Re: [Dnsmasq-discuss] mixing synth-domain and auth-domain does not appear to work for me.

2014-04-03 Thread David Beveridge
On Thu, Apr 3, 2014 at 6:38 AM, Simon Kelley si...@thekelleys.org.uk wrote:
 On 02/04/14 21:24, Simon Kelley wrote:


 This is, I think, just an oversight. synth-domain certainly generates
 Locally defined DNS records which is what the auth-zone is specified
 to contain.


 Actually, there is a reason. It doesn't in general make sense to include
 the records created by synth-domain in a zone transfer, since there are
 likely to be a lot of them. They could be included in answers for the
 auth-zone, at the expense of the additional complication that the zone
 answered by dnsmasq becomes no longer exactly the zone that's transfered
 to a secondary (since the synth-domain answers can't be included in the
 transfer).


I agree, you definitely would not want to zone transfer the entire synth zone
just the records from the auth zone.  Actually, once you introduce synth
records to a zone, transferring it is not practical at all.

I think I have misunderstood what auth-zone does.
It seems it is not required in this situation.

I just tested and discovered that:- If I remove the auth-zone statement from
the config file the synth-zone will still serve records it finds in /etc/hosts.
In this way I can still have a mixed zone with manually created records and
synthesized records in the same zone.

The synth-domain kind of implies that the zone is authorative,
so no need for the auth-zone statement as well.

dave

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] mixing synth-domain and auth-domain does not appear to work for me.

2014-04-03 Thread Simon Kelley
On 03/04/14 08:35, David Beveridge wrote:
 On Thu, Apr 3, 2014 at 6:38 AM, Simon Kelley si...@thekelleys.org.uk wrote:
 On 02/04/14 21:24, Simon Kelley wrote:


 This is, I think, just an oversight. synth-domain certainly generates
 Locally defined DNS records which is what the auth-zone is specified
 to contain.


 Actually, there is a reason. It doesn't in general make sense to include
 the records created by synth-domain in a zone transfer, since there are
 likely to be a lot of them. They could be included in answers for the
 auth-zone, at the expense of the additional complication that the zone
 answered by dnsmasq becomes no longer exactly the zone that's transfered
 to a secondary (since the synth-domain answers can't be included in the
 transfer).

 
 I agree, you definitely would not want to zone transfer the entire synth zone
 just the records from the auth zone.  Actually, once you introduce synth
 records to a zone, transferring it is not practical at all.
 
 I think I have misunderstood what auth-zone does.
 It seems it is not required in this situation.
 
 I just tested and discovered that:- If I remove the auth-zone statement from
 the config file the synth-zone will still serve records it finds in 
 /etc/hosts.
 In this way I can still have a mixed zone with manually created records and
 synthesized records in the same zone.
 
 The synth-domain kind of implies that the zone is authorative,
 so no need for the auth-zone statement as well.

OK. Happy ending :)


Cheers,

Simon.

 
 dave
 


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] mixing synth-domain and auth-domain does not appear to work for me.

2014-04-02 Thread Simon Kelley
On 02/04/14 11:46, David Beveridge wrote:
 So I have a few static hosts defined in /etc/hosts and I want to
 serve authoritative records for them.
 I also have some machines which get address via dhcp and slaac which I want
 to publish using synth-domain.
 
 Each option works alone, but when I mix the options
 eg
 auth-zone=thekelleys.org.uk,192.168.0.0/24
 synth-domain=thekelleys.org.uk,192.168.0.0/24,internal-
 
 with synth-domain only
 # dig internal-192-168-0-56.thekelleys.org.uk @223.27.66.79
 ;; ANSWER SECTION:
 internal-192-168-0-56.thekelleys.org.uk. 0 IN A 192.168.0.56
 
 with both defined, no answer is returned.
 eg
 root@ns1 /etc/dnsmasq.d # dig internal-192-168-0-56.thekelleys.org.uk @
 223.27.66.79
 
 ;  DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 
 internal-192-168-0-56.thekelleys.org.uk @223.27.66.79
 ;; global options: +cmd
 ;; Got answer:
 ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 768
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
 
 ;; QUESTION SECTION:
 ;internal-192-168-0-56.thekelleys.org.uk. IN A
 
 ;; Query time: 0 msec
 ;; SERVER: 223.27.66.79#53(223.27.66.79)
 ;; WHEN: Wed Apr  2 21:30:13 2014
 ;; MSG SIZE  rcvd: 57
 
 
 The behaviour is the same for Ipv6.

This is, I think, just an oversight. synth-domain certainly generates
Locally defined DNS records which is what the auth-zone is specified
to contain.

 
 regards,
 dave.
 
 PS: any reason why synth-domain is limited to /64 for IPv6?

Prefix length has to be greater than or equal to 64, is that what you
mean?  It's about implementation convenience. C doesn't provide a
integer data type larger than 64 bits for doing masking. of the
address-part.

Cheers,

Simon.






 
 
 
 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
 


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] mixing synth-domain and auth-domain does not appear to work for me.

2014-04-02 Thread Simon Kelley
On 02/04/14 21:24, Simon Kelley wrote:

 
 This is, I think, just an oversight. synth-domain certainly generates
 Locally defined DNS records which is what the auth-zone is specified
 to contain.
 

Actually, there is a reason. It doesn't in general make sense to include
the records created by synth-domain in a zone transfer, since there are
likely to be a lot of them. They could be included in answers for the
auth-zone, at the expense of the additional complication that the zone
answered by dnsmasq becomes no longer exactly the zone that's transfered
to a secondary (since the synth-domain answers can't be included in the
transfer).


Simon.



___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss