-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Tue, 2017-01-03 at 16:35 -0800, Nex6 wrote: I have a very specific issue, where a partner org, wants me to add an > SRV record for there org. (i dont want to)
If I understand the question, we have nex6.example.com -- under your dns control partner.example.com -- dns under the control of your partner, and they want *you* to see something like: _http._tcp.partner.example.com. SRV 0 5 80 www.example.com. but they don't want to add that record in their own partner.example.com zone where it would be visible to the world. You could use RPZ on your recursive resolvers for that, to add that SRV record into their zone (assuming that they are not DNSSEC signing their zones). Of course, that record would then be visible to all of your users, not just the ones using that application. But does the existance of that extra SRV record hurt any of those users? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEAREKAAYFAlhsTkIACgkQL6j7milTFsGwfACeNi6U4lBSKetOjHZ6yk1fnZF3 4+gAn2JwvxmNv8fksTd20Y8mW+o7QOdZ =Snhu -----END PGP SIGNATURE----- _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users