 9.16.18

Hi there,

On Tue, 24 Aug 2021, Gaurav Kansal wrote:

> I want a clarity whether we can have individual logging statement
> per view basis ? Whatever i found on google, i think we can't.  My
> use case for separate logging statement is as follows -
>
> In my recursive server, i have 2 views, one for my internal clients
> and one for Internet ; i am running Internet view just for catch
> hold of scanning IPs (type of honeypot).
> 
> Syntax of 2 views are as follows -
>
> view "INTRANET" {
> match-clients { PRIVATE.SEGMENTS ; };
> recursion yes;
> };
>
> view "PUBLIC" {
> match-clients { any; };
> allow-query { none; } ;
> recursion no;
> };

You have recursion turned off for PUBLIC.  As I understand it, the
conventional wisdom is not to run recursive and non-recursive services
on the same BIND instance.  Would it make sense then, in your case, to
run two separate instances of BIND?  Separating logs is then trivial.

-- 

73,
Ged.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to