On Tue, 30 Jul 2019, Paul Ebersman wrote:
> dmahoney> I'd be fine with this data ONLY living on the master, but
> dmahoney> having it survive things like named-compilezone or rndc
> dmahoney> freeze/thaw, or the slew of DDNS updates that things like ACME
> dmahoney> DNS-01 requires.
>
> dmahon
dmahoney> I'd be fine with this data ONLY living on the master, but
dmahoney> having it survive things like named-compilezone or rndc
dmahoney> freeze/thaw, or the slew of DDNS updates that things like ACME
dmahoney> DNS-01 requires.
dmahoney> Effectively, this would be an internal-only DNS record
rharolde> If you are looking at putting it outside the zone, it occurs
rharolde> to me that any of the IPAM solutions have a database where you
rharolde> can attach information to records, zones, IP addresses,
rharolde> etc. Even Active Directory can probably do that.
"Buy a commercial IPAM" isn't
On Tue, Jul 30, 2019 at 4:16 PM Paul Ebersman wrote:
> ebersman> Actually, I think this moves your goal nicely. If we could
> ebersman> have things marked as "not zone data, sensitive" and dealt
> ebersman> with only over a covert channel after various auth/acl checks
> ebersman> are done, it wou
ebersman> Actually, I think this moves your goal nicely. If we could
ebersman> have things marked as "not zone data, sensitive" and dealt
ebersman> with only over a covert channel after various auth/acl checks
ebersman> are done, it would be easy enough to have metadata that won't
ebersman> leak.
On Tue, 30 Jul 2019, Paul Ebersman wrote:
> I was also one of those folks that put things in txt zone files for
> years. My whole IP address management was comments in the in-addr.arpa
> zones. While I went to dynamic zones to make DNSSEC easy and lost that,
> I still see value in things that s
I was also one of those folks that put things in txt zone files for
years. My whole IP address management was comments in the in-addr.arpa
zones. While I went to dynamic zones to make DNSSEC easy and lost that,
I still see value in things that should be attachable to a zone but not
zone data and no
On Thu, 25 Jul 2019, Paul Ebersman wrote:
> olafur> My suggestion is to take a step back and say we have outgrown
> olafur> AXFR and we need better mechanism to sync various servers.
>
> olafur> Lets start work on a new "SYNC Name servers" protocol that can
> olafur> meet modern requirements
>
The below might be of interest to some people on this list
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: http