DDNS and Hidden Master == Brain-Damaged

Phil Dibowitz phil at ipom.com
Thu Jan 27 07:41:00 UTC 2005

John Hascall wrote:
>>>>>And how do I make ISC DHCP do that?
>>>>use a non-trash MNAME in the dns view seen by your dhcp server and
>>>It is "non-trash" by any sane definition.
>>then make it non-trash by some insane definition.  for example, make it
>>match one of the NS.NSDNAME's, according to the "dns view" seen by your
>>dhcp population.  if you want your master hidden, then make sure that the
>>non-dhcp-population sees some other SOA and NS for that zone.  no problem.
> I would have to agree that a hidden master that is seen
> by all your dhcp clients is an insane definition of hidden.
> I think a far better solution for me is to lobotomize
> that section of code in dhcpd.
As someone about to hide our hidden master, it sounds like the best
solution will be to make the SOA record *not* the hidden master, but
instead a public DNS server, and then it's by all means... hidden.

Does that break anything else?

Of course, we don't use DDNS, so I just chuck all update logs and don't
worry about it, but...

Phil Dibowitz                             phil at ipom.com
Freeware and Technical Pages              Insanity Palace of Metallica
http://www.phildev.net/                   http://www.ipom.com/

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
  - Benjamin Franklin, 1759

-- Attached file included as plaintext by Ecartis --
-- File: signature.asc
-- Desc: OpenPGP digital signature

Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the bind-users mailing list