On 11/6/22 11:12 AM, Carl Byington via bind-users wrote:
or use $clientname.66.136.193.in-addr.arpa. as the intermediate zone which has a slight advantage when the same client has multiple disjoint parts of the same /24.
I find that $CLIENTNAME or some other stand in for the client is a potential for information lek.
There is nothing inherent in the CNAME to non-identifying RNAMEs that leaks any client identifying information.
Conversely the client is in charge of what information they put in the sub-zone, so it's not the ISP leaking client identifying information.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
