nanog mailing list archives
Re: address spoofing
From: Phil Howard <phil () whistler intur net>
Date: Sun, 25 Apr 1999 02:27:38 -0500 (CDT)
Andrew Brown wrote:
If BIND could be modified to deliver different results depending on the source of the request, or it's interface, then it might become easy for people to setup DNS to avoid this.not running a current bind, eh? :P the 8.x.x series bind dynamically picks up and drops interfaces as they appear and disappear, and can be told on which interfaces to listen. so...you can actually have a publicly available, non-recursive name server to answer the queries for the zones for which you need to be authoritative on the interface(s) to which those zones are delegated. then, you can have (if you want) another bind listening on other interfaces for other stuff. like the "internal dns" server that you mentioned. or maybe a recursive, caching-only server that listens only on 127.0.0.1. of course...they can speak to each other if need be. :)
I tried 2 instances of BIND and they didn't work right. One functioned and the other played dead (very dead ... as in the process blocked and would not wake up). One needs 2 separate machines to get it to actually work right (times the amount of redundancy desired). If you know the magic to make it work right, I'd sure like to know. Maybe some kind of lock somewhere? -- Phil Howard KA9WGN phil () intur net phil () ipal net
Current thread:
- Re: address spoofing, (continued)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Alex Bligh (Apr 22)
- Re: address spoofing Phil Howard (Apr 22)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Phillip Vandry (Apr 23)
- Re: address spoofing Greg A. Woods (Apr 23)
- Re: address spoofing Phil Howard (Apr 23)
- Re: address spoofing Bryan Bradsby (Apr 23)
- Re: address spoofing Phil Howard (Apr 23)
- Re: address spoofing Andrew Brown (Apr 23)
- Re: address spoofing Phil Howard (Apr 25)
- Re: address spoofing sthaug (Apr 25)
- Re: address spoofing Andrew Brown (Apr 25)
- RE: address spoofing Roeland M.J. Meyer (Apr 26)
- Re: address spoofing Phil Howard (Apr 22)
- Re: address spoofing Greg A. Woods (Apr 24)
- Re: address spoofing Phil Howard (Apr 25)
- Re: address spoofing alex (Apr 25)
- Re: address spoofing Phil Howard (Apr 25)
- Re: address spoofing Daniel Senie (Apr 25)
- Re: address spoofing Phil Howard (Apr 25)
- Re: address spoofing Greg A. Woods (Apr 25)