From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 1BC8E1381F3 for ; Tue, 23 Jul 2013 17:24:31 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 74094E09EC; Tue, 23 Jul 2013 17:24:25 +0000 (UTC) Received: from mail-la0-f50.google.com (mail-la0-f50.google.com [209.85.215.50]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 41310E09B3 for ; Tue, 23 Jul 2013 17:24:23 +0000 (UTC) Received: by mail-la0-f50.google.com with SMTP id ep20so6424111lab.9 for ; Tue, 23 Jul 2013 10:24:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:message-id:user-agent:in-reply-to:references :mime-version:content-transfer-encoding:content-type; bh=REkoKF5pkk1TX8TOVi4UiZF/CApq5XT55m/3Xn/Nnh0=; b=mpxaotHK7mCF47G3viF1IWBm6xD4evDXiCEoR8klAsCzSHw8mjs8ZuwUeLtowvBxVx R1JL3CRh7x+Dn8Vomlk1tVglqW0ESincnWFAjDkdwk2//MyH5obldYwAXU4XnMojUOL4 IilzDMvVd/0VHQjQ3js2LJ1f9+FzuvjMfYfcGRJigy844Ij71e0d/2nwHLbJndpU5H1t sVBnBibeYBpBL0UyiamOIcCEBCnVUV8VKH+eivnXNqYvVu0PDIYyLU7VvIlhAvSzCG2K nHV1nrmSAcNuRLlOoj5ArM2yDpUWmpZfUNMhP6Lr1H8aYI29bHLaLpbDXMdsD85eqjX/ 3Xwg== X-Received: by 10.112.182.42 with SMTP id eb10mr319259lbc.46.1374600262491; Tue, 23 Jul 2013 10:24:22 -0700 (PDT) Received: from melforce.localnet (melforce.xtsubasa.org. [2a02:578:5002:8062::2]) by mx.google.com with ESMTPSA id u1sm13464276lag.5.2013.07.23.10.24.20 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 23 Jul 2013 10:24:21 -0700 (PDT) From: Pavel Volkov To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Make BIND inject queries Date: Tue, 23 Jul 2013 21:24:19 +0400 Message-ID: <1998644.gJpNEbiNxq@melforce> User-Agent: KMail/4.10.5 (Linux/3.9.6-gentoomelf; KDE/4.10.5; x86_64; ; ) In-Reply-To: <51EE3E0F.1080302@gmail.com> References: <51EE3E0F.1080302@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Archives-Salt: f6f342fa-4e51-414f-b679-04bf04d40a30 X-Archives-Hash: 7b3ee24accc6351b391bdee2d428c837 On Tuesday 23 July 2013 10:25:51 Alan McKinnon wrote: > What you want to accomplish is cache-poisoning. There's a few ways to do > it, but it's not easy. > > You can load the customized copy of the zone onto the cache that your > internal hosts use, or set up an authoritative internal-only server. > > This stuff gets tricky, every time I have to investigate our setup that > does something similar, I need to work it out in my head all over again. > > The best advice I can give is DO NOT TRY AND ACCOMPLISH THIS WITH ONE > DNS AUTH SERVER THAT SERVES INTERNAL AND EXTERNAL CLIENT. That way lies > a whole lotta pain. I see. This is a trivial feature in Dnsmasq (that's where I got the idea from), didn't except it to be this complicated in BIND.