[dns-operations] DNS version request
Andrew Sullivan
ajs at anvilwalrusden.com
Wed Nov 21 21:23:53 UTC 2018
Yet More Evidence that classes should be deprecated, if you ask me :)
--
Please excuse my clumbsy thums
----------
On November 21, 2018 14:43:26 Tony Finch <dot at dotat.at> wrote:
> Dave Lawrence <tale at dd.org> wrote:
>>
>> And in the case of CHAOS class queries like version.bind, they're also
>> handled local to the responding server. While I won't make the bold
>> claim that there's no DNS server software out there that might forward
>> them to some other server, the ones I know of just handle it in a
>> separate path that never sees forwarding or recursing.
>
> OK, I thought it might be a laugh to see if I could make BIND forward
> CHAOS queries, but no dice: if I configure the zone as static-stub,
> queries are flatly refused, and if I configure it to forward it gets a bit
> further but SERVFAILs when recursing. Sadface.
>
> view bind chaos {
> notify no;
> allow-new-zones no;
> allow-query { localhost; localnets; };
>
> rate-limit {
> responses-per-second 3;
> slip 0;
> min-table-size 10;
> };
>
> zone version.bind chaos {
> type forward;
> forwarders { 131.111.8.42; };
> };
> };
>
> Tony.
> --
> f.anthony.n.finch <dot at dotat.at> http://dotat.at/
> a world in which all people share the same basic rights
More information about the dns-operations
mailing list