Is it possible to filter users by ip for a specific network in Bind9?

G

good_sefore2020-09-04 07:04:54

linux

good_sefore, 2020-09-04 07:04:54

Let me explain: for example, there is a network with an external ip address 205.67.89.01. It contains devices with local ip addresses 192.168.1.2, 192.168.1.3, 192.168.1.4, etc. And there is a Bind9 server with an external ip address 56.34.77.129. All devices access this server. Is it possible in this situation to make it so that for, say, some local ip addresses, the server returns one response, and for others - another?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

H

hint000, 2020-09-04
@hint000

so that for, say, some local ip addresses, the server returns one response, and for others - another

No , because for him they will all be under the same external 205.67.89.1, he will not be able to distinguish between them .
But if the network beyond 56.34.77.129 is under your control, then yes . Then you can forward the VPN between the two networks, and 192.168.1.2, 192.168.1.3, 192.168.1.4 will be able to go to Bind directly with their local addresses through the VPN, without NAT. And then you can contrive to configure Bind so that it gives different answers to different clients.

A

Alexander, 2020-09-04
@UPSA

No. The answer has already been))) But this is if one server (one ip address).
Then I'll say yes. Can. If you install more Bind9 servers. In each register who has the right to read the zone.
Generally that for local users it is better to keep the server in a local area network.