[SOLVED] Slave bind9 problem with external views. Debian Wheezy

llu · 10-26-2013, 05:46 AM

Hello, i've been fighting with this for the last few days. A few of my entries have external and internal IP's. My internal network is 192.168.1.0/24.

When I nslookup pc1.example.org internally it responds with a 192.168.1.0 address but if I nslookup pc1.example.org externally it still gives me a 192.168.1.0 address.

I'm on Debian Wheezy.

It worked correctly with out using the slave (clients directly connecting to the master) and the external client getting external ips
But changing clients resolv.conf to the slave dns gives me the 192.168.1.0 for the external client again
Help will be much appreciated

master named.conf

Code:

include "/etc/bind/named.conf.options";

acl  internals  { 192.168.1.0/24; localhost; };
acl  externals { !localnets; any; }; 

view "internal" {
match-clients { internals; };
zone "example.org"{
type master;
file "/etc/bind/internals/db.forward.net";
allow-transfer { 192.168.1.2/24; };
};

slave DNS named.conf

Code:

include "/etc/bind/named.conf.options";

acl  internals  { 192.168.1.0/24; localhost; };
acl  externals { !localnets; any; }; 

view "internal" {
match-clients { internals; };
zone "example.org"{
type slave;
file "/etc/bind/internals/db.forward.net";
masters {192.168.1.1/24; };
};

bathory · 10-26-2013, 08:06 AM

Hi and welcome to LQ,

You need to use TSIG keys to differentiate the 2 zone transfers. See an example here

Regards

llu · 10-27-2013, 04:36 AM

It works like a charm thanks!! I was ignoring TSIG simply because i was told it wasn't important :/