HP-UX IP Address and Client Management Administrator's Guide (October 2009)
The view Statement
The view statement enables a name server to answer a DNS query depending on whether the
query is internal or external. The view statement is used to implement a split DNS setup without
running multiple servers. Each view statement defines a view of the DNS name space that is
visible to a subset of clients.
A client matches a view if its source IP address matches the address_match_list of the view’s
match-clients clause, and if its destination IP address matches the address_match_list
of the view’s match-destinations clause. If you do not specify both the clauses,
match-clients and match-destinations default to match all the addresses.
You can also specify a view statement as match-recursive-only, where only recursive
requests from matching clients match that view.
Zones defined within a view statement are accessible only to clients that match the view. You
can use the options defined in the options statement in the view statement to resolve queries
for a view. If you do not specify a view value, the options statement value is used as the default.
Views are class-specific. The default value is the IN class. If you do not specify view statements
in the configuration file, a default view that matches any client is created in the IN class, and the
zone statements specified in the beginning of the configuration file are considered to be part of
this default view. If an explicit view statement exists, all the zone statements must occur within
the view statement.
The view statement is of the following format:
view view_name [class] {
match-clients { address_match_list } ;
match-destinations { address_match_list } ;
match-recursive-only { yes_or_no } ;
[ view_option; ... ]
[ zone-statistics yes_or_no ; ]
[ zone-statement; ...]
};
An example of a typical split DNS setup implemented using the view statement is as follows:
view “internal” {
// This should match our internal networks.
match-clients { 10.0.0./8; };
// Provide recursive service to internal clients only.
recursion yes;
// Provide a complete view of the example.com zone
// including addresses of internal hosts.
zone “example.com” {
type master;
file “example-internal.db”;
};
};
view “external” {
match-clients { any; };
// Refuse recursive service to external clients.
recursion no;
// Provide a restricted view of the example.com zone
// containing only publicly accessible hosts.
zone “example.com” {
type master;
file “example-external.db”;
};
};
BIND Name Service Overview 43