Sub-domain RR leakage?
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Fri Jul 21 07:09:33 UTC 2000
Given most OS's these days support interface aliases just
run copy another copy of named on the aliased address and
make it the master for the zone and have the secondaries
transfer from it.
Mark
P.S. BIND 9.0.0 is in beta test and can be retrieved via
www.isc.org.
>
> > On Tue, Jul 18, 2000 at 10:03:01AM -0700, Tom Jennings wrote:
> > ...
> > > The problem is this: BIND is including RR data from sub-domains in
> > > zone-transfers of the top domain. The primary zone file FOO.COM
> > > contains NO references to ANY subdomain, yet named-xfer includes
> > > data from all subdomains in the transfer to a secondary. I ran
> > > named-xfer manually and verified this. And of course since the
> > > secondares doesn't have my ACLs, queries for subdomain data against
> > > secondaries returns RRs containing 10.* addresses.
> > ...
>
> On Tue, 18 Jul 2000, Joseph S D Yao wrote:
> > IIRC, known bug, fixed in BIND 9.*.
>
> Oh great.
>
> I can't think of a workaround other than installing a second ethernet
> card, even on the same network, and running two BINDs and not
> letting them talk (which presents another whole series of problems,
> eg. I really NEED to secondary!).
>
> Is there another solution?
>
> I won't even ask when BIND 9.x will be out.
>
>
> Thanks for the reply though (really :-). At least I'm not crazy
> (more accurately, this problem isn't evidence of that).
>
> tomj
>
>
> ---
> INFORMATION GLADLY GIVEN BUT SAFETY REQUIRES AVOIDING UNNECESSARY CONVERSATIO
> N
>
>
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list