Date: Thu, 23 Aug 2001 10:59:29 -0700 (PDT) From: Matt Dillon <dillon@earth.backplane.com> To: Chris Dillon <cdillon@wolves.k12.mo.us> Cc: "Andrey A. Chernov" <ache@nagual.pp.ru>, Brian Somers <brian@Awfulhak.org>, Jun Kuriyama <kuriyama@FreeBSD.ORG>, <cvs-committers@FreeBSD.ORG>, <cvs-all@FreeBSD.ORG>, <brian@freebsd-services.com> Subject: Re: cvs commit: src/etc/defaults rc.conf src/etc/mtree BSD.var.dist src/etc/namedb named.conf Message-ID: <200108231759.f7NHxTH88202@earth.backplane.com> References: <Pine.BSF.4.32.0108231248590.77439-100000@mail.wolves.k12.mo.us>
next in thread | previous in thread | raw e-mail | index | archive | help
:Just thought of something... Correct me if I'm wrong, but named only
:needs to bind to an interface that it will receive queries on, right?
:How many cases (a handful?) will we have where the dynamic interface
:that BIND will not be able to attach to in a sandbox is the one where
:queries will be coming in on? BIND can still make outgoing queries on
:any interface wether it is bound to it or not, right? I think that
:would significantly lessen the number of people we think this is going
:to affect.
:
:--
: Chris Dillon - cdillon@wolves.k12.mo.us - cdillon@inter-linc.net
Yes, you are absolutely correct. If the 'query-source address * port 53;'
option is not set, then named can certainly make outgoing (recursive)
queries on any interface.
The real issue with dynamic interfaces is with incoming queries - if
named is acting as a server.
This was a good opint to bring up, Chris!
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108231759.f7NHxTH88202>