parental-agents clause - IP address only ?

Timothe Litt litt at acm.org
Tue Dec 6 02:58:15 UTC 2022 

On 05-Dec-22 11:17, vom513 wrote:
>> On Dec 5, 2022, at 4:06 AM, Matthijs Mekking<matthijs at isc.org>  wrote:
>>
>> 'parental-agents' work the same as 'primaries'. It only supports addresses.
>>
>> Listing them as domain names would technically be possible to implement, but it requires an authoritative server to act as an resolver. Adding resolver code to the path of an authoritative server is like crossing the streams. It adds security risks that are unnecessary for an authoritative server, so I'd rather not add such functionality.
>>
> Thanks for the confirmation - and yes makes sense.
>
> Also thanks to Timothe in this thread for the script inspiration.  I cooked my own up and tested it - works brilliant.  I also added some logic to email me if there is a diff from the last run.  Will be interesting to see how often there actually is.

I'm glad it was helpful.  Rather than do it yourself diffs/email, I'd 
suggest simply committing changes to git (or another source control 
system).  A commit hook can handle the diff and/or e-mail.  And having 
your configuration under source control can be very helpful when things 
go wrong.  It's trivial to roll back or forward, visualize history, and 
(sometimes) bisect.  And it enforces documenting why changes are made.  
Plus, of course, it's easy to replicate changes to a local backup with a 
push...

If you've developed something that's generally useful - or could be made 
generally useful - I encourage you to share it.

Here, or especially if larger, a pointer to one of the usual platforms. 
(GitHub, GitLab, sourceforge, etc).

The community works best when everyone contributes what they can.

Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20221205/43366d98/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20221205/43366d98/attachment.sig>

More information about the bind-users mailing list