Peter van Dijk wrote: > Hello Jason, > > If your clients are end hosts (i.e. machines with the equivalent of > resolv.conf), they should always be talking to a recursor. If your ‘view’ > needs are simple (just a few overridden IPs here and there), using pre- or > postresolve in the PowerDNS Recursor would suit your needs fine.
I was hoping to make it easy and have the scripting on the authoritative server. Internal machines use the internal recursors as normal, and the auth server replies with the appropriate data. External clients hitting the auth servers would only get the external view. The data is distinct, there aren't any overlaps.. It's really just a security by obscurity layer. In addition to all of the "real" security layers as well... > Kind regards, -- --------------------------- Jason 'XenoPhage' Frisvold [email protected] --------------------------- "Any sufficiently advanced magic is indistinguishable from technology.\" - Niven's Inverse of Clarke's Third Law _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
