(not FreeIPA), or run a "split-brain" DNS which has dedicated DNS servers
> that has a smaller subset of records that are exposed to the Internet.
>
> -Mike
>
> On 11/22/2017 4:21 AM, James Swineson via FreeIPA-users wrote:
>
> Hi,
>
> I'm planning a FreeI
Hi,
I'm planning a FreeIPA fresh installation across multiple datacenters and
offices. Concerned about the risk of DNS DDoS, I wanted to make most nodes
in a mesh VPN so they can replicate without exposing ports to internet.
However, I still need some services over internet. So can I set up every
