Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread Tim Daneliuk
On 09/30/2016 12:46 PM, John Miller wrote: > On Fri, Sep 30, 2016 at 1:15 PM, Tim Daneliuk wrote: >> On 09/30/2016 11:17 AM, Hrant Dadivanyan wrote: >>> Won't port redirection work better then ? > >> get sudo for even limited access to things on their sandboxes. So, we're >> trying to figure out

Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread John Miller
On Fri, Sep 30, 2016 at 1:15 PM, Tim Daneliuk wrote: > On 09/30/2016 11:17 AM, Hrant Dadivanyan wrote: >> Won't port redirection work better then ? > get sudo for even limited access to things on their sandboxes. So, we're > trying to figure out a way to work around the corporate slowness while

Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread Tim Daneliuk
On 09/30/2016 11:17 AM, Hrant Dadivanyan wrote: > Won't port redirection work better then ? Yes it would, but redirecting a privileged port requires root. Since so many people have kindly responded here, it might be worth explaining a bit of the backstory. The client is a large corporate c

Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread /dev/rob0
On Fri, Sep 30, 2016 at 10:22:35AM -0500, Tim Daneliuk wrote: > In my particular case, I am trying to figure out a way to redirect > gethostbyname() calls to the resolver of my choice so that existing > code will run without change. The problem is that I need to do > this without root or sudo a

Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread Hrant Dadivanyan
> On 09/29/2016 04:33 PM, Matthew Pounsett wrote: > > > > > > On 29 September 2016 at 14:18, Tim Daneliuk > > wrote: > > > > > > What I am stuck on is this: Is there any simple (i.e., non-root) way > > to write a client or otherwise configure userspace to

Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread Reindl Harald
Am 30.09.2016 um 17:22 schrieb Tim Daneliuk: On 09/30/2016 10:12 AM, Reindl Harald wrote: Am 30.09.2016 um 16:22 schrieb Tim Daneliuk: On 09/29/2016 04:45 PM, Darcy Kevin (FCA) wrote: Yeah, sure, just run it with your own special config file (with -c); in that config file, set the listen-o

Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread Tim Daneliuk
On 09/30/2016 10:12 AM, Reindl Harald wrote: > > Am 30.09.2016 um 16:22 schrieb Tim Daneliuk: >> On 09/29/2016 04:45 PM, Darcy Kevin (FCA) wrote: >>> Yeah, sure, just run it with your own special config file (with -c); in >>> that config file, set the listen-on to an unprivileged port, and make s

Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread Reindl Harald
Am 30.09.2016 um 16:22 schrieb Tim Daneliuk: On 09/29/2016 04:45 PM, Darcy Kevin (FCA) wrote: Yeah, sure, just run it with your own special config file (with -c); in that config file, set the listen-on to an unprivileged port, and make sure all of the pathnames (including implicit pathnames l

Re: Multiple IPs Associated With A Single Name

2016-09-30 Thread Tim Daneliuk
On 09/29/2016 04:45 PM, Darcy Kevin (FCA) wrote: > Yeah, sure, just run it with your own special config file (with -c); in that > config file, set the listen-on to an unprivileged port, and make sure all of > the pathnames (including implicit pathnames like the pid-file) are to > files/directori

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread Matthew Pounsett
On 29 September 2016 at 15:07, Tim Daneliuk wrote: > > > No, not really. It's for a private cloud microservices system we're > thinking through. We already run most/many of the various service > backends in user space so that the app devs and support folks can control > their own universe witho

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread Tim Daneliuk
On 09/29/2016 04:57 PM, Niall O'Reilly wrote: > On 29 Sep 2016, at 22:33, Matthew Pounsett wrote: > >> That seems like a lot of complexity to go to in order to avoid running a >> name server as root, though. You'd probably be better off convincing your >> systems people to set up sudo in such a

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread Niall O'Reilly
On 29 Sep 2016, at 22:33, Matthew Pounsett wrote: That seems like a lot of complexity to go to in order to avoid running a name server as root, though.  You'd probably be better off convincing your systems people to set up sudo in such a way that you can administer a DNS server running on a pr

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread Tim Daneliuk
On 09/29/2016 04:33 PM, Matthew Pounsett wrote: > > > On 29 September 2016 at 14:18, Tim Daneliuk > wrote: > > > What I am stuck on is this: Is there any simple (i.e., non-root) way > to write a client or otherwise configure userspace to go to the > non-

RE: Multiple IPs Associated With A Single Name

2016-09-29 Thread Darcy Kevin (FCA)
just fine. - Kevin -Original Message- From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Tim Daneliuk Sent: Thursday, September 29, 2016 5:24 PM To: John Miller Cc: Bind Users Subject: Re: Multiple IPs Associated Wit

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread Matthew Pounsett
On 29 September 2016 at 14:18, Tim Daneliuk wrote: > > What I am stuck on is this: Is there any simple (i.e., non-root) way > to write a client or otherwise configure userspace to go to the > non-standard > port and run my sort of man-in-the-middle server? Or is this just a stupid > idea? > > T

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread Tim Daneliuk
On 09/29/2016 04:18 PM, Tim Daneliuk wrote: > On 09/29/2016 02:08 PM, John Miller wrote: >> Hi Tim, >> >> AFAIK, multiple A records are the only way to return multiple IPs for >> a given FQDN. there are multiple A records for a given name, BIND >> will return all of those records -- it'll return a

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread Tim Daneliuk
On 09/29/2016 02:08 PM, John Miller wrote: > Hi Tim, > > AFAIK, multiple A records are the only way to return multiple IPs for > a given FQDN. there are multiple A records for a given name, BIND > will return all of those records -- it'll return all the IPs. It's up > to the client in question t

Multiple IPs Associated With A Single Name

2016-09-29 Thread Tim Daneliuk
In the dark and dusty reaches of my elderly DNS experience, ISTR a way to set up A records so that the request to resolve a name returns a *list of associated IPs*. This is distinct from DNS RR (I think?) which simply returns a different *single* IP for each call (I may well be wrong). Can some

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread John Miller
Hi Tim, AFAIK, multiple A records are the only way to return multiple IPs for a given FQDN. there are multiple A records for a given name, BIND will return all of those records -- it'll return all the IPs. It's up to the client in question to decide how to use that information. John On Thu, Se

Re: Multiple IPs Associated With A Single Name

2016-09-29 Thread Matthew Pounsett
On 29 September 2016 at 12:02, Tim Daneliuk wrote: > In the dark and dusty reaches of my elderly DNS experience, ISTR a way to > set up A records so that the request to resolve a name returns a *list > of associated IPs*. This is distinct from DNS RR (I think?) which > simply returns a different