"Travis H." <[EMAIL PROTECTED]> writes: > The TTL is controlled by the authoritative name server, though. And > what about dynamic DNS?
I wouldn't want to go there. The domain name system is fairly good at what it was designed to do, unfortunately firewall configs did not enter into the equation at the time. > That is a good idea. I also have been thinking of equipping > dfd_keeper with a periodic refreshing of rules (which would force > periodic lookups to catch changes in dynamic DNS hosts). This would still be vulnerable to failure in name resolution unless handled properly. Done right it sounds rather attractive though. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds.
