Forum Discussion
CirrusZonerunner : creating an internal DNS view and need to limit source networks
Hi All,
I have two DNS zones: one existing for external use and I need to create another named the same for internal use only.
-
When creating a new internal view via ZoneRunner, how do I populate the Options field when the new 'internal' view is only to be used by specific networks (eg. 1.1.0./24 and 2.2.0.0/24 etc).
-
Should this new 'internal' view be placed higher in the view order above the existing 'external' view since the external view has a 'match-clients any' statement?
Thanks for your assistance.
1 Reply
youssef1Cumulonimbus
Hi Curious,
In fact, you have 2 views internal and external. As you said when you create a view, you have the avaibility to set:
match-clients { "zrd-acl-000-000"; any; };it will determine how have the right to request this zone.
The important point is the view order, in your case you have to set-
- First internal view (set view order to First)
- Then external view (set external view to Last or after)
https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-concepts-11-3-0/4.html
View order acting as a firewall rules first match if condition match...
Hope it's clear. let me now if you need addtional info
regards
