[IMGate] Re: (no subject)

Len Conrad Fri, 29 Aug 2003 11:04:57 +0000

 > is the slave. if i put the slave in the internel acl then when a zone 
transfer occurs the zone file from the private dir gets coped to both the 
privave and public directories.


hmm, the backup file is written to the path/file in the "file" 
sub-statement.  I know of no way the file can be written to two files (by 
BIND), maybe the OS or something else is involved.


-Named.conf primary DNS------

acl "internal" { 127.0.0.1; 192.168.60.120; 192.168.60.133; };   // remove 
quotes
acl "external" { any; };   // remove quotes

acl "dns" { 192.168.60.133; 127.0.0.1; };   // remove quotes

options {
         directory "/var/named";
         pid-file "/var/named/named.pid";
         allow-query { any; };
         recursion no;
};

... don't try manage your access control in the options, but only in the 
views. so remove a-q and r-n above

view "private" {
         match-clients { "internal"; };  // remove quotes
         recursion yes; /// default, remove
         zone "nakoma.co.uk" {
                 type master;
                 notify yes; // default, remove
                 allow-transfer { "dns"; }; // remove quotes
                 file "private/nakoma.co.uk";
         }; };


view "public" {
         match-clients { "external"; }; // is default, remove
         recursion no;
         zone "nakoma.co.uk" {
                 type master;
                 notify yes;  // default, remove
                 also-notify {192.168.60.133; }; // unnecessary
                 allow-transfer { "dns"; };  // remove quotes
                 file "public/nakoma.co.uk";



------------Named.conf slave ---------------------------------

acl "internal" { 127.0.0.1; 192.168.60.120; 192.168.60.133; };    // remove 
quotes
acl "external" { any; };   // remove quotes

acl "dns" { 192.168.60.133; 127.0.0.1; };    // remove quotes



options {
         directory "/var/named";
         pid-file "/var/named/named.pid";
         allow-query { any; };  // remove
         recursion no;   // remove
};

view "private" {             // no quotes
         match-clients { "internal"; };   // no quotes
         recursion yes;  // default, remove
         zone "nakoma.co.uk" {
                 type slave;
                 masters {192.168.60.120;};
                 allow-transfer { "dns"; };
                 file "private/nakoma.co.uk";
         }; };


view "public" {     // no quotes
         match-clients { "external"; };  // no quotes
         recursion no;
         zone "nakoma.co.uk" {
                 type slave;
                 masters {192.168.60.120;};  // separate ;} with space
                 allow-transfer { "dns"; };  // no quotes
                 file "public/nakoma.co.uk";
                 };
         };


Len

[IMGate] Re: (no subject)

Reply via email to