Re: How to configure a webhop with BIND?

2009-05-30 Thread Gregory Hicks 

> Date: Sat, 30 May 2009 07:57:16 +0200
> From: Saša Stupar 
> 
> I use BIND as a local DNS server for 200 users. Now I am in situation
> that I need to use a webhop since I need to change listening port on
> apache to other than 80 ( I have another application which need to
> use only port 80).
>
> How do I configure webhop for my eg. local.domain to
> local.domain:10080?

This isn't a bind problem but an HTTP problem.

Your application that only can use port 80 is going to have to get some 
'smarts' so that if the remote host is a port 80 client, to go ahead and 
process commands.

If the remote host is a port 10080 client, then your port 80 app is 
going to have to issue an HTTP redirect to port 10080.

Regards,
Gregory Hicks

-
Gregory Hicks   | Principal Systems Engineer
| Direct:   408.569.7928

People sleep peaceably in their beds at night only because rough men
stand ready to do violence on their behalf -- George Orwell

The price of freedom is eternal vigilance.  -- Thomas Jefferson

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: do I have this wrong?

2009-05-30 Thread Chris Buxton 

On May 29, 2009, at 11:47 AM, Maria Iano wrote:
If I should not be sending this to this list please let me know.  
Please let me know if you think I have this wrong:


Bare Minimum to be considered a usable DNS server (under limited  
conditions):


When a zone is configured locally as a master or slave zone, only  
hand out data from the local configuration. Do not accept records in  
that zone into the cache that come from another server. Never hand  
out data in that zone received from another server.


Desired Behavior to be considered a good working DNS server:

In addition to the above:

When a zone is configured locally as a stub zone, only accept into  
cache records in that zone from the zone's name servers as  
configured in the stub zone. Never hand out data from that zone  
unless it was received from one of the zone's name servers.


When a zone is configured locally as a forward zone, only accept  
records in that zone into the cache that come from the servers to  
which the zone was specified to be forwarded. Never hand out data  
from that zone unless it was received from one of the forwarders.



That doesn't sound too far off the mark to me, except for the bit  
about stub zones. The server needs to be able to follow referrals out  
of that zone, to subzones.


Remember that stub zones and forward zones actually affect the  
resolver's behavior for domains, not just zones. (A domain = a zone +  
all delegated subdomains.)


The rules you present are (a) a rule about preferring authoritative  
data to cached data, and (b) two rules that form part of the basic  
credibility tests of a resolving name server. More complete and formal  
versions of the rules for these situations exist in the RFC's.


Chris Buxton
Professional Services
Men & Mice

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users