|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: OT Re: *.com and *.net? Yay Postfix!
From: Roman Neuhauser (neuhauser
bellavista.cz)
Date: Thu Sep 18 2003 - 08:27:17 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
# postfixjohnpeach.com / 2003-09-18 08:26:49 -0400:
> > > > > the only problem is I don't have dnscache setup at home :( Historically
> > > > > I have myself as authoritative for advertising sites such as
> > > > > doubleclick and djb doesn't believe you should have an authoritative
> > > > > server and a caching server on the same address.....
> > > >
> > > > what stops you from running tinydns somewhere in 127/8? or do you
> > > > run an operating system that can't assign more than one IP to an
> > > > interface?
> >
> > Don't spread FUD.
>
> What FUD?
: I'm very wary of tinydns anyway. By "design" it doesn't answer TCP
: queries, which, of course, breaks recent billyshit impementations which
: only speak TCP. It does not appear to be well documented how tinydns
: for an *internal* only nameserver can interact with dnscache for the
: rest of it. Obviously I cannot tell the root nameservers that I am
: authoritative for doubleclick.net et al and I use this nameserver for my
: home network.
this FUD. it's partly false and partly irrelevant.
> I now have the details on running tinydns and dnscache together, but
> will stay with BIND anyway, as I'm not comfortable with a number of
> aspects of tinydns.
that's your choise, of course.
> > > I'm very wary of tinydns anyway. By "design" it doesn't answer TCP
> > > queries, which, of course, breaks recent billyshit impementations
> > > which only speak TCP.
> >
> > Who's Billy? Is that your middle name?
> > Run axfrdns if your records don't fit into a UDP datagram.
>
> As in Gates - recent versions of his Op Sys (sic) insist on querying using TCP....
how is that related to the problem at hand? dnscache, which is what
the clients talk to, listens, and responds, on tcp/udp 53.
you only need tinydns if you:
1. want to override the "normal" delegations for some parts of the
DNS tree, and
2. you don't want to use the Russel Nelson's recent ignoreip patch
which enables dnscache to return NXDOMAIN instead of certain
A records if their values are certain IP addresses.
so, you would have dnscache listening where Bind listens now, and
tinydns on any other IP address: could be 127.0.53.1 on the same
machine: those "billyshit" clients will *never* want to talk to it.
tell dnscache that, instead of following the normal delegation
chain, it should short-circuit lookups in doubleclick.net to
127.0.53.1 by doing:
# echo 127.0.53.1 > /service/dnscache/root/servers/doubleclick.net
# svc -t /service/dnscache
and that's it. this is perfectly documented at
http://cr.yp.to/djbdns/dot-local.html . The link from
http://cr.yp.to/djbdns.html says "How to create local DNS names".
How's that for "does not appear to be well documented"?
--
If you cc me or remove the list(s) completely I'll most likely ignore
your message. see http://www.eyrie.org./~eagle/faqs/questions.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]