[Dnsmasq-discuss] make synth-domain a authoritative response
Markus Hartung
mail at hartmark.se
Thu Mar 15 23:00:08 GMT 2018
On 2018-03-15 17:14, Simon Kelley wrote:
> Is it a bug if it fulfils the specification? :-)
> The section of the man page on AUTHORITATIVE CONFIGURATION lists all the
> sources of data for an auth zone, and it doesn't include synth-domain.
> So there's no bug :)
>
> The main reason that synth-domain is not included is that it makes doing
> domain-transfer difficult. That sends every record in the domain to a
> secondary server, and synth-domain would rapdily balloon into a LOT of
> records (especially in IPv6-land).
>
> Cheers,
>
> Simon.
I see. It seems to have missed that part in the documentation. Didn't
think of domain-transfers, but I guess you're right that it won't be
possible to have IPv6 and synth-domain transferred.
So I agree it's not a bug ;)
I guess I have to live with that the reverse-dns name will be unknown
when doing for example a "last -da" on a remote system that you have
connected to.
One option would be to allow reverse lookups to get the synth-domain
name but that it won't be forward-lookup:able, so we won't get the issue
with having hostnames that we can't zone-transfer.
When connecting to my local server from my phone I always get this
reverse-hostname for my IPv6-address on cell network.
"m-ipv6.cust.tele2.se", so I guess it's "allowed" for a ip to resolve to
a hostname and have that hostname resolve to NXDOMAIN
But then again I won't loose any sleep over this because my
IPv6-addresses resolve properly locally on my network because queries
from LAN gets the non-authoritative response.
Keep up the good work!
BR,
Harre
More information about the Dnsmasq-discuss
mailing list