Paul, On 07/24/2018 10:10 AM, Paul Vixie wrote:
i also use real domains for my private stuff. but i also use RPZ locally for the internal bindings,
Do you leverage anything like Dynamic DNS updates in conjunction with DHCP? If so, how well does that play with the configuration that you're using?
not NS RR delegations that i'd have to keep out of my externally-served zone files.
Is there a best practice around this method of delegating to sub-domain(s) that are inaccessible to the public?
Is it better to return NODATA or NXDOMAIN to global clients querying for host.sub-domain.example.net? Or is there a different error that can be returned to indicate no access?
I guess there's always delegating to a server that is inaccessible externally too.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
