you haven’t mentioned your firewall or router config between the private
corporate network and the public internet (or I missed it).
Cisco firewalls and I bet others too, have a very interesting and powerful
capability – to examine and edit/change packet data (payload data) on the fly
in real-t
Hi Nick.
First question, does the internal zone *have* to keep the same name? As has
been said already, this is a fairly common setup done by people a long time
ago who usually didn't think through the consequences of their actions.
What follows assumes you could change the name of the internal zon
* That sounds like a sadly normal implementation but yes you can do better
* Views is a good place to look https://kb.isc.org/docs/aa-00851
* Make sure to investigate how the company VPN services handle DNS as it
may surprise you
On Fri, Nov 3, 2023 at 9:52 AM Nick Howitt via bind-users <
bind-use
Am 04.11.2023 um 19:41:44 Uhr schrieb Nick Howitt via bind-users:
> Thanks for the reply. Interesting.
> Option A - It works but I would like to stop maintaining two
> different servers with the same data.
> Option B - I have no chance of getting the company to agree to IPv6.
Then you are in a st
Unfortunately, redesigning the internal zone is way beyond the scope of
what I can do, but thanks for the info.
On 04/11/2023 13:40, Greg Choules wrote:
Hi Nick.
First question, does the internal zone *have* to keep the same name?
As has been said already, this is a fairly common setup done by
As on other replies, a different internal zone is a huge project for the
company, not a quick win, unfortunately.
On 04/11/2023 08:55, Michael Richardson wrote:
Given VPNs, RemoteAccess and the like, I strongly recommend against split-DNS
configurations. They were great ideas in 1993, when all
Thanks for the reply. Interesting.
Option A - It works but I would like to stop maintaining two different
servers with the same data.
Option B - I have no chance of getting the company to agree to IPv6.
Option C - From your summary, does not appear to remove the requirement
to maintain the data
Hi!
In
https://bind9.readthedocs.io/en/v9.18.19/dnssec-guide.html
there's a link to
https://stats.research.icann.org/dns/tld_report/
which is no longer valid. New data seems to be here:
https://ithi.research.icann.org/
ITHI == idenitifier technologies health indicators
how many TL
Given VPNs, RemoteAccess and the like, I strongly recommend against split-DNS
configurations. They were great ideas in 1993, when all sites were concave,
but that's just not the case anymore.
Instead, I recommend having a sub-zone, "internal.example.com", or some other
convenient name. Put a zo
It means something in your network sent a query containing the literal URL
below. The message is just misleading - the resolver tries to do QNAME
minimization on it, it fails, switches to full name which ends with NXDOMAIN
from root.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and yo
People accidentally enter urls as domain names into tools.
https://app-measurement.com/sdk-exp/A is
a legal, but unusual, domain name consisting of 3 labels
'https://app-measurement’, 'com/sdk-exp/A’ and ‘.’.
Mark
> On 4 Nov 2023, at 13:29, Nick Tait via bind-users
> wrote:
>
> Hi J.
>
> I
11 matches
Mail list logo