Hi Bob I did have a look at http://www.zytrax.com/books/dns/ch7/rpz.html#policy-client-ip-trigger , and while in theory it can be used in a way similar to ACL I cant see how it accommodates for faster changes, would you please elaborate ?
On Tue, Apr 26, 2016 at 4:46 PM, Bob Harold <rharo...@umich.edu> wrote: > > On Mon, Apr 25, 2016 at 5:30 PM, Carl Byington <c...@byington.org> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> On Mon, 2016-04-25 at 23:23 +0300, Ali Jawad wrote: >> > based on a user tool the users "hundreds in corporate environment" get >> > either public or private zone, >> >> Rather than the tool writing an ACL for bind, can the tool instead >> reconfigure the user's local workstation dns settings to point to one of >> two different (sets of) bind servers? One serves the public zone, one >> serves the private zone. >> >> >> > You might be able to use RPZ to give a list of users a different answer > for certain queries, and that can be dynamically updated quickly, if I > understand it correctly. That might work better than ACLs and views for a > fast-changing list of users. > > -- > Bob Harold > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users