On Jun 11, 2019, at 2:59 PM, Jacques Latour <[email protected]> wrote: > In trying to setup our secure home gateway project to have the external zone > & primary DNS server setup and managed on the gateway itself and to XFR back > to secondary name servers somewhere turned out not be functional or > practical, first, the gateway does not know for sure which external NS are > use by the secondary DNS service, second, the IPs of the WAN port might not > be the internet facing IPs and this could break inbound connectivity. We’re > looking at using dynamic DNS updates for things that need internet > connectivity, and have the primary DNS server on the main land. TSIG & DNS > over TLS look like a good option to look at.
Have you looked at draft-ietf-dnssd-srp (https://tools.ietf.org/html/draft-ietf-dnssd-srp-01 <https://tools.ietf.org/html/draft-ietf-dnssd-srp-01>)?
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
