[Dnsmasq-discuss] Fwd: mixing synth-domain and auth-domain does not appear to work for me.

2014-04-03 Thread David Beveridge
On Thu, Apr 3, 2014 at 6:24 AM, Simon Kelley si...@thekelleys.org.uk wrote:

 On 02/04/14 11:46, David Beveridge wrote:
  So I have a few static hosts defined in /etc/hosts and I want to
  serve authoritative records for them.
  I also have some machines which get address via dhcp and slaac which I want
  to publish using synth-domain.
 
  Each option works alone, but when I mix the options
  eg
  auth-zone=thekelleys.org.uk,192.168.0.0/24
  synth-domain=thekelleys.org.uk,192.168.0.0/24,internal-
 
  with synth-domain only
  # dig internal-192-168-0-56.thekelleys.org.uk @223.27.66.79
  ;; ANSWER SECTION:
  internal-192-168-0-56.thekelleys.org.uk. 0 IN A 192.168.0.56
 
  with both defined, no answer is returned.
 
 
  The behaviour is the same for Ipv6.

 This is, I think, just an oversight. synth-domain certainly generates
 Locally defined DNS records which is what the auth-zone is specified
 to contain.


So if the auth-domain exists and the lookup fails there it does not try to
do a lookup in synth-domain.  I'm not sure how commonly people
might want to do that.

 
  regards,
  dave.
 
  PS: any reason why synth-domain is limited to /64 for IPv6?

 Prefix length has to be greater than or equal to 64, is that what you
 mean?  It's about implementation convenience. C doesn't provide a
 integer data type larger than 64 bits for doing masking. of the
 address-part.


Fair enough.  So I have a copy of dnsmasq running on my bind dns server
just to handle the synthetic reverse (which bind can't do), so each /64
needs to be individually configured in dnsmasq.  It's good to know why.

I can't just get lazy and synth a whole /48 or /32.
Probably out of scope for what dnsmasq is designed for anyway.

dave

 Cheers,

 Simon.


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Fwd: mixing synth-domain and auth-domain does not appear to work for me.

2014-04-03 Thread Simon Kelley
On 03/04/14 08:14, David Beveridge wrote:

 Prefix length has to be greater than or equal to 64, is that what you
 mean?  It's about implementation convenience. C doesn't provide a
 integer data type larger than 64 bits for doing masking. of the
 address-part.

 
 Fair enough.  So I have a copy of dnsmasq running on my bind dns server
 just to handle the synthetic reverse (which bind can't do), so each /64
 needs to be individually configured in dnsmasq.  It's good to know why.
 
 I can't just get lazy and synth a whole /48 or /32.
 Probably out of scope for what dnsmasq is designed for anyway.

That's what I told myself when I wrote the code, it's crazy to use
arbitary-precision maths in a DNS daemon. Then a year later I
implemented DNSSEC which uses public-key crypto, based in
arbitrary-precision maths :-)

Cheers,

Simon.

 
 dave
 
 Cheers,

 Simon.

 
 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
 


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss