Re: [dns-operations] Any DNAME usage experience?

Viktor Dukhovni Sun, 29 Mar 2020 12:23:02 -0700

On Sun, Mar 29, 2020 at 12:35:15PM -0400, John Levine wrote:

> I have to say that at this point my advice is don't bother.  Whatever
> problem you hope DNAMEs will solve, they won't.


I see some administrators succesfully using DNAMEs to retarget
the entire "_tcp" subtree of a set of hosts to a common location.

Something along the lines of:

    _tcp.mail1.example.com. IN DNAME _dane.example.com.
    _tcp.mail2.example.com. IN DNAME _dane.example.com.
    _tcp.mail3.example.com. IN DNAME _dane.example.com.
    *._dane.example.com IN TLSA 2 1 1 ...

This works fine.

-- 
    Viktor.
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Any DNAME usage experience?

Reply via email to