Re: Why would a master zone use forwarders ?

2017-05-12 Thread Ben Croswell 
If you load foo.com on server A and delegate bar.foo.com to server B with a
global forwarder of server C you resolution will vary depending on forward
first vs forward only and forwarders {}.

With no forward {} the path for blah.bar.foo.com directed at server A will
be A > C > B
With forward {} the global forward will be short circuited for foo.com and
below resulting in a path of A > B

On May 12, 2017 11:56 AM, "Mik J"  wrote:

Thank you Ben for your answer

My server uses a global forwarding

I don't understand what you wrote
"If it is master for a foo.com and also has global forwarding it will use
the global forward for any delegated child domains under foo.com unless
they are also loaded locally."

If my DNS is autoritative, why would I use a forwarding ?

For my sub domains I use delegations
sub.mydomain.com NS ns.sub.mydomain.com
ns.sub.mydomain.com A 1.1.1.1

What's the difference between the global forward for delegated child
domains and the delegation I do ?

Thank you



Le Vendredi 12 mai 2017 15h34, Ben Croswell  a
écrit :


This would only change behavior if the server has global forwarding.

If it is master for a foo.com and also has global forwarding it will use
the global forward for any delegated child domains under foo.com unless
they are also loaded locally.  The forward{} turns off global forwarding
for that branch of the tree.

On May 12, 2017 9:27 AM, "Mik J via bind-users" 
wrote:

Hello,

If my DNS is master/slave for a zone, why would I want it to use forwarders.

In other terms why would I want
zone "mydomain.com"
{
type master;
file "zones/master/com/mydomain.com ";
allow-update { acl; };
};

Instead of (forwarders {};)
zone "mydomain.com"
{
type master;
file "zones/master/com/mydomain.com ";
allow-update { acl; };
forwarders {};
};

Why would I want to forward requests if I'm autoritative for the zone ?

Thank you for those who can hightligh this point.

__ _
Please visit https://lists.isc.org/mailman/ listinfo/bind-users
 to unsubscribe from
this list


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/ listinfo/bind-users

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Why would a master zone use forwarders ?

2017-05-12 Thread Mik J via bind-users 
Thank you Ben for your answer
My server uses a global forwarding
I don't understand what you wrote"If it is master for a foo.com and also has 
global forwarding it will use the global forward for any delegated child 
domains under foo.com unless they are also loaded locally."
If my DNS is autoritative, why would I use a forwarding ?
For my sub domains I use delegationssub.mydomain.com NS 
ns.sub.mydomain.comns.sub.mydomain.com A 1.1.1.1
What's the difference between the global forward for delegated child domains 
and the delegation I do ?
Thank you

 

Le Vendredi 12 mai 2017 15h34, Ben Croswell  a 
écrit :
 

 This would only change behavior if the server has global forwarding. 
If it is master for a foo.com and also has global forwarding it will use the 
global forward for any delegated child domains under foo.com unless they are 
also loaded locally.  The forward{} turns off global forwarding for that branch 
of the tree.
On May 12, 2017 9:27 AM, "Mik J via bind-users"  
wrote:

Hello,
If my DNS is master/slave for a zone, why would I want it to use forwarders.
In other terms why would I wantzone "mydomain.com"
{
    type master;
    file "zones/master/com/mydomain.com ";
    allow-update { acl; };
};

Instead of (forwarders {};)zone "mydomain.com"
{
    type master;
    file "zones/master/com/mydomain.com ";
    allow-update { acl; };    forwarders {};};
Why would I want to forward requests if I'm autoritative for the zone ?
Thank you for those who can hightligh this point.

__ _
Please visit https://lists.isc.org/mailman/ listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/ listinfo/bind-users



   ___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Why would a master zone use forwarders ?

2017-05-12 Thread Ben Croswell 
This would only change behavior if the server has global forwarding.

If it is master for a foo.com and also has global forwarding it will use
the global forward for any delegated child domains under foo.com unless
they are also loaded locally.  The forward{} turns off global forwarding
for that branch of the tree.

On May 12, 2017 9:27 AM, "Mik J via bind-users" 
wrote:

> Hello,
>
> If my DNS is master/slave for a zone, why would I want it to use
> forwarders.
>
> In other terms why would I want
> zone "mydomain.com"
> {
> type master;
> file "zones/master/com/mydomain.com";
> allow-update { acl; };
> };
>
> Instead of (forwarders {};)
> zone "mydomain.com"
> {
> type master;
> file "zones/master/com/mydomain.com";
> allow-update { acl; };
> forwarders {};
> };
>
> Why would I want to forward requests if I'm autoritative for the zone ?
>
> Thank you for those who can hightligh this point.
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Why would a master zone use forwarders ?

2017-05-12 Thread Mik J via bind-users 
Hello,
If my DNS is master/slave for a zone, why would I want it to use forwarders.
In other terms why would I wantzone "mydomain.com"
{
    type master;
    file "zones/master/com/mydomain.com";
    allow-update { acl; };
};

Instead of (forwarders {};)zone "mydomain.com"
{
    type master;
    file "zones/master/com/mydomain.com";
    allow-update { acl; };    forwarders {};};
Why would I want to forward requests if I'm autoritative for the zone ?
Thank you for those who can hightligh this point.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Providing GeoIP information for servers

2017-05-12 Thread Robert Moskowitz 



On 05/11/2017 10:46 AM, Timothe Litt wrote:

On 10-May-17 17:50, John W. Blue wrote:

>From the it-could-be-worse department:

https://arstechnica.com/tech-policy/2016/08/kansas-couple-sues-ip-mapping-firm-for-turning-their-life-into-a-digital-hell/

I am more a fan of continental geolocation accuracy when it comes to IP 
addresses.

John
If your static IP address has a reverse name in DNS, it's a short hop 
through whois to your actual location.


Well, usually. It is possible that none of the contact addresses are 
where the IP address is located - especially for large organizations. 
And there are the whois proxies that obscures your physical location.


My whois information is there, if someone wanted to know.

But I was thinking to get the LOC for city hall and use that. 
Police/fire are right next door.  :)


We don't have any above-ground water to use for the GPS LOC  ;)

Afterall, my desire is to show that my servers are in Oak Park, not 
Plymouth MI.




Still, it's pretty hard to hide.  (Even in a Kansas lake.)

Depending on your situation, you may wish to have different accuracy 
and/or precision in internal and external LOC records.


But on the original topic:  Contact Maxmind and see if they'll fix 
your address. 
https://support.maxmind.com/geoip-data-correction-request/ They may 
require evidence that Comcast has delegated the address to you.


Worth doing.  I have the contract for the static address assignment.



Timothe Litt
ACM Distinguished Engineer
--
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.



From: bind-users  on behalf of Mark 
Andrews


AFAIK Maxmind et al don't lookup LOC records.  That being said if
enough people published LOC records they might start.

For Google you can update the location using a app which uses the
phone's GPS.

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET:ma...@isc.org





___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users