Hi Donika,
I would recommend adding dnsdist proxy on top of BIND 9. I believe it has all
the tools you need (TCPRule as selector and TCAction to truncate).
You can run dnsdist on external interface and named on localhost. Using the
right tool for the job is half of the success ;)
Ondřej
--
Hello Petr,
This setup was not meant to address a specific problem or be implemented
in a production situation. I am running an experiment
and one of the criteria was for clients to connect with us via tcp only.
I don't have control on the clients (only nameserver) and relying on
whether
I should be clearer about this. The media devices send a lot of traffic.
They manipulate the wifi landscape in proprietary (remember the TCP
throughput wars 20+ years ago?) or at least unexpected ways.
Stupid wifi access point follows "conventional wisdom" and drops UDP
traffic. Doesn't
Exactly!
On Thu, 30 Sep 2021, Carl Byington wrote:
On Thu, 2021-09-30 at 16:30 -0700, Fred Morris wrote:
https://github.com/m3047/tcp_only_forwarder
So what exactly are the media devices doing to screw up dns resolution
between the osx laptop and the local dns server?
Dropping UDP
Hi Donika,
I think it can be partially archieved by options use-vc in
/etc/resolv.conf on end clients. But I doubt every software would
process this flag, only part of them would use it. I doubt many daemons
doing direct DNS queries would follow such configuration.
Can you share why you are even
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thu, 2021-09-30 at 16:30 -0700, Fred Morris wrote:
> https://github.com/m3047/tcp_only_forwarder
So what exactly are the media devices doing to screw up dns resolution
between the osx laptop and the local dns server?
-BEGIN PGP
Hi there. Media devices and a crappy SOHO wifi AP? I know that feeling.
;-)
On Thu, 30 Sep 2021, Donika Mirdita wrote:
I have set up a nameserver and I would like to force all future client
requests to TCP only.
You can't really. You can try, by setting TC, but if the clients never
see the
Hello,
I have set up a nameserver and I would like to force all future client
requests to TCP only.
Essentially, one scenario would be for all UDP requests to be countered
with a packet that has the TC bit set so the connection
is retried via TCP. I want this rule to be applicable to all
8 matches
Mail list logo