Forum Discussion
Cirrocumulusnsupdate to modify zone in specific views.
EmployeeHello kridsana ,
nsupdate is a *nix command that doesn't support views.
When you run nsupdate remotely from a remote IP x.x.x.x, the DNS simply find a match for your remote IP and shows you the right view/file so you can modify (if you have permissions) only your view file.
You are using views to offer different resolutions, but not the same remote IP (or same TSIG Key) :)
To avoid this behavior you can configure different listeners with iRules that permit DNS requests only from the right IPs + your remote IP.
If I didn't quite understand what your scenario is, could you please detail it better?
Fabio
kridsanaPlease correct me if I'm wrong.
If I need to modify record with nsupdate (there is many record I need to update at once. zonerunner didn't do the job). on both external (public IP) and internal (private IP) views.
1. I think I need to run nsupdate from public IP remote host to change record in external views2. run nsupdate from internal IP to change record in internal views
Am I correct?- CeinarF
If you have configured "strict/classical views" yes.
If you could change a little your configuration using 2 different listeners (one for public zone and one for internal zone) you can handle the access using iRules to permit only requests from the right IPs:
- private_IPs + (remote server IP) for your internal listener
- !(private_IPs) + (remote server IP) for your external listener
In this way you don't need 2 different servers/IPs.
Fabio
