DNS service with a SQL backend

Kirk Strauser kirk at strauser.com
Thu Jul 21 18:42:10 GMT 2005 

On Thursday 21 July 2005 02:25, Daniel Marsh wrote:

> The only issue I foresee is having to have slightly different zone names
> that you wish to serve for each IP range.

Not true.  Zone *files*, yes.  Because of the wonderfulness that is NAT, my 
LAN's nameserver gives different answers based on whether the query comes 
from the LAN or the Internet.  My named.conf looks similar to:

    view "private" {
        match-clients {
            !127.0.0.1;
            !::1;
            localhost;
            "lan";
        };

        zone "honeypot.net" {
            type master;
            file "internal/db.honeypot.net";
        };
    };

    view "public" {
        match-clients { any };

        zone "honeypot.net" {
            type master;
            file "external/db.honeypot.net";
        };
    };

Then, my zone files looks like:

  internal/db.honeypot.net:

    $INCLUDE ../common-stuff
    www  IN  A  10.5.0.32

  external/db.honeypot.net:

    $INCLUDE ../common-stuff
    www  IN  A  12.34.56.78

  common-stuff:

    @ IN SOA ...
    www  IN  A  2001:470:1f01:224:1::2
    and so on

So, the Internet and my LAN see mostly the same data, except for a few 
records that get answered with different values.
-- 
Kirk Strauser
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050721/ae981b45/attachment.bin

More information about the freebsd-questions mailing list