[dns-operations] BIND9 and ADNS
Lyle Giese
lyle at lcrcomputer.net
Mon Feb 26 23:01:04 UTC 2024
My understanding of DNS protocols and the end user's OS is that it is
programmed with 2 or 3(usually) recursive DNS servers to query for all
of the end user's needs. And that the recursive DNS follows the trail of
DNS to find the answer the end user needs. In which case the end users
ip address is never going to hit or ask your load balancer any questions.
The only way I can think of is to segregate those that need to query for
that sub-zone by the recursive DNS server they are allowed to use and
give that subset of recursive DNS servers that ability to query that
sub-zone.
Lyle Giese
On 2/26/24 15:09, daniel majela wrote:
> Hey guys.I have "n" DNS servers on the network.I would like to
> configure a sub-zone that I will not publish on the network.Example
> would be:example.com.br <http://example.com.br> and my subzone would
> be gslb.exemplo.com.br <http://gslb.exemplo.com.br>.On the server that
> owns the gslb.exemplo.com.br <http://gslb.exemplo.com.br> sub-zone,
> which is an ADNS balancer, I will add some targeting policies based on
> the origin IP.The problem is that the IP address that calls gslb is
> the server that owns the example.com.br <http://example.com.br> zone
> and not the user's IP address and this way the policy will not work.I
> need the IP of the user's revolver to reach my ADNS and not the IP of
> the Resolver that owns exemplification.com.br
> <http://exemplification.com.br>.If anyone has a tip and if there is a
> solution, I would appreciate it.
>
>
>
> --
> Daniel Majela Galvão
> http://br.linkedin.com/pub/daniel-souza/6/1b1/774
>
> (55-012) - 9-8201-9885
> (55-012) - 9-9761-1511
> (55-012) - 32076909
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20240226/6e101176/attachment.html>
More information about the dns-operations
mailing list