Re: [Dnsmasq-discuss] DNAME or domain to domain transltion?
On 03/16/15 22:41, Dave Taht wrote: I had had a lot of hope for DNAMEs, but they were shot down in the ietf years ago. Vestiges survive in "bind", at least, but I suspect there is little application support. I would not mind an attempt to resurrect them. Naming in the face of being renumbered all the time by various ipv4 and ipv6 providers is a real PITA. I don't get why you said they were "shot down". The DNAME record type is standards track with 2 RFCs issued. Starting as RFC 2672 and updated 3 years ago with RFC 6672. As far as I can see they're supported by most of the open source authoritative name servers and recursive resolvers (BIND, NSD / Unbound, Knot, Yadifa, MaraDNS), commercial implementations such as Cisco, Nominum, Microsoft as well as OS resolvers. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Antwort: Re: MX resolving on each request
On 11/25/14 03:06, Christoph Kaminski wrote: which dnsmasq alternative can do this? Use a recursive and caching resolver such as Unbound or BIND. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Stable releases v. development releases.
On Sun, Apr 20, 2014 at 11:52:19AM -0400, Weedy wrote: > On 18 Apr 2014 05:27, "Olaf Westrik" wrote: > > > > On 2014-04-17 23:14, Simon Kelley wrote: > >> > >> Thus far, dnsmasq has not maintained separate stable and development > >> branches. One reason for this is that there's been a pretty strong > >> policy of backwards-compatibility, so the penalty for upgrading to the > >> latest release is low: we've almost certainly not broken your config, or > >> changed behaviour. > > > > > > May I add: you have done that exceptionally well. > > > > > > > >> I'm interested in opinions for and against the status-quo or a new > >> stable/devel split. > > > > > > A full split would mean extra work for you and probably more users > sticking to some stable branch for a long time. For dnsmasq I do not think > it is worth the effort. > > > > If at some point during development, important fixes are necessary, it is > probably more convenient to open something like a temporary stable branch > with the sole purpose of applying fixes on top of the latest released > version. > > > > OTOH if you were to give out a notice saying: here is something > critically important, please apply GIT commit xyz to fix it, that would > work just as well for our use case. > > I was about to post a similar comment. > I don't see a point in splitting off stable branches constantly. But point > releases as needed if regressions are found sound about right. IMO sounds good to me. A point release for regressions and other bug fixes would be a good way of doing things instead of another full on release which usually tries to mix in feature changes as well pushing out a release. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Announce: dnsmasq-2.69
On 11/04/14 5:42 AM, Stéphane Guedon wrote: Good ! But anyway, we still need a resolver. Why not considering making dnsmasq acting as resolver itself too ? It is outside of the scope of what dnsmasq is for. Thanks for your work (didn't tried the release, but you deserve some congrats...)! -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Does DNSSEC require nettle and gmp, or nettle with gmp?
On 01/04/14 2:02 PM, Nathan Dorfman wrote: Maybe OpenSSL is the right choice anyway, I don't know. But, I thought someone should speak up for nettle :) speaking up for nettle means nothing when you don't understand the issue at hand. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Does DNSSEC require nettle and gmp, or nettle with gmp?
On 01/04/14 1:45 PM, Dave Taht wrote: On Tue, Apr 1, 2014 at 9:54 AM, /dev/rob0 wrote: On Tue, Mar 25, 2014 at 07:08:44PM -0400, Alex Xu wrote: On 25/03/14 07:03 PM, sven falempin wrote: my concern of nettle vs openssl is the amount of review and testing nettle did get compared to something more widely(!) used something being used a lot != something being good Absolutely true, but in the context of open source software, especially cryptographic software, more use also tends to mean more code review. I'm not really qualified to judge here what is best; I can only point out what I, as a user, think about it. I'll trust Simon's judgment, but I hope he has considered these concerns. I have not been tracking this conversation closely, but my own take on matters is that I'm opposed to a monoculture of anything... http://www.abc.net.au/news/2013-08-29/feature-banana/4922208 And thus I enthusiastically support other OSes than linux, other dns servers besides bind, and other crypto libraries besides openssl. I have no problem with not having a monoculture. But provide an option to support more than one crypto library. Don't assume what is good for OpenWRT and other embedded OS's is good for everyone else. That's making a really poor assumption. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq 2.61test7 & RA issues
On 25/03/12 5:04 PM, Jan Seiffert wrote: 2012/3/25 Simon Kelley: On 25/03/12 14:21, Vladislav Grishenko wrote: From: Simon Kelley [snip] The 6to4 case, maybe more useful. But is 6to4 going to be used much in the real world? I'd say 6to4 is the only easy solution for end-users at the moment whose ISP doesn't allow any IPv6. If they uses some kind of CPE in router mode with dnsmasq on-board and want to use IPv6 too, it makes sense. Frankly speaking, in Russia/UA the majority ISP doesn't offer IPv6 connectivity at all. That's true in most places. Very few UK ISPs offer IPv6. Most people I know what want it use a 6in4 tunnel via a tunnel broker. I'm using Sixxs and it works very well. 6to4 has a bad reputation, partly because it comes with asymmetric routing. I think most people will not get IPv6 until their ISP offers it. Don't forget 6RD. It's basically 6to4, but with another, ISP-specific, IPv6 prefix. the ISP "Free" in France uses it to deploy IPv6 to all it's customer AFAIK. The idea is that you don't need any new HW in the backbone/BRAS/whatever, the ISP only deploys new firmware to it's CPEs (if they already can talk 6to4, it's a 150 line change to allow arb. prefixes, see http://patchwork.ozlabs.org/patch/34121/), and the "asymmetric" 6to4 Routers are under the control (and SLAG and whatnot) of the ISP, some extra boxes without ties to the other HW. 6RD does not have the asymmetric routing issues of 6to4, but it is still another poor transition mechanism that should not be used in a serious production IPv6 environments and no ISP taking IPv6 seriously will use it. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Win7 does not lease an IPv6-Address
On 22/02/12 2:00 AM, Brad Smith wrote: On 21/02/12 6:13 PM, Brad Smith wrote: On 19/02/12 3:39 PM, Simon Kelley wrote: My understanding is that the gateway comes from the router advertisements, so it's a radvd thing. There is no DHCPv6 option for default gateway. That is correct. There has been discussion as to whether to add a default route or static routes for DHCPv6 within the WG. http://tools.ietf.org/html/draft-ietf-mif-dhcpv6-route-option-03 FYI.. ISC DHCP and Dibbler support the draft. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Win7 does not lease an IPv6-Address
On 21/02/12 6:13 PM, Brad Smith wrote: On 19/02/12 3:39 PM, Simon Kelley wrote: My understanding is that the gateway comes from the router advertisements, so it's a radvd thing. There is no DHCPv6 option for default gateway. That is correct. There has been discussion as to whether to add a default route or static routes for DHCPv6 within the WG. http://tools.ietf.org/html/draft-ietf-mif-dhcpv6-route-option-03 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Win7 does not lease an IPv6-Address
On 21/02/12 6:13 PM, Brad Smith wrote: On 19/02/12 3:39 PM, Simon Kelley wrote: My understanding is that the gateway comes from the router advertisements, so it's a radvd thing. There is no DHCPv6 option for default gateway. That is correct. There has been discussion as to whether to add a default route or static routes for DHCPv6 within the WG. I'm seriously considering adding RA functionality to dnsmasq: just enough to allow DHCP to work. That should make this sort of thing easier. Once you get that much I don't see what the point of cutting corners on what little is left. If you do add RA support please add RFC 61606 support. And that should be RFC 6106. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Win7 does not lease an IPv6-Address
On 19/02/12 3:39 PM, Simon Kelley wrote: My understanding is that the gateway comes from the router advertisements, so it's a radvd thing. There is no DHCPv6 option for default gateway. That is correct. There has been discussion as to whether to add a default route or static routes for DHCPv6 within the WG. I'm seriously considering adding RA functionality to dnsmasq: just enough to allow DHCP to work. That should make this sort of thing easier. Once you get that much I don't see what the point of cutting corners on what little is left. If you do add RA support please add RFC 61606 support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss