Michelle Konzack wrote:
>
> In general, I need ONLY the contry code for a given IP but I a not
> disinclined to put more infos in the database.
>
> [michelle.konz...@michelle1:~] host 188.66.4.62.geoip.tamay-dogan.net
> 188.66.4.62.geoip.tamay-dogan.net is an alias for de.geoip.tamay-doga
Michael Milligan wrote:
> You just don't get it. You are off wandering around in the weeds.
>
> Read the tail end of Chapter 5 in the book "DNS and BIND" describing the
> MX selection algorithm in layman's terms to (perhaps) understand why
> having MX records referencing CNAMEs is bad.
>
> It ma
configure: error: 'libbind' is no longer part of the BIND 9 distribution.
It is available from http://www.isc.org as a separate download.
%<
I'm unable to locate libbind on www.isc.org. Can someone point at the tarball?
Thanks!
___
bind-users m
Thanks, the suggestion below looks like it might be what I'm looking for.
ds
> You can in fact set up the environment I described using views. Just
> have the private view forward to the internet view. The following
> resolving name server will ignore referrals to private name servers
> for outsi
[EMAIL PROTECTED] wrote:
>>> A border router knows what is "inside" and "outside" your network, while
>>> a DNS server does not. Important difference.
>> You're missing the point. This is not about inside and outside networks, it
>> is about rfc1918 responses from internet queries.
>
> I'm afraid
> However, if you're concerned, it's pretty easy to set up a more secure
> infrastructure. Put a resolver (resolving name server) at the edge of
> your network (in a DMZ, presumably) that knows nothing of internal
> domains (nor IP address space). It refuses to send queries to private
> addresses,
[EMAIL PROTECTED] wrote:
>> A good border router will do a few things for network hygiene. It will
>> filter
>> incoming packets that have a source address from the internal network, and it
>> will filter outgoing packets that don't have a source IP in the internal
>> network.
>>
>> A DNS server
>> I'm looking for a way to set a policy that named wont
>> query
>> rfc1918 nameserver addresses returned from a non-rfc1918 query.
>> Would this be
>> a bad policy?
>
> You could use netmasks with your server statements, like this:
>
> server 10.0.0.0/8 {
> bogus yes;
> };
>
> server 1
Mark Andrews wrote:
> In message <[EMAIL PROTECTED]>, David Sparks writes:
>> Problem: when querying asdf.ad.rice.edu, bind sends queries into my local
>> network (specifically to 10.129.92.100, which is not a ns) which I find
>> undesirable.
>
> Mark th
Problem: when querying asdf.ad.rice.edu, bind sends queries into my local
network (specifically to 10.129.92.100, which is not a ns) which I find
undesirable.
Is there any way to disable this behavior? Is it expected that bind queries
rfc1918 nameserver addresses from non-rfc1918 queries? I woul
10 matches
Mail list logo
