[question] dig command support +subnet
Description
25-Nov-2022 23:30:32.924 running on Linux x86_64 3.10.0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020
25-Nov-2022 23:30:32.924 built with '--prefix=/usr/local/bind-9.18.9' '--enable-largefile' '--enable-epoll' '--enable-full-report' '--disable-doh' '--enable-dnsrps-dl' '--enable-dnsrps'
25-Nov-2022 23:30:32.924 running as: named -c named.conf -fg
25-Nov-2022 23:30:32.924 compiled by GCC 4.8.5 20150623 (Red Hat 4.8.5-39)
25-Nov-2022 23:30:32.924 compiled with OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
25-Nov-2022 23:30:32.924 linked to OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
25-Nov-2022 23:30:32.924 compiled with zlib version: 1.2.7
25-Nov-2022 23:30:32.924 linked to zlib version: 1.2.7
25-Nov-2022 23:30:32.924 ----------------------------------------------------
25-Nov-2022 23:30:32.924 BIND 9 is maintained by Internet Systems Consortium,
25-Nov-2022 23:30:32.924 Inc. (ISC), a non-profit 501(c)(3) public-benefit
25-Nov-2022 23:30:32.924 corporation. Support and training for BIND 9 are
25-Nov-2022 23:30:32.924 available at https://www.isc.org/support
# cat named.conf
... ...
... ...
options {
listen-on port 353 { any; };
listen-on-v6 port 353 { any; };
directory "/root/edns/named";
allow-query {
any;
};
allow-recursion {
any;
};
empty-zones-enable no;
pid-file "/root/edns/named/run/named.pid";
};
view "aaa" {
match-clients {
10.105.0.0/16;
};
zone "abc.com" {
type master;
file "aaa/abc.com";
};
};
view "bbb" {
match-clients {
10.106.0.0/26;
};
zone "abc.com" {
type master;
file "bbb/abc.com";
};
};
view "idc-default" {
match-clients {
any;
};
zone "abc.com" {
type master;
file "any/abc.com";
};
};
# cat named/aaa/abc.com
... ...
www 600 IN TXT aaa
# cat named/bbb/abc.com
www 600 IN TXT bbb
# cat named/ccc/abc.com
www 600 IN TXT ccc
dig
# dig @127.0.0.1 -p 353 txt.abc.com txt +subnet=10.105.2.2
; <<>> DiG 9.18.9 <<>> @127.0.0.1 -p 353 txt.abc.com txt +subnet=10.105.2.2
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7948
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 075abe1b7a9c177a010000006380ded9dc3ca0fc1bae43d4 (good)
; CLIENT-SUBNET: 10.105.2.2/32/0
;; QUESTION SECTION:
;txt.abc.com. IN TXT
;; ANSWER SECTION:
txt.abc.com. 600 IN TXT "any"
;; Query time: 1 msec
;; SERVER: 127.0.0.1#353(127.0.0.1) (UDP)
;; WHEN: Fri Nov 25 23:27:21 CST 2022
;; MSG SIZE rcvd: 99
Request
I expect +subnet=10.105.2.2, return aaa, but returned any
# dig @127.0.0.1 -p 353 txt.abc.com txt +subnet=10.105.2.2
any
I expect +subnet=10.106.3.3, return bbb, but returned any
# dig @127.0.0.1 -p 353 txt.abc.com txt +subnet=10.106.3.3
any
How do I change named.conf?