[dns-operations] DNS version request
Mukund Sivaraman
muks at mukund.org
Wed Nov 21 21:18:15 UTC 2018
On Wed, Nov 21, 2018 at 07:43:14PM +0000, Tony Finch wrote:
> Dave Lawrence <tale at dd.org> wrote:
> >
> > And in the case of CHAOS class queries like version.bind, they're also
> > handled local to the responding server. While I won't make the bold
> > claim that there's no DNS server software out there that might forward
> > them to some other server, the ones I know of just handle it in a
> > separate path that never sees forwarding or recursing.
>
> OK, I thought it might be a laugh to see if I could make BIND forward
> CHAOS queries, but no dice: if I configure the zone as static-stub,
> queries are flatly refused, and if I configure it to forward it gets a bit
> further but SERVFAILs when recursing. Sadface.
>
> view bind chaos {
> notify no;
> allow-new-zones no;
> allow-query { localhost; localnets; };
>
> rate-limit {
> responses-per-second 3;
> slip 0;
> min-table-size 10;
> };
>
> zone version.bind chaos {
> type forward;
Try: forward only;
> forwarders { 131.111.8.42; };
> };
> };
Mukund
More information about the dns-operations
mailing list