per record responses based on originating IP

Angus Clarke angus at charworth.com
Sun May 15 13:28:24 UTC 2022 

Hi Grant

> Before stepping up to views I'd stop to ask the question, would
> returning multiple IPs in a preferred sort order suffice?

maybe, I'm reading up ...

> BIND has the ability to sort RRs differently based on different client
> criteria.

poking around the manual, are you alluding to the "sortlist" directive?

> If sorting of replies won't suffice, please provide a hypothetical
> example of a couple of different clients & responses for an example RR.

So the concern with returning an ordered RRset is that the set could be large:
The intention is that each private site/network will have its own DNS server pair and that local recursors resolve all private zones from that local pair. So things like NS records would be in scope for the ordered RRset response. With more sites come more DNS pairs and therefore more NS records to be added to the RRset. Maybe I can limit a RRset response to the first X number of entries?

Thanks
Angus

________________________________
From: bind-users <bind-users-bounces at lists.isc.org> on behalf of Grant Taylor via bind-users <bind-users at lists.isc.org>
Sent: 12 May 2022 18:11
To: bind-users at lists.isc.org <bind-users at lists.isc.org>
Subject: Re: per record responses based on originating IP

On 5/12/22 6:30 AM, Angus Clarke wrote:
> Hello

Hi,

> With bind (and others) it seems that DNS views are the way to go,

Before stepping up to views I'd stop to ask the question, would
returning multiple IPs in a preferred sort order suffice?

BIND has the ability to sort RRs differently based on different client
criteria.

> Does bind have some simple way to respond differently based on source
> address but on a per record basis? Or perhaps include a baseline zone in
> a view and separately include differences for that view - something like
> this perhaps?

If sorting of replies won't suffice, please provide a hypothetical
example of a couple of different clients & responses for an example RR.



--
Grant. . . .
unix || die

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220515/edf61c0e/attachment.htm>

More information about the bind-users mailing list