From: King, Michael (MKing@bridgew.edu)
Date: Fri Feb 06 2004 - 15:40:34 CST
Thanks Paul,
That's the item I need to make this work.
Mike
-----Original Message-----
From: owner-netreg@southwestern.edu
[mailto:owner-netreg@southwestern.edu] On Behalf Of Paul Schmidt
Sent: Friday, February 06, 2004 3:51 PM
To: netreg@southwestern.edu
Subject: Re: NetReg: Using Views with Bind 9
King, Michael wrote:
> I'm still having problems getting Views to work.
>
> I have my named.conf file setup correctly. (It is type hint's BTW
> Sara)
This is the real problem. It should _not_ be type hint, you need to be
a real, live master of . as you aren't going to get your data from
somewhere else. The zone file looks fine.
The named.conf file should look something like:
acl restricted { 141.224.101.0/25; 141.224.227.0/25; 141.224.231.0/25;
141.224.2
35.0/25; 141.224.239.0/25; };
acl internals { 141.224.0.0/16; 127.0.0.1; };
acl externals { !10.0.0.0/8; !141.224.0.0/16; !127.0.0.1; };
view "restricted" {
match-clients { restricted; };
recursion no;
zone "." in {
type master;
file "/etc/bind/db.fakeroot";
};
zone "in-addr.arpa" in {
type master;
file "/etc/bind/db.fakeroot.rev";
};
};
view "unrestricted" {
match-clients { any; };
recursion yes;
allow-recursion { internals; };
allow-query { internals; };
allow-transfer { local-nameservers; };
zone "." {
type hint;
file "/etc/bind/db.root";
};
...
> When I connect as a client in the penalty zone, the server comes back
> with the message:
>
> Can't find www.google.com: Server failed
>
> If I goto the Normal view (by switching to a different IP) and resovle
> it it will come back with the right address.
>
> After that, if I go back to the "PenaltyBox" view, it will give
> www.google.com 's real address.
This is due to caching of DNS data and isn't a problem.
-Paul Dawson Schmidt
dawsons@augsburg.edu
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg Send requests for assistance to:
owner-netreg@southwestern.edu
**********************************************************************
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:44 CDT