[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: BIND will completely drop D-BUS dynamic forwarders table support



 Replying to a couple points in one email...

On Wed, 5 Dec 2007, Colin Walters wrote:
If BIND is dropping support for configuring itself (i.e. it doesn't want to be a usable caching nameserver for roaming laptops), then dnsmasq may be what we need to use.

 Well, crap.  I just became a lot more important, huh?

On Wed, 5 Dec 2007, Till Maas wrote:
On Mi Dezember 5 2007, Simo Sorce wrote:

For example I'd like to query my corporate domain server (over the vpn)
buy only for domain names that end in my.corp.com and use my ISP for
anything else.

Btw. dnsmasq allows you to restrict nameservers on domains, i.e. specify a
domain for which a nameserver should be asked. But a different question: How
do you handle reverse dns lookups for the internal ip (vpn) addresses, are
they forwarded to the ISP dns, too? Or do you prevent this somehow?

 Same way:

server=/my.corp.com/0.0.10.in-addr.arpa/10.0.0.1

 That makes dnsmasq look to 10.0.0.1 for both zones' records.

On Wed, 5 Dec 2007, David Zeuthen wrote:
Running a full DNS server on a simple desktop seems like, well, a lot of overhead not to mention security concerns...

Have you *used* dnsmasq? As Roland said, it's not a full DNS server; it doesn't even do recursion (it depends on its upstream servers for that). As for security, I'm not hugely concerned if it's bound to 127.0.0.1.

On Wed, 5 Dec 2007, Callum Lerwick wrote:
This is *exactly* what dnsmasq is designed for. From what I can tell, the author added dbus support to dnsmasq *specifically* so NetworkManager could use it. I'm not sure what's up with the disconnect here. :)

 Maybe not NM specifically, but certainly conceptually:

"Added method support for DBus (http://www.freedesktop.org/Software/dbus)
This is a superior way to re-configure dnsmasq on-the-fly with different upstream nameservers, as the host moves between networks. DBus support must be enabled in src/config.h and should be considered experimental at this point. See DBus-interface for the specification of the DBus method calls supported."

(And yes, I enabled dbus support the day I submitted dnsmasq for review. :-)

     Jima


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]