[dns-operations] DNS version request
Tony Finch
dot at dotat.at
Wed Nov 21 19:43:14 UTC 2018
Dave Lawrence <tale at dd.org> wrote:
>
> And in the case of CHAOS class queries like version.bind, they're also
> handled local to the responding server. While I won't make the bold
> claim that there's no DNS server software out there that might forward
> them to some other server, the ones I know of just handle it in a
> separate path that never sees forwarding or recursing.
OK, I thought it might be a laugh to see if I could make BIND forward
CHAOS queries, but no dice: if I configure the zone as static-stub,
queries are flatly refused, and if I configure it to forward it gets a bit
further but SERVFAILs when recursing. Sadface.
view bind chaos {
notify no;
allow-new-zones no;
allow-query { localhost; localnets; };
rate-limit {
responses-per-second 3;
slip 0;
min-table-size 10;
};
zone version.bind chaos {
type forward;
forwarders { 131.111.8.42; };
};
};
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
a world in which all people share the same basic rights
More information about the dns-operations
mailing list