Re: I specify subject: split view, match-recursive-only, non-authoritative answer from master
21.12.2011 20:40, Chris Buxton пишет:
No, that's not correct. You can use TSIG keys to differentiate between views,
without using separate interfaces.
I will try to
However, this will not solve the problem -- removing
match-recursive-only will solve the problem.
I need match-recursive-only yes in internal view options, i have
master zones in external view and without match-recursive-only yes
request from my internal clients to external zones not correctly.
Regards,
Chris Buxton
BlueCat Networks
On Dec 21, 2011, at 2:23 AM, Gelo wrote:
Hi,
Maybe this can help you.
First you need two network interfaces with diferent ip.
At the internal view declaration add transfer-source 192.168.11.x; ( has to be
different from your public/external)
In the zone statement, you must specify the private IP address of your slaves,
at allow-transfer clause
I hope you worth something.
regards.
Gelo
2011/12/21 Konstantin V. Krotovk...@insysnet.ru
21.12.2011 13:54, Konstantin V. Krotov пишет:
Hello, list!
I have split view on my name-servers (master and slave), for internal
and external clients i have zone with similar names, but different content.
Part of config named.conf on master:
view internal {
match-clients { myclients; };
recursion yes;
match-recursive-only yes;
allow-recursion { myclients; };
...
zone 10.168.192.in-addr.arpa {
type master;
file 10.168.192.in-addr.arpa.db;
allow-transfer {transfer_acl;};
allow-update {none;};
};
...
}
view external {
match-clients { any; };
recursion no;
...
[here descriptions of zone]
}
Well, then i have match-recursive-only yes directive in internal
view, slave name-server report: zone
10.168.192.in-addr.arpa/IN/internal: refresh: non-authoritative answer
from master xx.xx.136.2#53 (source xx.xx.140.26#0). If
match-recursive-only no, zone transfer to slave all right. There i have
wrong? Thx.
--
WBR, Konstantin V. Krotov
CJSs Information Systems
mailto: k...@insysnet.ru
phone: +7 (8332) 51-35-95
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
WBR, Konstantin V. Krotov
CJSs Information Systems
mailto: k...@insysnet.ru
phone: +7 (8332) 51-35-95
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: I specify subject: split view, match-recursive-only, non-authoritative answer from master
21.12.2011 13:54, Konstantin V. Krotov пишет:
Hello, list!
I have split view on my name-servers (master and slave), for internal
and external clients i have zone with similar names, but different content.
Part of config named.conf on master:
view internal {
match-clients { myclients; };
recursion yes;
match-recursive-only yes;
allow-recursion { myclients; };
...
zone 10.168.192.in-addr.arpa {
type master;
file 10.168.192.in-addr.arpa.db;
allow-transfer {transfer_acl;};
allow-update {none;};
};
...
}
view external {
match-clients { any; };
recursion no;
...
[here descriptions of zone]
}
Well, then i have match-recursive-only yes directive in internal
view, slave name-server report: zone
10.168.192.in-addr.arpa/IN/internal: refresh: non-authoritative answer
from master xx.xx.136.2#53 (source xx.xx.140.26#0). If
match-recursive-only no, zone transfer to slave all right. There i have
wrong? Thx.
--
WBR, Konstantin V. Krotov
CJSs Information Systems
mailto: k...@insysnet.ru
phone: +7 (8332) 51-35-95
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: I specify subject: split view, match-recursive-only, non-authoritative answer from master
Hi,
Maybe this can help you.
First you need two network interfaces with diferent ip.
At the internal view declaration add transfer-source 192.168.11.x; ( has to
be different from your public/external)
In the zone statement, you must specify the private IP address of your
slaves, at allow-transfer clause
I hope you worth something.
regards.
Gelo
2011/12/21 Konstantin V. Krotov k...@insysnet.ru
21.12.2011 13:54, Konstantin V. Krotov пишет:
Hello, list!
I have split view on my name-servers (master and slave), for internal
and external clients i have zone with similar names, but different
content.
Part of config named.conf on master:
view internal {
match-clients { myclients; };
recursion yes;
match-recursive-only yes;
allow-recursion { myclients; };
...
zone 10.168.192.in-addr.arpa {
type master;
file 10.168.192.in-addr.arpa.db;
allow-transfer {transfer_acl;};
allow-update {none;};
};
...
}
view external {
match-clients { any; };
recursion no;
...
[here descriptions of zone]
}
Well, then i have match-recursive-only yes directive in internal
view, slave name-server report: zone
10.168.192.in-addr.arpa/IN/**internal: refresh: non-authoritative answer
from master xx.xx.136.2#53 (source xx.xx.140.26#0). If
match-recursive-only no, zone transfer to slave all right. There i have
wrong? Thx.
--
WBR, Konstantin V. Krotov
CJSs Information Systems
mailto: k...@insysnet.ru
phone: +7 (8332) 51-35-95
__**_
Please visit
https://lists.isc.org/mailman/**listinfo/bind-usershttps://lists.isc.org/mailman/listinfo/bind-usersto
unsubscribe from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/**listinfo/bind-usershttps://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: I specify subject: split view, match-recursive-only, non-authoritative answer from master
No, that's not correct. You can use TSIG keys to differentiate between views,
without using separate interfaces. However, this will not solve the problem --
removing match-recursive-only will solve the problem.
Regards,
Chris Buxton
BlueCat Networks
On Dec 21, 2011, at 2:23 AM, Gelo wrote:
Hi,
Maybe this can help you.
First you need two network interfaces with diferent ip.
At the internal view declaration add transfer-source 192.168.11.x; ( has to
be different from your public/external)
In the zone statement, you must specify the private IP address of your
slaves, at allow-transfer clause
I hope you worth something.
regards.
Gelo
2011/12/21 Konstantin V. Krotov k...@insysnet.ru
21.12.2011 13:54, Konstantin V. Krotov пишет:
Hello, list!
I have split view on my name-servers (master and slave), for internal
and external clients i have zone with similar names, but different content.
Part of config named.conf on master:
view internal {
match-clients { myclients; };
recursion yes;
match-recursive-only yes;
allow-recursion { myclients; };
...
zone 10.168.192.in-addr.arpa {
type master;
file 10.168.192.in-addr.arpa.db;
allow-transfer {transfer_acl;};
allow-update {none;};
};
...
}
view external {
match-clients { any; };
recursion no;
...
[here descriptions of zone]
}
Well, then i have match-recursive-only yes directive in internal
view, slave name-server report: zone
10.168.192.in-addr.arpa/IN/internal: refresh: non-authoritative answer
from master xx.xx.136.2#53 (source xx.xx.140.26#0). If
match-recursive-only no, zone transfer to slave all right. There i have
wrong? Thx.
--
WBR, Konstantin V. Krotov
CJSs Information Systems
mailto: k...@insysnet.ru
phone: +7 (8332) 51-35-95
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
