BIND, in-view and dynamic updates

Question

I have one zone in two views in BIND 9.10, sharing the same information via "in-view":

Zone included in view A:

zone "foo.tld" in {
    type master;
    allow-update {
        key "some.key.id";
    };
    file "pri/pri.foo.tld";
};

Zone included in view B:

zone "foo.tld" in {
    in-view A;
};

The problem: Dynamic updates via the key does work if the requester is reaching view A (e.g. from internal network), but not if the request is made within view B (e.g. from external).

I tried an "allow-update-forwarding" in zone, this is not allowed. Using it in the view definition, it does not help.

Any ideas?

Answer 1

I saw this guidance in a thread titled: BIND-9.10.2-P4: Cannot use in-view to refer to RPZ zone definitions: "'$RPZ_ZONE' is not a master or slave zone" which had this suggestion/guidance:

If you remove the "allow-update { any; };" named doesn't treat the file as writeable. It's not file permissions. It's whether named will potentially update the file itself or not.

I'd try removing that from the A view.

zone "foo.tld" in {
    type master;
#    allow-update {
#        key "some.key.id";
#    };
    file "pri/pri.foo.tld";
};

References

• BIND-9.10.2-P4: Cannot use in-view to refer to RPZ zone definitions: "'$RPZ_ZONE' is not a master or slave zone"
• Updates to a BIND dynamic zone that is shared between views delayed