No subject
Matus UHLAR - fantomas
uhlar at fantomas.sk
Tue Feb 19 18:13:26 UTC 2019
On 19.02.19 09:45, Roberto Carna wrote:
>Dear Kevin, I am sorry but I didn't see your past response.
>
>Please can you show me with an example what you say: "Define root zone.
>Delegate teamviewer.com from root. Define teamviewer.com as 'type forward'".
>
>An also what is the benefit in defining a root zone with the teamviewer.com
>delegated into it??? Because I put to work this zone just as a forward
>zone, without a root zone definition.
the benefit is it does exactly what you want.
the "teamviewer.com" zone of type forward causes DNS resolution of teamviewer.com
domain.
the root zone effectively disables everything else (because bind thinks
nothing else exists).
>El lun., 18 feb. 2019 a las 17:00, Kevin Darcy (<kevin.darcy at fcagroup.com>)
>escribió:
>
>> I've already posted a solution for this. Basically, "Define root zone.
>> Delegate teamviewer.com from root zone. Define teamviewer.com as 'type
>> forward'".
>>
>> "Recursion yes" is implied. No views necessary. It doesn't make any sense
>> anyway, to have the same match-clients list for all of one's views, since
>> the first one matched is the one that's used.
>>
>> Did you not see my response, or did you perhaps dislike the approach I
>> suggested?
>>
>> There was some subsequent discussion about not relying on DNS resolution
>> as one's *only* control over what sites one's clients can or cannot access.
>> While I agree with that, my position is that there's nothing wrong with
>> controlling DNS resolution, in addition to other controls.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use it !
More information about the bind-users
mailing list