automatic reverse and forwarding zones
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon Nov 7 14:50:09 UTC 2022
>>>>On 28.10.22 08:26, Ondřej Surý wrote:
>>>>>BIND 9 have support for writing plugins, and we would accept a
>>>>>well written plugin that would allow generating the forward/reverse plugins on the fly.
>>>>>
>>>>>There’s already a feature request for it here:
>>>>>https://gitlab.isc.org/isc-projects/bind9/-/issues/1586
>>
>>>On 28. 10. 22 9:29, Matus UHLAR - fantomas wrote:
>>>>this request for ipv4 too.
>>>>
>>>>I really don't think making generic named for ipv6 addresses
>>>>within range
>>>>bigger then e.g. /112 (64Ki addresses) makes any sense.
>>>>
>>>>prehaps it may for small subsets of IP addresses
>>>>
>>>>/64 is 18446744073709551616 addresses, that can't be scanned in
>>>>meaningful time and this number of DNS records would just mess
>>>>up any DNS servers' memory.
>>>>
>>>>making BIND resilient against overflowing memory this way would
>>>>make more sense than creating generic addresses.
>>
>>On 07.11.22 15:06, Petr Špaček wrote:
>>>Yes, that's exactly why plugin is needed. The plugin can generate
>>>answers on the fly without having all of them in memory.
>On 07. 11. 22 15:23, Matus UHLAR - fantomas wrote:
>>what about BIND receiving those records?
>>I don't want my resolving DNS server to fill out cache by reverse
>>records of any remote ipv6 range/ranges.
>>
>>We'd need to clean those too.
On 07.11.22 15:42, Petr Špaček wrote:
>That's part of normal resolver operation: Garbage in - garbage out -
>garbage eventually cleaned out from cache. There is nothing special
>about PTR records in that regard.
sooner or later, but filling up cache with garbage could result in other
non-garbage records being flushed out.
Are there any mechanisms that would wipe this garbage before other records,
used more often even if not very recently?
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...
More information about the bind-users
mailing list