--- # openforwarder view, mirrored from puppet /etc/named/views.conf. # match-clients gates access to internal networks; recursion/query are 'any' # within the view since match-clients already restricts who reaches it. apiVersion: bind.unkin.net/v1alpha1 kind: BindView metadata: name: openforwarder namespace: bind-internal spec: clusterRef: bind-resolvers order: 100 matchClients: - acl-main.unkin.net - acl-nomad-jobs - acl-common - acl-dmz recursion: true allowQuery: - any extraOptions: - "allow-recursion { any; }" - "allow-query-cache { any; }"