Is there such a piece of software around as an auto-secondarying DNS daemon? Basically, I envisage something that I can give a list of trusted IP addresses to, that'll receive NOTIFY messages from servers in that list, and AXFR and start serving the NOTIFYd zone, after that operating on a SOA serial number basis as per RFC 1996. If there's not such a thing, (apt-cache and google both suggest there isn't) then I might take a shot at writing one, in which case I need to think more carefully about the security aspects of it, particularly if two trusted machines both try to notify the same zone... At this point I can't see any particularly good method except first-come first-served... Consulting the DNS level above the supplied zone won't work if the master is not visible to the public DNS, unless the software is specified to always AXFR from the master server defined in the SOA retreived by a regular DNS zone check, rather than from the source of the notify. Or maybe ask all the listed NS servers for that zone that aren't us for a SOA, and take the highest. Anyway, the best solution would be someone's already solved this problem, and it's in Google under some obscure set of keywords. Well, it would be even better if it was a package in Debian that I've overlooked... -- ----------------------------------------------------------- Paul "TBBle" Hampson, B.Sc, LPI, MCSE On-hiatus Asian Studies student, ANU The Boss, Bubblesworth Pty Ltd (ABN: 51 095 284 361) Paul.Hampson@Pobox.Com Of course Pacman didn't influence us as kids. If it did, we'd be running around in darkened rooms, popping pills and listening to repetitive music. -- Kristian Wilson, Nintendo, Inc, 1989 License: http://creativecommons.org/licenses/by/2.1/au/ -----------------------------------------------------------
Attachment:
pgpa3QbQCr5mk.pgp
Description: PGP signature