Date: Mon, 28 Aug 2006 16:17:40 -0700 From: Julian Elischer <julian@elischer.org> To: Doug Barton <dougb@FreeBSD.org> Cc: freebsd-net@FreeBSD.org Subject: Re: possible patch for implementing split DNS Message-ID: <44F37994.8010808@elischer.org> In-Reply-To: <44F37386.4020702@FreeBSD.org> References: <44EF6E18.6090905@elischer.org> <44F3429F.6050204@FreeBSD.org> <44F344FA.1000408@elischer.org> <20060828221218.GB93062@dwpc.dwlabs.ca> <44F370F2.7080406@elischer.org> <44F37386.4020702@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Barton wrote:
>Julian Elischer wrote:
>
>
>>Duane Whitty wrote:
>>
>>
>
>
>
>>>Hi Julian,
>>>
>>>I'm no expert so I apologize in advance if I am wasting your time.
>>>
>>>I was just wondering if you could use the multiple views facility as
>>>provided by Bind 9? I'm currently using the technique to provide
>>>different views of my network depending on whether access is coming
>>>from an internal address or an external address. Perhaps I am not
>>>fully understanding the depth of the problem.
>>>
>>>
>
>
>
>>I'm not an expert on bind 9 views, but I want two sibling processs to get
>>different network views. can I do that on a freebsd6.1 machine using
>>stock gethostbyname() from libc?
>>
>>
>
>I waited to suggest this based on whatever additional information you
>provided, but it sounds like this could work, with the condition that you be
>able to identify the IP addresses (or better yet, ranges) that the different
>categories of process will be assigned to in advance; or that you could
>configure named.conf (or an include file) on the fly. And of course, all
>THIS is presupposing that you can get both views (inside and outside) on the
>same nameserver, that is available to both sets of processes.
>
>
the machine is running a proprietary name server. but I want to alter
resolv.conf to bypass this and
go elsewhere for some processes. The processes in this machine are on
one of two addresses but
there is no correlation between which address they are bound to and how
I where I want them to
go for name resolution. Anyhow, I've yet to find a way to make
gethostbyname bind to a particular
address.
It is intersting that people are suggesting tons of really complicated
solutions involving loading essoteric
softwere or setting up complicated virtual machines when listenning to a
simple environment variable
will do the trick.. For comparison, the nsswitch code in current ALREADY
listens to an environment variable
for an alternate name for /etc/nsswitch.conf..
i.e. nsdispatch.c: path = getenv("NSSWITCH_CONF");
>So, not trivial, but could possibly solve your problem.
>
>Doug
>
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44F37994.8010808>