R Dicaire wrote:
> allow-recursion { 192.168.1.0/24; ! 0.0.0.0;};
>
> acl "internal" {192.168.1.0/24;};
>
> view "internal" {
> match-clients { internal; };
> recursion yes;
> allow-transfer { internal; ! 0.0.0.0; };
> internal zone defs;
> };
>
> View "external" {
> match-clients { any; };
> recursion no;
> external zone defs;
> };
> Lookups based on the views acls show me the views configuration seems
> to be working. Local clients can lookup addresses fine, nothing
> appears to be amiss. What exactly does this syslog message mean?


It means that you are mixing access control methods for recursion.

Since your internal ACL matches what you were using in
"allow-recursion", just change the "allow-recursion" in global options
to "recursion no;" and allow the view based "recursion yes;" (internal)
and "recursion no;" (external) to override it.

Note that !0.0.0.0 ("none") is added to every ACL expansion, so you
don't need it in the example above.

Just for good measure, you may want to change the external match-clients to:

match-clients { !internal; any; };

AlanC