Reload only ACL
alijawad1 at gmail.com
Tue Apr 26 14:22:20 UTC 2016
I did have a look at
http://www.zytrax.com/books/dns/ch7/rpz.html#policy-client-ip-trigger , and
while in theory it can be used in a way similar to ACL I cant see how it
accommodates for faster changes, would you please elaborate ?
On Tue, Apr 26, 2016 at 4:46 PM, Bob Harold <rharolde at umich.edu> wrote:
> On Mon, Apr 25, 2016 at 5:30 PM, Carl Byington <carl at byington.org> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA512
>> On Mon, 2016-04-25 at 23:23 +0300, Ali Jawad wrote:
>> > based on a user tool the users "hundreds in corporate environment" get
>> > either public or private zone,
>> Rather than the tool writing an ACL for bind, can the tool instead
>> reconfigure the user's local workstation dns settings to point to one of
>> two different (sets of) bind servers? One serves the public zone, one
>> serves the private zone.
> You might be able to use RPZ to give a list of users a different answer
> for certain queries, and that can be dynamically updated quickly, if I
> understand it correctly. That might work better than ACLs and views for a
> fast-changing list of users.
> Bob Harold
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> bind-users mailing list
> bind-users at lists.isc.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users