[Dnsmasq-discuss] make synth-domain a authoritative response

Markus Hartung mail at hartmark.se
Thu Mar 15 23:00:08 GMT 2018


On 2018-03-15 17:14, Simon Kelley wrote:
> Is it a bug if it fulfils the specification? :-)
> The section of the man page on AUTHORITATIVE CONFIGURATION lists all the
> sources of data for an auth zone, and it doesn't include synth-domain.
> So there's no bug :)
>
> The main reason that synth-domain is not included is that it makes doing
> domain-transfer difficult. That sends every record in the domain to a
> secondary server, and synth-domain  would rapdily balloon into a LOT of
> records (especially in IPv6-land).
>
> Cheers,
>
> Simon.

I see. It seems to have missed that part in the documentation. Didn't 
think of domain-transfers, but I guess you're right that it won't be 
possible to have IPv6 and synth-domain transferred.

So I agree it's not a bug ;)

I guess I have to live with that the reverse-dns name will be unknown 
when doing for example a "last -da" on a remote system that you have 
connected to.

One option would be to allow reverse lookups to get the synth-domain 
name but that it won't be forward-lookup:able, so we won't get the issue 
with having hostnames that we can't zone-transfer.

When connecting to my local server from my phone I always get this 
reverse-hostname for my IPv6-address on cell network. 
"m-ipv6.cust.tele2.se", so I guess it's "allowed" for a ip to resolve to 
a hostname and have that hostname resolve to NXDOMAIN

But then again I won't loose any sleep over this because my 
IPv6-addresses resolve properly locally on my network because queries 
from LAN gets the non-authoritative response.

Keep up the good work!

BR,
Harre



More information about the Dnsmasq-discuss mailing list