On Mon, Jan 17, 2005 at 04:40:59AM +0100, Fredrik Tolf wrote: > I was thinking about adding local hints to our own reverse zones to our > Bind configs to make reverse lookups work just between our own networks, > but that will be extremely difficult at best, since he has a dynamic IP. > We can figure out how to update the forward zones when his IP changes, > but since updating the reverse zones involves creating an entire new > zone each time, that solution feels a bit hopeless... :-(
Making a new zone is not particularly harder than updating an existing sone. It will lead to a bunch of useless reverse zone files, but you could write a script to clean those up too. I am assuming that you are running your own DNS servers here; if not, I am not sure what you would do. If you are running your own DNS server, you still have to tread carefully when making yourself the primary source of reverse DNS information, but I think you should be able to do it. (You should even be able to set up something that does the updates automatically; I would use Net::DNS in Perl to do this, but I am sure there are plenty of fine solutions.) > So, is there anyone who has experienced a similar situation before and > solved it? Is there, by any chance, another way of letting Kerberos > canonicalize service principal names? I've never had to deal with this personally, nor do I know of another way to canonicalize service principal names; I just happen to have been doing a lot of work with DNS recently. :) Best of luck, -r.
signature.asc
Description: Digital signature
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
