DNS Views Processing
DNS Views allow a name server to segregate the data and provide a different view of the data based on the clients accessing it. When DNS receives a DNS request, the request is processed to associate it with a DNS view. The association is performed by matching the client source and/or destination address to the source and destination ACLs configured on the view. Views are matched in priority order with the lowest non-zero priority being matched first. Once a request is matched to a DNS View, only the data in that view is available to the request. There is a one-to-one mapping between zones and views—a zone can only exist in one view. If the zone must exist in more than one view, make copies of the zone and associate with different views.
If you have an interval view and an external view, a typical setup is to set the priority of the internal view to one and set the ACLs (typically acl-match-clients) to match the criteria for internal clients. For the external view, leaving the default priority and ACLs will allow all requests not matching the interval view to match the external view.
Note |
Getting a NOTAUTH rcode response when DNS Views are configured, typically indicates that the request matched a view where the zone does not exist. |
Note |
The auto-view detection is only applicable for Cisco Prime Network Registrar servers. |
Views for the DNS client servers such as Caching DNS, Secondary DNS, Primary for Notifies, DHCP, and so on, are easily defined with minimal configuration.
Views that do not have any associated zones are still processed and may leave clients associated with empty views. Therefore, it is important to avoid creating views that are not being used.