| From: | Dave Page <dpage(at)postgresql(dot)org> |
|---|---|
| To: | Stefan Kaltenbrunner <stefan(at)kaltenbrunner(dot)cc> |
| Cc: | Marc Fournier <scrappy(at)hub(dot)org>, pgsql-www(at)postgresql(dot)org |
| Subject: | Re: Hub.org DNS |
| Date: | 2006-12-11 12:21:59 |
| Message-ID: | 457D4D67.4040208@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
Stefan Kaltenbrunner wrote:
> Dave Page wrote:
>> Marc,
>>
>> Can you please confirm which of the hub.org DNS servers do and do not
>> allow recursion now, and if things are going to stay that way? We're
>> finding that some things appear to have broken recently, apparently
>> because they no longer have a suitable DNS server configured (rsync
>> access via hostname on svr4, email address validation on wwwmaster).
>
> That is probably the result of trying to tighten up security on the
> resolvers (iirc you even have been cc'd in those mails) a while ago
Yeah, I do remember it.
>> A quick test shows that ns, ns2 and ns4 are recursive, but ns3 is not
>> at present.
>
> well we should make sure that all our authoritative nameservers are NOT
> providing recursion to the world - so we need to find a way to restrict
> recursion to some limited hosts/ranges.
Or split the 4 into defined roles. Either way though, I'd like some
clarifcation on what the official strategy is so I can make sure the
vservers are all correct now, and bug him further if there are any
additional problems.
Regards, Dave.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2006-12-11 12:54:13 | Re: Hub.org DNS |
| Previous Message | Stefan Kaltenbrunner | 2006-12-11 12:18:48 | Re: Hub.org DNS |