I am setting up two small isolated networks. Neither of these networks will have an Internet connection. I am trying to provide DNS and DHCP to both networks via a single Ubuntu server I have available, and while DHCP is working file, I have never set up BIND before.

Following the DNS Howto guide, I edited named.conf.local and told it to look for the configurations to my two domains (network1.local and network2.local) in /etc/bind/db.network1.local and db.network2.local. Btw, network1.local is on eth0, network2.local is on eth1.

I then went ahead and copied db.local to each of those two files and edited them to provide an A record for the nameserver itself, ns.network1.local.

However, I see nothing in the configuration that would prevent hosts on network1 from receiving DNS resolution for names on network2.local. What can I do to prevent this from occurring? Is there any way to bind BIND (ugh) to a single domain for each interface?

Perhaps a better question would be, should I do this? Or is there a better way of hosting two zones via each NIC? Should I use something other than BIND?

  • 3,242
  • 8
  • 37
  • 44

1 Answers1


I'm winging this off of something I set up for myself a few years ago, but you could use views to separate the domains you server. I used this so I could provide my RFC1918 addrs to my local clients and my public addresses to public clients, but I think it would work for what you want to do.

Something like this (assuming clients on network1.local are using and clients on network2.local are using

view "network1" {
  match-clients {; };
  zone "." { type hint; file "hints/named.root"; };
  zone "0.0.127.in-addr.arpa" { type master; file "zones/localhost.rev"; };
  zone "0.168.192.in-addr.arpa" { type master; file "zones/0.168.192.rev";
                       allow-transfer {; }; };
  zone "network1.local" { type master; file "zones/network1.local";
                       allow-transfer {; }; };

view "network2" {
  match-clients {; };
  zone "." { type hint; file "hints/named.root"; };
  zone "0.0.127.in-addr.arpa" { type master; file "zones/localhost.rev"; };
  zone "1.168.192.in-addr.arpa" { type master; file "zones/1.168.192.rev";
                       allow-transfer {; }; };
  zone "network2.local" { type master; file "zones/network2.local";
                       allow-transfer {; }; };

I can't remember if there's more to it than that but that should give you a toehold on it. Good luck.

  • 11,038
  • 1
  • 36
  • 50
  • This is pretty much what I was looking for, thanks! It also led me to this howto, which seems to be a simpler example of what you have: http://www.howtoforge.com/two_in_one_dns_bind9_views. +1 and accepted. – romandas Aug 30 '11 at 13:15
  • Oh, and a comment for those who use that link I provided -- make sure all your zones are set up with views, including the localhost and rfc1918 ones. If you want to use views for some zones, you have to use them for all zones. Bind will error out if you don't. – romandas Aug 30 '11 at 13:43