per record responses based on originating IP
Grant Taylor
gtaylor at tnetconsulting.net
Sun May 15 16:31:14 UTC 2022
On 5/15/22 7:28 AM, Angus Clarke wrote:
> Hi Grant
Hi Angus,
> maybe, I'm reading up ...
>
> poking around the manual, are you alluding to the "sortlist" directive?
Yes, that's what I was referring to.
> So the concern with returning an ordered RRset is that the set could be
> large:
Okay.
I assume that's opposed to returning small distinct / unique RR sets
with per client granularity.
> The intention is that each private site/network will have its own DNS
> server pair and that local recursors resolve all private zones from that
> local pair. So things like NS records would be in scope for the ordered
> RRset response. With more sites come more DNS pairs and therefore more
> NS records to be added to the RRset. Maybe I can limit a RRset response
> to the first X number of entries?
Hum.
With this description in mind, I'd be tempted to do something with the
anycast methodology that was recently discussed. Return one small RRset
that references the fixed set of any cast NS IPs. Then routing at each
site will get clients to the local instance of those anycasted IPs.
This would probably scale a lot better.
> Thanks
:-)
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220515/e67ed462/attachment-0001.bin>
More information about the bind-users
mailing list