This is a discussion on expected view behavior - DNS ; Hello, My configuration is as follows. I have two views defined, in a split-dns way. Part of named.conf, from machine viewserver.mydomain.com, IPs are sanitized: acl clients { localhost; 192.0.2.64/26; 192.0.2.192/28; }; view "internal" { match-clients { clients; }; recursion yes; ...
Hello,
My configuration is as follows.
I have two views defined, in a split-dns way.
Part of named.conf, from machine viewserver.mydomain.com,
IPs are sanitized:
acl clients {
localhost;
192.0.2.64/26;
192.0.2.192/28;
};
view "internal" {
match-clients { clients; };
recursion yes;
//hint, localhost zones etc defined here
};
view "external" {
match-clients { any; };
recursion no;
zone "subdomain.mydomain.com" {
type master;
file "subdomain.db";
};
};
Also, we have another server, that defines the domain mydomain.com.
In this server, I delegate the subdomain.mydomain.com to the server
that have these views defined by doing:
subdomain.mydomain.com. IN NS viewserver.mydomain.com.
Both servers are located in the internal network.
Then, in the example.db above, I have an A record, say:
mymachine.subdomain.domain.com. IN A 192.0.2.65
So mymachine is also located in the internal network.
Outside the network defined by the ACL, I am able to resolve the external
name mymachine.subdomain.domain.com.
But the problem is that if I am inside the network (from machines that
are in the acl clients), I receive a SERVFAIL response.
Is this the correct behavior ?
Why I could not resolve the external name if I am located in the
internal network ?
To make things work, I must define the zone in the external *and*
in the internal view ?
Sincerely,
Andre Gerhard
Universidade de Sao Paulo
