comp.protocols.dns.bind
Affichage de l'article :
Re: stub zones and recursion ?

Date : Le 04 avril 2008
From : Mark Andrews
Sujet : Re: stub zones and recursion ?

>
> >=20
> > Does anybody get an idea to solve next problem ?
> >=20
> > I get some bind 9.2.3 resolvers,
>
> Upgrade.
> =3D=3D> foreseen for end of June
>
> > all configured the same way. All of
> > them are configured with some views, each of them dedicated to
> specific
> > clients. We get the default view recursively answering all queries to
> > anybody.
>
> Fine.
>
> > We also get another one where I am trying to non-recursively
> > answer queries but without getting data locally.
>
> Impossible.
> =20
> > A little example ..
> >=20
> > let's immagine we get lab.intranet. and srv.lab.intranet. defined on
> two
> > authoritative bind servers. On the other hand I get wks.lab.intranet
> > configured on a Ms Dns with WINS/backwards activated.=20
> >=20
> > Now I would like giving access my users to zones lab.intranet and
> > wks.lab.intranet ONLY. What are the solutions for it ?? I cannot
> simply
> > replicate zones on each servers because ISC BIND does not comply with
> > records 'IN WINS' (specific to Ms Windows Dns).
>
> Stop using WINS. Microsoft don't even really support it
> anymore.
> =3D=3D> I know but this is really too long to explain you the whole
> WINS history the company I work for.
>
> > So I try to define zones
> > as forward or stub, I am also playing with allow-recursion, recursion
> > but have not find any solution to my problem.
>
> Create your own root zone and delegate lab.intranet from it.
>
> view "xx" {
> match-clients {xx;};
> allow-query { any; };
> allow-recursion { any; };
> recursion yes;
>
> zone "." {
> type master;
> file "xx.root";
> };
> };
>
> xx.root:
> . 3600 SOA ...
> . 3600 NS ...
> lab.intranet. 3600 NS ns.lab.intranet.
> ns.lab.intranet. 3600 A