named.conf.4 (2010 09)
n
named.conf(4) named.conf(4)
(BIND 9.3)
The view Statement
view Statement Grammar
view view_name [ class ] {
[ match-clients { address_match_list };]
[ match-destinations { address_match_list };]
[ match-recursive-only { yes_or_no };]
[ view_option ; ]...
[ zone_statement ; ]...
};
view Statement Definition and Usage
The
view statement lets a name server answer a DNS query differently depending on who is asking. It
is particularly useful for implementing split DNS setups without having to run multiple servers. Each
view statement defines a view of the DNS name space that will be seen by a subset of clients. The order
of the view statements is significant; a client request will be resolved in the context of the first view that
it matches.
view_name A name for the view.
class Views are class-specific. If no class is given, class
IN is assumed. Note that all non-IN
views must contain a hint zone, since only the IN class has compiled-in default hints.
match-clients, match-destinations
A client matches a view if its source IP address matches the address_match_list of the
view statement’s match-clients
clause and its destination IP address matches the
address_match_list of the
view statement’s match-destinations clause.
If not specified,
match-clients
and match-destinations each default to match-
ing all addresses.
match-recursive-only
Means that only recursive requests from matching clients match that view.
view_option Many of the options given in the
options statement can also be used within a view
statement, and then apply only when resolving queries with that view. When no view-
specific value is given, the value in the options statement is used as a default. Also,
zone options can have default values specified in the view statement; these view-specific
defaults take precedence over those in the options statement. See The options State-
ment section.
zone_statement Zones defined within a
view statement will only be accessible to clients that match the
view. By defining a zone of the same name in multiple views, different zone data can be
given to different clients; for example,
internal and external clients in a split DNS
setup. See The zone Statement section.
If there are no
view statements in the configuration file, a default view that matches any client is
automatically created in class IN, and any zone statements specified on the top level of the configuration
file are considered to be part of this default view. If any explicit view statements are present, all zone
statements must occur inside view statements.
Here is an example of a typical split DNS setup, implemented with
view statements.
view "internal" {
// This should match our internal networks.
match-clients { 10.0.0.0/8; };
// Provide recursive service to internal clients only.
recursion yes;
// Provide a complete view of the example.com zone
// including addresses of internal hosts.
zone "example.com" {
type master;
file "example-internal.db";
};
};
24 Hewlett-Packard Company − 24 − HP-UX 11i Version 3: September 2010