Documentation Index

Fetch the complete documentation index at: https://kb.isc.org/llms.txt

Use this file to discover all available pages before exploring further.

My secondary server for both an internal and an external view has both views transferred from the same primary view - how to resolve?

  • Updated on May 25, 2021
  • Published on Mar 8, 2017
  • 1 minute(s) read
  • Suzanne Goldlust
 Prev Next

BIND 9.10 and later: use the "in-view" zone option to allow both views to use the same in-memory instance of the zone.  See the ARM for your version of BIND for more details.

BIND 9.9 and later: see examples 3 and 4 of Understanding views in BIND 9, by example for an alternate method.

BIND 9.3 and later: Use TSIG to select the appropriate view.

Note the key must be specified before the address in the match-clients acls as processing of the ACL stops on first match.

Primary 10.0.1.1:

          key "external" {
                   algorithm hmac-md5;
                   secret "xxxxxxxx";
           };
           view "internal" {
                   match-clients { !key external; 10.0.1/24; };
                   ...
           };
           view "external" {
                   match-clients { key external; any; };
                   server 10.0.1.2 { keys external; };
                   recursion no;
                   ...
           };

Secondary 10.0.1.2:

          key "external" {
                   algorithm hmac-md5;
                   secret "xxxxxxxx";
           };
           view "internal" {
                   match-clients { !key external; 10.0.1/24; };

                   ...
           };
           view "external" {
                   match-clients { key external; any; };
                   server 10.0.1.1 { keys external; };
                   recursion no;
                   ...
           };