BIND 8.2.4 vulnerability scope
Mike Mitchell
Mike.Mitchell at sas.com
Thu Jan 4 14:52:34 UTC 2007
I have many multi-homed devices with various speed links.
The links may even be down at any point in time.
The admins of the devices like to use one name to reference
all of the IP addresses. They use that one name to access
the device. When using round-robin or cyclic, often the
non-optimal IP address is returned first in the order
and the connection is slow or the connection times out.
The correct place to address this problem is in the resolver,
but my group does not have administration authority over
the clients.
Our use of BIND goes back over 20 years, and we have a lot
of inertia/company culture to overcome. At this point we're
dependent on 'rrset-order fixed'. That was a requirement
when we switched from BIND 4 to BIND 8, and it's still a
requirement today.
Mike Mitchell
SAS Institute Inc.
Mike.Mitchell at sas.com
(919) 531-6793
-----Original Message-----
From: bert hubert [mailto:bert.hubert at netherlabs.nl]
Sent: Thursday, January 04, 2007 8:06 AM
To: Mike Mitchell
Cc: bind-users at isc.org
Subject: Re: BIND 8.2.4 vulnerability scope
On Wed, Jan 03, 2007 at 10:09:59AM -0500, Mike Mitchell wrote:
> If you require 'rrset-order fixed;', like I do, then you're
> stuck with BIND 8 until an official release of BIND 9.4.
> I use BIND 8.4.7, released in December of 2005.
Can you disclose which application/use requires rrset-order fixed?
Bert
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the bind-users
mailing list