named.conf with View Statements:Edit the named.conf file:
[root@dlp ~]# vi /etc/named.conf
Add the following configuration:
...
...
# add : set ACL entry for local network
acl internal-network {
10.0.0.0/24;
};
options {
# change ( listen all )
listen-on port 53 { any; };
# change if need ( if not listen IPv6, set [none] )
listen-on-v6 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
# add local network set on [acl] section above
# network range you allow to receive queries from hosts
allow-query { localhost; internal-network; };
# network range you allow to transfer zone files to clients
# add secondary DNS servers if it exists
allow-transfer { localhost; };
...
...
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
include "/etc/crypto-policies/back-ends/bind.config";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
# change all lines follows
# set internal network zones
view "internal" {
match-clients {
localhost;
internal-network;
};
zone "." IN {
type hint;
file "named.ca";
};
zone "emc.world" IN {
type master;
file "emc.world.lan";
allow-update { none; };
};
zone "0.0.10.in-addr.arpa" IN {
type master;
file "0.0.10.db";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
};
# set external network zones
view "external" {
# match all except targets defined on [match-clients] on internal section
match-clients { any; };
allow-query { any; };
# not allow recursive queries
recursion no;
zone "emc.world" IN {
type master;
file "emc.world.wan";
allow-update { none; };
};
zone "80.0.16.172.in-addr.arpa" IN {
type master;
file "80.0.16.172.db";
allow-update { none; };
};
};
...
...
named.conf above, refer to here.Now, your BIND DNS server is configured with View Statements to handle both internal and external network zones. You can proceed with the zone file configurations as mentioned in your original documentation. Make sure to reload or restart the BIND service after making these changes to apply the configuration.