Hammers and nails...
On Tue, 16 Mar 2021, Marki wrote:
On 3/13/2021 12:11 AM, Tony Finch wrote:
Marki wrote:
But if you need granular filtering, that could become a lot of views...
Yes, I think RPZ is really designed to be a ban hammer [...]
Standard DNS server software (not only Bind)
On 3/13/2021 12:11 AM, Tony Finch wrote:
Marki wrote:
But if you need granular filtering, that could become a lot of views...
Yes, I think RPZ is really designed to be a ban hammer for dealing with
abuse, rather than a general-purpose access control mechanism. If you need
to get really fancy t
Marki wrote:
>
> But if you need granular filtering, that could become a lot of views...
Yes, I think RPZ is really designed to be a ban hammer for dealing with
abuse, rather than a general-purpose access control mechanism. If you need
to get really fancy then you should look at dnsdist which can
On 3/9/2021 10:21 PM, Tony Finch wrote:
Marki wrote:
I'm not sure about the flexibility of RPZ; it doesn't seem that I can
have rules like "client 1.2.3.4 is allowed to look up example.com but
client 1.2.3.5 is not".
You can have multiple response-policy zones, which are matched in the
order t
Marki wrote:
>
> Concerning static-stub: Using a (bogus) forwarder together with "forward
> first" (default) seems to work (Note: using "forward only" gives SERVFAIL).
> All outside requests get a SERVFAIL even with "forward first" but that's an
> esthetic problem.
Yes, SERVFAIL is ugly - I shoul
On 3/9/2021 6:03 PM, Tony Finch wrote:
Marki wrote:
I am seeking a combination of either a combined configuration on one, or a
config of several different DNS servers together to achieve the following:
* Some clients should be able to resolve authoritative local zones as well as
some forwarded
Marki wrote:
>
> I am seeking a combination of either a combined configuration on one, or a
> config of several different DNS servers together to achieve the following:
>
> * Some clients should be able to resolve authoritative local zones as well as
> some forwarded zones.
>
> * Other clients sho
Where is it sending recursive queries if it owns the root?
On Sun, Mar 7, 2021 at 3:06 AM Marki wrote:
> I tried that. When you configure no global forwarders it's going to
> recurse because recursion needs to be enabled for the individual forwarded
> zones to work. You'd have to specify a fake
I tried that. When you configure no global forwarders it's going to recurse
because recursion needs to be enabled for the individual forwarded zones to
work. You'd have to specify a fake global forwarder which looks like a hack.
On March 7, 2021 10:09:49 AM GMT+01:00, Crist Clark
wrote:
>Two v
Two views. The view that does not do internet DNS claims authority for the
root and does not global forward. The entire DNS is just the zones defined
in the view, which can be authoritative or forwarded. The other view has
the global forward-only to upstream resolvers.
On Sat, Mar 6, 2021 at 3:34
I'm not sure:
> Some clients should be able to resolve authoritative local zones as
well as some forwarded zones.
And only that. "forward only;" doesn't cut it, in case you mean the
global option. That would still forward everything else somewhere else.
The requirement is to _only_ resolve l
forward only;
On Fri, Mar 5, 2021 at 5:19 PM Marki wrote:
> Hello,
>
> I am seeking a combination of either a combined configuration on one, or
> a config of several different DNS servers together to achieve the
> following:
> * Some clients should be able to resolve authoritative local zones as
Am 25.10.2016 um 06:16 schrieb Nick Edwards:
On Tue, Oct 25, 2016 at 7:11 AM, Reindl Harald mailto:h.rei...@thelounge.net>> wrote:
i don't understand your question
Since you have NOTHING to do with ISC or even remotely with
bind, if you
dont understand ,
On Tue, Oct 25, 2016 at 7:14 AM, Reindl Harald
wrote:
>
>
>
> this is a public mailing list - so what!
>
> when someone don't yet get the connection between nameservers, webserver
> and ip-addresses he is not ready to connect public servers and that's
> completly independent of the fact you ra el
On Tue, Oct 25, 2016 at 7:11 AM, Reindl Harald
wrote:
>
> i don't understand your question
>>
>>
>> Since you have NOTHING to do with ISC or even remotely with bind, if you
>> dont understand , LEAVE IT TO SOMEONE WHO DOES
>>
>
> and YOU have something to do with ISC?
> i doubt!
>
> since i m
Am 24.10.2016 um 22:45 schrieb Nick Edwards:
On Tue, Oct 25, 2016 at 12:42 AM, Reindl Harald mailto:h.rei...@thelounge.net>> wrote:
don't get me wrong but that question shows that you are not ready to
run a public dns server - there is no "local" or
when you make statements like th
Am 24.10.2016 um 22:42 schrieb Nick Edwards:
On Tue, Oct 25, 2016 at 12:11 AM, Reindl Harald mailto:h.rei...@thelounge.net>> wrote:
identical like the first one
Which IP should be use?
i don't understand your question
Since you have NOTHING to do with ISC or even remotely
On Tue, Oct 25, 2016 at 12:42 AM, Reindl Harald
wrote:
>
>
>
>>
> don't get me wrong but that question shows that you are not ready to run a
> public dns server - there is no "local" or
>
when you make statements like that to be sure you include the fact you have
NOTHING to do with ISC or bind.
On Tue, Oct 25, 2016 at 12:11 AM, Reindl Harald
wrote:
> identical like the first one
>
> Which IP should be use?
>>
>
> i don't understand your question
>
>
Since you have NOTHING to do with ISC or even remotely with bind, if you
dont understand , LEAVE IT TO SOMEONE WHO DOES
but you just cant
named virtual hosts anybody - you can run thousands of domains on a
single IP
understood Harld :)
cheers
Pol
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.i
Am 24.10.2016 um 16:35 schrieb Pol Hallen:
so what are your real questions?
P.S.: you need more than one DNS server for a public domain which must
not run on the same network
I have to register some domains: example.com, example.ue, example.net,
exampe.org, etc.
on my server I've also apach
so what are your real questions?
P.S.: you need more than one DNS server for a public domain which must
not run on the same network
I have to register some domains: example.com, example.ue, example.net,
exampe.org, etc.
on my server I've also apache web and I'd like have internet site based
Am 24.10.2016 um 14:40 schrieb Pol Hallen:
Hello all, after weeks studying bind I'm here with a question:
I'd like have my own bind authority server for some domains. I just
configured my first zone (ie: www.example.org) with static IP of my DSL.
Everything works :-)
If I register another FQD
23 matches
Mail list logo
