标签归档:view

Views in BIND 9

Views in BIND 9

by Cricket Liu
05/14/2000

The view that computers on the Internet see is usually considerably stripped down from the internal version and only contains information about resources available on the Internet, including Web servers and mail servers. The internal view normally contains everything: all those hosts accessible from the Internet plus all those on the internal network. 继续阅读

Bind9 View 底下的 master/slave 设定方案

Bind9 View 底下的 master/slave 设定方案

作者﹕网中人

一、前言

bind-9 自问世以来,深受广大 dns 管理员欢迎,是由于 bind9 提供了许多功能,解决了长期以来深受困扰的 dns 管理难题。

可是在新功能出现后,也带来了一些前所不曾预料的新问题,其中之一,就是 view 设定下的 master/slave 的同步问题。
继续阅读

Split Views with Bind 9 Howto

Split Views with Bind 9 Howto
Most of what follows comes from trying to help a friend configure Bind to be a bit more secure.  So this isn’t anywhere near a comprehensive guide.  The most important glaring omission is that I’m not covering how to chroot Bind 9 because there are already plenty of good guides.  And yes, you should absolutely chroot your Bind service.  I’m also not covering the zone files.  This is strictly about how to increase the security of your Bind 9 installation using views.
Overview This is applicable when you’re running a caching nameserver for your internal network, but also wish to publically serve (publish) your domain(s) from the same nameserver. 1) Enable split views to allow for differentiated access control  2) Disable recursive lookups to external hosts to prevent resource abuse  3) Disallow zone transfers to all except slave nameservers to prevent information leakage  继续阅读

Views in BIND 9

Views in BIND 9
by Cricket Liu
05/14/2000

The view that computers on the Internet see is usually considerably stripped down from the internal version and only contains information about resources available on the Internet, including Web servers and mail servers. The internal view normally contains everything: all those hosts accessible from the Internet plus all those on the internal network.
Until recently, presenting one view of a zone to one community of hosts and another view to others has entailed running multiple sets of name servers or multiple name server processes on a single host in a tricky configuration. Nobody ever said being two-faced is easy.
BIND 9 introduced a new feature called “views” that makes delivering different versions of a zone, and even different name server configurations, easy. In this article, I’ll describe how to use views to configure several two-faced name servers, each a little more complex than the last. 继续阅读

Freebsd7.0+BIND+VIEW实现智能DNS

Freebsd7.0+BIND+VIEW实现智能DNS
环境
系统:FreeBSD7.0
BIND:bind-9.4.2

一、下载bind源代码

cd /usr/ports/dns/bind94
make fetch
二、解压bind

cd /usr/ports/distfiles/
tar -zxf bind-9.4.2.tar.gz 继续阅读