This is a discussion on Re: DDNS and Hidden Master == Brain-Damaged - DNS ; John Hascall wrote: >>>>>And how do I make ISC DHCP do that? >>>> >>>>use a non-trash MNAME in the dns view seen by your dhcp server and >>>>clients. >>> >>>It is "non-trash" by any sane definition. > > >>then make ...
John Hascall wrote:
>>>>>And how do I make ISC DHCP do that?
>>>>use a non-trash MNAME in the dns view seen by your dhcp server and
>>>It is "non-trash" by any sane definition.
>>then make it non-trash by some insane definition. for example, make it
>>match one of the NS.NSDNAME's, according to the "dns view" seen by your
>>dhcp population. if you want your master hidden, then make sure that the
>>non-dhcp-population sees some other SOA and NS for that zone. no problem.
> I would have to agree that a hidden master that is seen
> by all your dhcp clients is an insane definition of hidden.
> I think a far better solution for me is to lobotomize
> that section of code in dhcpd.
As someone about to hide our hidden master, it sounds like the best
solution will be to make the SOA record *not* the hidden master, but
instead a public DNS server, and then it's by all means... hidden.
Does that break anything else?
Of course, we don't use DDNS, so I just chuck all update logs and don't
worry about it, but...
Phil Dibowitz firstname.lastname@example.org
Freeware and Technical Pages Insanity Palace of Metallica
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
- Benjamin Franklin, 1759
-- Attached file included as plaintext by Ecartis --
-- File: signature.asc
-- Desc: OpenPGP digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----