Unless the goal is to move all DNS services off that subnet. Our network
staff would love to reclaim the /24 our DNS servers are tying up with very
little else on it wasting 250 addresses.
I'm not sure I'm describing a properly configured anycast environment
well. Since in anycast the client
On 07/01/14 14.16, Bob McDonald wrote:
Unless the goal is to move all DNS services off that subnet. Our
network
staff would love to reclaim the /24 our DNS servers are tying up
with very
little else on it wasting 250 addresses.
I'm not sure I'm describing a properly configured anycast
From: Nicolas C. b...@nryc.fr
Or really mess with them and answer all A queries with 199.181.132.249
It's not a bad idea. I could wildcard all requests to an internal HTTP
server saying that the DNS configuration of the client is deprecated.
But that's not as much fun as sending them
Of course, anycast would have solved this issue by allowing one to
add/remove a server from a properly configured environment without
affecting the clients...
On 03/01/2014 18:00, wbr...@e1b.org wrote:
From: Mark Andrews ma...@isc.org
After that specify a final date for them to fix their
From: Bob McDonald bmcdonal...@gmail.com
Of course, anycast would have solved this issue by allowing one to
add/remove a server from a properly configured environment without
affecting the clients...
Unless the goal is to move all DNS services off that subnet. Our network
staff would love
On 04-Jan-14 14:58, Nicolas C. wrote:
On 03/01/2014 18:00, wbr...@e1b.org wrote:
From: Mark Andrews ma...@isc.org
After that specify a final date for them to fix their machines by
after which you will send NXDOMAIN responses. Sometimes sending a
poisoned reponse is the only way to get
On 05/01/2014 13:25, Timothe Litt wrote:
To get people's attention, NXDOMAIN to www.* queries is often reasonably
Interesting idea; implemented how?
It may be better to simply alias (if necessary, route) the old IP
Piece of advice for anyone not already doing this; when you deploy
You might also make a list of those who use the old server, send a
message (assuming the management system allows identification) that the
service goes down at a specific date in e.g. a month from that date. And
then remove it. Threats are not much worth if the are not followed through.
The point
On 05/01/2014 18:17, Sten Carlsen wrote:
You might also make a list of those who use the old server, send a
message (assuming the management system allows identification) that
the service goes down at a specific date in e.g. a month from that
date. And then remove it. Threats are not much worth
On 05/01/14 21.55, Nicolas C. wrote:
As I said in my original request : I did the query logging / warning
but it had no effect.
I could hold them at gunpoint until they change their configuration
but we have strict gun laws in France :)
Personally I would cut off access for all that is
On 03/01/2014 18:00, wbr...@e1b.org wrote:
From: Mark Andrews ma...@isc.org
After that specify a final date for them to fix their machines by
after which you will send NXDOMAIN responses. Sometimes sending a
poisoned reponse is the only way to get peoples attention.
zone . {
type master;
From: Mark Andrews ma...@isc.org
After that specify a final date for them to fix their machines by
after which you will send NXDOMAIN responses. Sometimes sending a
poisoned reponse is the only way to get peoples attention.
zone . {
type master;
file empty;
};
empty:
@ 0 IN SOA
Hello,
Is it possible to make bind answering slowly to requests ?
Here is the context : we installed new DNS servers but some clients with
static IP configuration are still using the old ones.
We enabled queries logging to track the badly-configured workstations
and warned the persons but
In message 52c5e922.6030...@nryc.fr, Nicolas C. writes:
Hello,
Is it possible to make bind answering slowly to requests ?
Here is the context : we installed new DNS servers but some clients with
static IP configuration are still using the old ones.
We enabled queries logging to track
14 matches
Mail list logo