Hi,
On Mon, 5 Dec 2022, Matthijs Mekking wrote:
'parental-agents' work the same as 'primaries'. It only supports addresses.
Listing them as domain names would technically be possible to implement, but
it requires an authoritative server to act as an resolver. Adding resolver
code to the path of an authoritative server is like crossing the streams. It
adds security risks that are unnecessary for an authoritative server, so I'd
rather not add such functionality.
This made me curious: Is there some design rule forbidding bind to use the
system resolver to resolve names it does not know about? I.e. why does it
not query any resolvers in /etc/resolv.conf (probably via some system
interface - sry, I have no idea, how "normal" programs resolve names) if
it encounters an unknown name at a place where only an ip address is
allowed so far?
That being said: I'm not saying, it *should* do so, I'm merely curious,
why it does not. :-)
Best regards,
Matthijs
regards,
Erich
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users