#135 Zone create problem in Bind's module using views

open
nobody
None
5
2007-03-26
2007-03-20
Anonymous
No

Webmin 1.330

Hi,

When BIND DNS Server is configured with views and using a custom zone file in BIND's Webmin module (like /etc/my-custom-zone-file.conf), if i want to create a new zone, the BIND form propose me to add it to a view and adds it to /etc/named.conf, the default config file.

I want to be able to add my zones at the top level of the custom zone file.

What i expect to do :

/etc/named.conf

...
view "internal" {
match-clients { internals; };
recursion yes;
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/my-custom-zone-file.conf";
};

view "external" {
match-clients { any; !internals; };
recursion no;
include "/etc/my-custom-zone-file.conf";
};

And add zones in /etc/my-custom-zone-file.conf. In this case, Internals clients can do recursive request for all zones whereas external ones can only do direct request to zones for which my server is authoritative. This avoids having an open recursive dns server.

cyril@hybrasil.homelinux.org

Discussion

  • Jamie Cameron
    Jamie Cameron
    2007-03-20

    Logged In: YES
    user_id=129364
    Originator: NO

    At the moment, Webmin has no way to handle this kind of setup .. in fact, it would be tricky to handle in the general case, as each view could have its own include file.

    However, if you just want to prevent recursive queries from outside, why not use directives like :
    options {
    allow-recursion {
    your-internal-net;
    };
    };

     
  • Jamie Cameron
    Jamie Cameron
    2007-03-26

    • labels: 323082 -->
    • assigned_to: jcameron --> nobody
     
  • Jamie Cameron
    Jamie Cameron
    2007-03-26

    Logged In: YES
    user_id=129364
    Originator: NO

    I'm re-classifying this as a feature request, as it is rather tricky to implement..