[Gllug] BIND9 Problems
Alain Williams
addw at phcomp.co.uk
Tue Mar 1 16:54:02 UTC 2005
On Tue, Mar 01, 2005 at 04:39:49PM +0000, t.clarke wrote:
> Simon asked about BIND and a home domain.
>
> It is perfectly possible to have your nameserver on your local machine
> listening to your local network only and serving up something totally different
> to the external nameserver. I assume that the nameserver for your main
> domain is on an external machine with your ISP (no point doing nameservice
> for your domain on your own machine).
>
> Give me a buzz at home this evening if you want to talk it through.
> I will take my BIND book home with me when I leave the office.
This is how you do it, you have views, one internal one external:
acl internal_phcomp { 192.168.0.0/16; };
acl world { 0.0.0.0/0; };
view "internal" {
match-clients {
internal_phcomp;
localhost;
};
// Who do we allow to use our DNS services
allow-query {
internal_phcomp;
localhost;
};
zone "." IN {
type hint;
file "named.ca";
};
... Other internal stuff
// Note that the internal view is different from the external one:
zone "phcomp.co.uk" {
type master;
file "named.hosts.phcomp.co.uk";
};
};
view "external" {
match-clients {
world;
};
recursion no;
zone "phcomp.co.uk" {
type master;
// Those that act as secondaries:
// Don't forget to allow these TCP/domain access through the firewall
notify yes;
also-notify { 213.221.172.236; 213.221.172.238; 80.68.91.63; };
// This contains the names that you want external people to know about
file "ext.named.hosts.phcomp.co.uk";
allow-query {
world;
};
};
allow-query {
none;
};
};
--
Alain Williams
+44 (0) 787 668 0256
#include <std_disclaimer.h>
Sign the "Thank you, Poland!" http://thankpoland.info/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20050301/54e52e6f/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list