Re: [Dnsmasq-discuss] TCP DNSSEC request over IPv6 abandoned in v2.79
Simon Kelley wrote: > You say "When I perform DNSSEC validation over IPv6" which implies, but > doesn't state, that the same test works when talking to usptream DNS > servers over IPv4? Is that the case? Certainly, a quick test here works > over IPv4. I'm wondering if I need to resurrect my severely bit-rotted > IPv6 tunnel setup? Fwiw, I found https://tunnelbroker.net/ to be very easy to set up... (Everything else related to dns is harder...) ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] CERT Vulnerability VU#598349
Simon Kelley wrote: > So, if I read the replies so far correctly, we have votes both for > "ignore wpad by default, and give an option to switch that off" and > "don't ignore wpad by default, but add the code to do so to the example > config file." > > The first is a bit of a problem, if you have > > dhcp-name-match=set:wpad-ignore,wpad > dhcp-ignore-names=tag:wpad-ignore > > either in a global config file, or baked into the code. > > there's no way to unset the wpad-ignore tag, or override the > dhcp-ignore-names directive. Sounds like this isn't the right way to define a configuration. Since being able to override it seems important. I'd argue in favor of baking in a number of these things... Offhand, "autodiscover" [1] Probably "www" and "ftp", possibly "ns", and probably "mta-sts" [2]. As for examples, I suppose the next time I revisit dnsmasq, I might look into the examples problem, currently I'm fighting yaks in pdns land (which is where I learned about the mta-sts thing, which is really awful, but, hey). [1] https://blogs.msdn.microsoft.com/exchangedev/2011/07/07/autodiscover-for-exchange-activesync-developers/ > 2. The client sends an Autodiscover request to > https://autodiscover.woodgrovebank.com/autodiscover/autodiscover.xml, and > does one of the following: [2] https://tools.ietf.org/html/rfc8461 > Thus, for a Policy Domain of "example.com", the full URL is > "https://mta-sts.example.com/.well-known/mta-sts.txt;. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DHCPv6 with dnsmasq for automated deployments
Can you cheat and just set the lease expiration to be measured in seconds? I suspect that you can have different lease times, so if you can discriminate between first state and second state systems, you can provide more reasonable lease durations once the systems are stage two... ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] updating technet ref
The current technet reference yields an error The path I followed was via http://web.archive.org/web/20100315140829/http://technet.microsoft.com/en-us/library/cc782411(WS.10).aspx I'm not absolutely certain this is the right url, but the current one is definitely unusable... # HG changeset patch # User Josh Soref # Date 1531288080 0 # Wed Jul 11 05:48:00 2018 + # Node ID e334d4f434bddedbb20e8f4fb1bd38bc33c4c262 # Parent ddd3e52f96e008b1878c8d4ce2647051905bf5ca update technet ref diff -r ddd3e52f96e0 -r e334d4f434bd dnsmasq.conf.example --- a/dnsmasq.conf.example Fri Jun 29 14:39:41 2018 +0100 +++ b/dnsmasq.conf.example Wed Jul 11 05:48:00 2018 + @@ -415,7 +415,7 @@ # Send microsoft-specific option to tell windows to release the DHCP lease # when it shuts down. Note the "i" flag, to tell dnsmasq to send the # value as a four-byte integer - that's what microsoft wants. See -# http://technet2.microsoft.com/WindowsServer/en/library/a70f1bb7-d2d4-49f0-96d6-4b7414ecfaae1033.mspx?mfr=true +# http://technet.microsoft.com/en-us/library/cc782411(WS.10).aspx #dhcp-option=vendor:MSFT,2,1i # Send the Encapsulated-vendor-class ID needed by some configurations of ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Spelling fixes for dnsmasq
Hi... I'm wondering if you'd be interested in any of these commits: https://github.com/jsoref/dnsmasq/commits/spelling https://github.com/jsoref/dnsmasq/compare/master...jsoref:spelling?expand=1 I could send a single diff for the changes, but I find that it's usually best to let people think about changes individually, and it's much easier for me to drop things when they're isolated commits than after I've squashed them together. 144 misspelled word families; 47 files changed; 214 lines changed; There are only a handful of changes to actual code: dnsservers errsave ra_start_unsolicited I understand that some pieces in the git repo are contrib/ including a tarball with misspellings (contrib/webmin/dnsmasq.wbm). I can easily drop more things, but I'd need guidance. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
