Re: adding zone forwards without restart

Am 29.09.2016 um 21:27 schrieb Frank Even: None of that works. Nothing short of a restart of the daemon notices new forwarders added to the config. That is inclusive of: rndc reconfig rndc reload rndc flushname $nameofforwardersadded rndc flush our named instances are running chrooted and i

Re: Multiple IPs Associated With A Single Name

On 29 September 2016 at 15:07, Tim Daneliuk wrote: > > > No, not really. It's for a private cloud microservices system we're > thinking through. We already run most/many of the various service > backends in user space so that the app devs and support folks can control > their own universe witho

Re: Multiple IPs Associated With A Single Name

On 09/29/2016 04:57 PM, Niall O'Reilly wrote: > On 29 Sep 2016, at 22:33, Matthew Pounsett wrote: > >> That seems like a lot of complexity to go to in order to avoid running a >> name server as root, though. You'd probably be better off convincing your >> systems people to set up sudo in such a

Re: Multiple IPs Associated With A Single Name

On 29 Sep 2016, at 22:33, Matthew Pounsett wrote: That seems like a lot of complexity to go to in order to avoid running a name server as root, though.  You'd probably be better off convincing your systems people to set up sudo in such a way that you can administer a DNS server running on a pr

Re: Multiple IPs Associated With A Single Name

On 09/29/2016 04:33 PM, Matthew Pounsett wrote: > > > On 29 September 2016 at 14:18, Tim Daneliuk > wrote: > > > What I am stuck on is this: Is there any simple (i.e., non-root) way > to write a client or otherwise configure userspace to go to the > non-

RE: Multiple IPs Associated With A Single Name

Yeah, sure, just run it with your own special config file (with -c); in that config file, set the listen-on to an unprivileged port, and make sure all of the pathnames (including implicit pathnames like the pid-file) are to files/directories to which the unprivileged user has read and (where nec

Re: Multiple IPs Associated With A Single Name

On 29 September 2016 at 14:18, Tim Daneliuk wrote: > > What I am stuck on is this: Is there any simple (i.e., non-root) way > to write a client or otherwise configure userspace to go to the > non-standard > port and run my sort of man-in-the-middle server? Or is this just a stupid > idea? > > T

Re: Multiple IPs Associated With A Single Name

On 09/29/2016 04:18 PM, Tim Daneliuk wrote: > On 09/29/2016 02:08 PM, John Miller wrote: >> Hi Tim, >> >> AFAIK, multiple A records are the only way to return multiple IPs for >> a given FQDN. there are multiple A records for a given name, BIND >> will return all of those records -- it'll return a

Re: Multiple IPs Associated With A Single Name

On 09/29/2016 02:08 PM, John Miller wrote: > Hi Tim, > > AFAIK, multiple A records are the only way to return multiple IPs for > a given FQDN. there are multiple A records for a given name, BIND > will return all of those records -- it'll return all the IPs. It's up > to the client in question t

Re: adding zone forwards without restart

I'm adding forwarders, not adding an authoritative domain. I'm not working directly with a zone at all. Just intercepting DNS traffic for a specific zone intended to be internal only and forwarding it to another group of resolvers instead of dumping the queries to the Internet. On Wed, Sep 21, 2

Re: adding zone forwards without restart

None of that works. Nothing short of a restart of the daemon notices new forwarders added to the config. That is inclusive of: rndc reconfig rndc reload rndc flushname $nameofforwardersadded rndc flush A restart of the service however, that does work. That is far more disruptive than I like th

Re: adding zone forwards without restart

I am running chrooted. I'm relying on the "feature" of BIND "mounting" the standard dirs into a chroot via the standard startup scripts in Cent6/7. My understanding is it's not "copying" the files anywhere, but using those that are there. I am modifying them via puppet on the system. I've even c

Multiple IPs Associated With A Single Name

In the dark and dusty reaches of my elderly DNS experience, ISTR a way to set up A records so that the request to resolve a name returns a *list of associated IPs*. This is distinct from DNS RR (I think?) which simply returns a different *single* IP for each call (I may well be wrong). Can some

Re: Multiple IPs Associated With A Single Name

Hi Tim, AFAIK, multiple A records are the only way to return multiple IPs for a given FQDN. there are multiple A records for a given name, BIND will return all of those records -- it'll return all the IPs. It's up to the client in question to decide how to use that information. John On Thu, Se

Re: Multiple IPs Associated With A Single Name

On 29 September 2016 at 12:02, Tim Daneliuk wrote: > In the dark and dusty reaches of my elderly DNS experience, ISTR a way to > set up A records so that the request to resolve a name returns a *list > of associated IPs*. This is distinct from DNS RR (I think?) which > simply returns a different

Re: Is there a way to turn off EDNS Responses from Server globally for all the endpoints

In message , Harshith Mulky writes: > Before anybody asks, why would I need to turn off EDNS, this is to verify > the client falling back to TCP in case EDNS is not supported on server, > and the server has to send response > 512 bytes, and the client falls > back to TCP and queries the server