| |||||||||||||
|
| |||||||||||||
DDNS and IXFR?DDNS and IXFR?Posted Jan 20, 2003 9:11 UTC (Mon) by hensema (guest, #980)Parent article: A couple of alternative DNS servers Do these servers support Dynamic updates and incremental zone transfers? It's a feature of bind I can't live without because I'm using ISC DHCPD 3.0 which supports dynamic DNS updates. I also use IPv6 and DNAME records (to simplify the administration of my reverses). AFAIK bind is still the only DNS to support this. And since it's running safely in a chroot jail as an unpriviliged user, I don't worry about security ;-)
(Log in to post comments)
DDNS and IXFR? Posted Jan 20, 2003 17:21 UTC (Mon) by edstoner (guest, #4496) [Link] Oak supports Dynamic updates. It doesn't support incremental zone transfers yet, but should in a week or two.Oak supports AAAA records but doesn't support A6 or DNAME because the IETF has downgraded them to experimental and recommended that people don't use them (that's my understanding anyway). Oak runs as an unpriviliged user by default and it should be fairly easy to run it in a chroot jail. These things are good at protecting the system the server is running on, but don't help at all in protecting the data in the running DNS server. Not having the cache poisoned and not having someone rewrite the zone data so that all of your server's names point to their machines can be just as important as not letting them be root on the host machine. In other words, the code in the DNS Server still needs to secure, no matter how secure the system it's running on is.
|
|
||||||||||||