Configure an IPsec tunnel in the clients and run IPSec on the namespaces and block port 53 without IPSec. I actually presented a simple IKEv2 libreswan config to do song from android/iPhone
Sent from my iPhone > On Jul 29, 2015, at 00:42, Ian Maddison <[email protected]> wrote: > > I’m looking for a way to run a recursive name server on a public IP address > restricted to pre-configured roaming clients. > > Is, or will it be feasible to leverage DANE-TA to reliably authenticate both > the clients and server in order to run this type of service ? > > — > Ian Maddison > _______________________________________________ > dane mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dane _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
