Hello Simon, On Do, 03 Apr 2014, Simon Kelley wrote:
> On 03/04/14 08:22, Craig McQueen wrote: > > I'm using dnsmasq 2.68. It's mostly working, however I'm having a few > > troubles with PTR records when using auth-zone and auth-server. If I use > > these options, then: > > > > * PTR look-up of IP addresses defined by interface-name=example.lan,br0 > > return an answer, but the returned status is NXDOMAIN rather than NOERROR. (Coincidentally yesterday I found that problem, too) > > That's a bug, nasty one. Fix pushed to git, Thanks, works. > > > * No custom PTR records can be defined with ptr-record. > > That's behaving as documented, --ptr-record doesn't appear in the list > of data included in an authoritative zone given in the AUTHORITATIVE > CONFIGURATION section of the man page. The reason is, I think, that > PTR-records can have any name, not just w.x.y.x.in-addr.arpa. It's > therefore difficult to use the subnet(s) associated with an auth-zone to > filter them. It would be possible to filter on the name using the domain > associated with an auth zone, and filter w.x.y.x.in-addr.arpa on the > subnet. That's quite complex to understand/document/use. Obviously I'm missing something. Why cannot PTR replies be filtered on either x.y.x.in-addr.arpa / ...d.c.b.a.ip6.arpa fitting associated subnets (maybe complicated by the non-nibble IPv4 case) OR any PTR content for defined auth-zone-s? (Btw, in the documentation it sometimes reads "ipv6.arpa" instead of "ip6.arpa".) To add to the wish list: I'd really like the ability to also do AXFRs for reverse zones. Is the difficulty to enumerate the records? Usage is an DNSSEC signing front-end server. Another question: dnsmasq is not sending NOTIFYs, is it? Regards, Lutz -- Lutz Preßler, Göttingen, Germany _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
