betrahul.net

• Next message: Bennett Todd: "Re: unknown_client_reject_code = 5xx?"
• Previous message: Ben Li (Àîº): "a patch to adding a new check in smtpd_restriction"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2000-09-01-12:50:39 Wietse Venema:
> Does dnscache already work for clients that have no direct internet
> access but that must forward all queries to a firewall DNS server?

Nope, there's no forwarder in djbdns.

The suite currently includes two primary daemons, and a couple of
special-purpose ones.

The primary daemons are dnscache, which is a recursive resolver, it
only services recursive queries, and forcibly tracks them all to
ground from its configured roots, ensuring that there's a documented
chain of authoritative delegations from the roots down for any
answer it returns; and the answers it returns are not authoritative.

The other primary daemon is tinydns, which only serves authoritative
data; tinydns serves UDP only; a companion, axfrdns, serves off the
same database over TCP, so if you need zone xfers, or have records
bigger than 512 bytes, you can just run an axfrdns (under tcpserver,
from the ucspi-tcp package) to serve that.

There are also some more exotic, special-purpose servers: pickdns,
for doing special-purpose tricks like load balancing and
route-based server optimization; walldns, for serving reverse zones
with no special info revealed; and rbldns, for serving rbl-like
zones.

If you need a forwarder, and you can't fix the network design that
produced this need, then you're stuck with BIND.

-Bennett

• application/pgp-signature attachment: stored

• Next message: Bennett Todd: "Re: unknown_client_reject_code = 5xx?"
• Previous message: Ben Li (Àîº): "a patch to adding a new check in smtpd_restriction"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]