On Mon, Oct 04, 2010 at 11:30:03AM +0200, Kalman Feher wrote: > >> > >> probably it was not thought because it's wrong. > > > > This point is getting religious now, IMHO. > Bear in mind that your rationale is based on getting an inaccessible DNS > server to return information that a client has correctly asked for. I can't > imagine a situation where there'll be a strong desire to codify that kind of > set up. If your DNS server is not accessible to clients that need to query > it for data, your set up is wrong. That isn't religious, that is practical > reality.
I was more with with lack of arguments or explanations. So thank you for writing a few words about it. I am completely with you for all practical aspects. However, I am still surprised that reverse-proxy-functionality causes that much irritation. For other protocols, esp. in the days of NAT, it is common practice, although most likely still not a clean design. > >> > >>>> less palatable option: > >>>> > >>>> 1. Make the other DNS software available on another IP. So normal DNS > >>>> behaviour works. > >>> > >>> Hm, this is not too easy in practice, but of course optimal solution. > >>> IPv6 will help here, I hope. > >> > >> I don't think this will solve the problem, it will just be a workaround for > >> it. > > > > With IPv6, I see much better chances of having more than one > > address available, which would make the best architectural solution > > a practical one as well. > I think you need to consider your architectural design in a different light. > Address availability is not your problem. Your solution seems to be a work > around built on a work around. Ask yourself: "am I using DNS to fix a > problem or shortcoming in another system?". If yes, fix the other system > instead. Yes, this a fix for undesired behaviour of another system, if you want to put it like this. Unfortunately, the other system is out of influence. I was wondering if there is an easy support in bind for this kind of situation. Obviously, there is none. No problem with that. It is a cornercase, and, as you (and others) pointed out, not a clean design anyway. At least, I appreciate the clear view how things should be. If you think it is abuse the transport real-time data with DNS, I am ok with that. Maybe studying the sources helps me for practical matters. > To be more accurate, the reasons people think they need a TTL of 0 indicate > they are using DNS incorrectly. Often it is an attempt at working around the > restrictions of other systems. Hence the guess at load balancing. What data > are you providing that changes second to second and must be provided using > DNS? I am thinking of situations where no real connectivity is available but just DNS, and am currently trying to find out how well bind combines with anything-over-dns implementations. Hence the separate server software. Bye, Joerg _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
