Port forward DNS requests
Brad Knowles
brad at stop.mail-abuse.org
Fri Aug 12 22:41:09 UTC 2005
At 2:56 PM -0700 2005-08-12, Danimal wrote:
> At the network layer this seems pretty doable. I wasn't sure at the
> application layer if BIND would have trouble since it wouldn't
> recognise itself as ns2.goColts.com.
One problem that I think you're going to have is that the
responses would be coming back from a different IP address to which
they were sent, and I believe that many applications/servers would
throw them away -- just like they'd do with any other potential
forgery.
Why not just add the new server to your list within the zone,
wait for the change to be propagated by the parent zone, then drop
the old server from inside the zone? You'll have to operate three
servers during the switch-over process, but you shouldn't have any
other problems.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the bind-users
mailing list