| ... | ... | @@ -225,3 +225,52 @@ template: |
|
|
|
|
|
|
|
# zone: ...
|
|
|
|
```
|
|
|
|
|
|
|
|
### Zone transfers with views (another variant)
|
|
|
|
|
|
|
|
Master server configuration:
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
key:
|
|
|
|
- id: int_key
|
|
|
|
algorithm: hmac-sha256
|
|
|
|
secret: vZNKk2r/iuybafZ1mjpEHnzaThr/xcTSBLtOmOHVtbo=
|
|
|
|
- id: ext_key
|
|
|
|
algorithm: hmac-sha256
|
|
|
|
secret: HVo02ON60KDJneMIpKksSqCWa4w5CwE44U45aIpGfv8=
|
|
|
|
|
|
|
|
acl:
|
|
|
|
- id: int_xfr
|
|
|
|
key: int_key
|
|
|
|
address: 172.16.100.0/8
|
|
|
|
action: transfer
|
|
|
|
- id: ext_xfr
|
|
|
|
key: ext_key
|
|
|
|
address: 172.16.100.0/8
|
|
|
|
action: transfer
|
|
|
|
- id: int_query
|
|
|
|
address: [ 192.168.0.0/16, 10.0.0.0/8 ]
|
|
|
|
action: query # The 'query' action is default just for zone acl if no views are configured.
|
|
|
|
|
|
|
|
view:
|
|
|
|
- id: internal
|
|
|
|
priority: 0
|
|
|
|
acl: [ int_query, int_xfr ]
|
|
|
|
- id: external
|
|
|
|
priority: 99
|
|
|
|
acl: [ ext_xfr ]
|
|
|
|
|
|
|
|
template:
|
|
|
|
- id: default
|
|
|
|
file: "/var/lib/knot/int_%s.zone"
|
|
|
|
view: [ internal ]
|
|
|
|
- id: external
|
|
|
|
file: "/var/lib/knot/ext_%s.zone"
|
|
|
|
view: [ external ]
|
|
|
|
|
|
|
|
zone:
|
|
|
|
- domain: acme.test@ext
|
|
|
|
template: external
|
|
|
|
- domain: acme.test
|
|
|
|
- domain: int.acme.test
|
|
|
|
``` |
|
|
\ No newline at end of file |
