From owner-FreeBSD-users-jp@jp.freebsd.org  Thu Nov  2 21:46:50 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id VAA72013;
	Thu, 2 Nov 2000 21:46:50 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from ns1.tsuru.net (ns1.tsuru.net [210.157.230.161])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id VAA72008
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 2 Nov 2000 21:46:49 +0900 (JST)
	(envelope-from tsuru@tsuru.net)
Received: from localhost (localhost.tsuru.net [127.0.0.1])
	by ns1.tsuru.net (8.11.1/3.7W) with ESMTP id eA2Clwg87875
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 2 Nov 2000 21:47:58 +0900 (JST)
Date: Thu, 02 Nov 2000 21:47:58 +0900 (JST)
Message-Id: <20001102.214758.122732131.tsuru@tsuru.net>
To: FreeBSD-users-jp@jp.freebsd.org
From: Hiroaki Tsuruoka <tsuru@tsuru.net>
In-Reply-To: <20001031232824D.kobayasi@mail.grove.kutc.kansai-u.ac.jp>
References: <20001031205717-24225N.uchiyama@pp.iij4u.or.jp>
	<20001031232824D.kobayasi@mail.grove.kutc.kansai-u.ac.jp>
X-Mailer: Mew version 1.95b43 on XEmacs 21.1 (Capitol Reef)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: FreeBSD-users-jp 56617
Subject: [FreeBSD-users-jp 56617] split DNS of bind-9.0.0
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: tsuru@tsuru.net

$BDa2,!w1'OBEg;T$G$9!#(B
FreeBSD-4.1.1stable$B$r;H$C$F!"(Bbind$B$r(B8.2.3-T5B$B$+$i!"(B9$B7n$K%j(B
$B%j!<%9$5$l$?(Bbind-9.0.0$B$r;n$7$F$$$k$H$3$m$G$9!#(B
$B$H8@$$$^$9$N$b(Bbind-9.0.0$B$K$h$C$F!"0lBf$N%[%9%H$G0l$D$N(Bnamed
$B$rN)$A>e$2$F(Bsplit (brain) DNS$B$,=PMh$k$i$7$$$HJ9$$$?$+$i$G$9!#(B
$B$7$+$b(Bprivate$B$N(Bzone$B>pJs$,30$K=P$J$$$H$+!#(B
$BK\Ev$G$7$g$&$+!#$A$g$C$H<+?.$,$"$j$^$;$s!#(B

$B;d$NL\E*$O!"(B
Internet --------- firewall --------- private network
firewall$B$O(Bdual home host$B$H$7$F(Bipfw$B!"(Bnatd$B$rF3F~(B)
$B$N4D6-$G!"(Bfirewall$B5!$K(Bname server$B$rF3F~$7$F(Bglobal $B%[%9%H$+$i$O(B
$B30$NL>A00z$-$@$1!"Fb$+$i$O!"Fb!"30$NL>A00z$-$,$G$-$k$h$&$K$7$?(B
$B$$$3$H$G$9!#(B

$B%=!<%9$N%I%-%e%a%s%H$r8+$F0J2<$N$h$&$K@_Dj$7$F$$$^$9!#(B
ns1: {34} cat /etc/namedb/named.conf

acl internals { 192.168.1.0/24; };
acl externals { xxx.yyy.zzz.160/28; };

options {
	directory "/etc/namedb";
	allow-transfer { none; };
	allow-query {internals; externals; };
	allow-recursion { internals; externals; };
	auth-nxdomain  yes;
};

zone "." {
	type hint;
	file "named.root";
};

zone "localhost" {
	type master;
	file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" {
	type master;
	file "localhost.rev";
};

# $B308~$1$N(Bdb
zone "tsuru.net" {
	type master;
	file "tsuru.zone";
	allow-query { any; };
	allow-transfer { internals; externals; };
};

zone "160A.zzz.yyy.xxx.in-addr.arpa" {
	type master;
	file "tsuru.rev";
        allow-query { any; };
        allow-transfer { internals; externals; };
};

# $BFb8~$1$N(Bdb
zone "n.tsuru.net" {
	type master;
	file "in/n.tsuru.zone";
	allow-query { internals; localhost; };
	allow-transfer { internals; localhost; };
};
zone "1.168.192.in-addr.arpa" {
	type master ;
	file "in/n.tsuru.rev";
        allow-query { internals; localhost; };
        allow-transfer { internals; localhost; };
};

zone$B$4$H$K%"%/%;%9$N5v2D!"5qH]$,$G$-$k$N$G$7$g$&$+!#(B
options$B$N%k!<%k$,A4$F$N(Bzone$B$KE,1~$5$l$k$N$G$7$g$&$+!#(B
$B:#$N$H$3$mLdBj$J$/F0:n$7$F$$$k$h$&$K$_$($k$N$G$9$,!"(B
$B<+J,$NL5CN$G!"B>$N%5%$%H$KLBOG$r$+$1$F$$$J$$$+?4G[(B
$B$7$F$*$j$^$9!#(B

		     /* $BDa2,(B $BM5><(B (E-Mail: tsuru@tsuru.net ) */

