From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from eyas.biff.org.uk (eyas.biff.org.uk [IPv6:2001:41c8:1:519c::20]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by huchra.bufferbloat.net (Postfix) with ESMTPS id B9AB92021A8 for ; Mon, 22 Apr 2013 01:31:45 -0700 (PDT) Received: from cpc11-cmbg17-2-0-cust618.5-4.cable.virginmedia.com ([86.30.118.107]:47570 helo=central.thekelleys.org.uk) by eyas.biff.org.uk with esmtpsa (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1UUCA3-0000Ge-49; Mon, 22 Apr 2013 09:31:43 +0100 Received: from spike.thekelleys.org.uk ([192.168.0.193]) by central.thekelleys.org.uk with esmtpa (Exim 4.72) (envelope-from ) id 1UUCA2-00073b-J3; Mon, 22 Apr 2013 09:31:42 +0100 Message-ID: <5174F559.5030409@thekelleys.org.uk> Date: Mon, 22 Apr 2013 09:31:21 +0100 From: Simon Kelley User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.16) Gecko/20120726 Icedove/3.0.11 MIME-Version: 1.0 To: Dave Taht References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: cerowrt-devel@lists.bufferbloat.net Subject: Re: [Cerowrt-devel] dnsmasq 2.66 rel notes X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Apr 2013 08:31:46 -0000 On 20/04/13 10:12, Dave Taht wrote: > I have not tried to use all the new stuff in dnsmasq 2.66 as yet, but I figure > that cero's users are not aware of new capability #1 here - there is also some > support for filtering out A records and yet publishing AAAA records in > the public DNS, also. > > Anyway, current release of cero has a beta of 2.66, next release will > have the final, and if anyone can clue me up on how to safely open up port > 53 again, have a NS delegation, and do the AAAA thing, that would be cool. There's a section in the man page "AUTHORITATIVE CONFIGURATION" that gives a walk through, starting simple and moving on to more complex setups with secondaries and zone transfer. > > (reverse lookups work?) > Yep, but not for zone transfers, so you can't have a secondary for your ipv6.arpa. domain. srk@spike$ dig @8.8.8.8 aaaa spike.lan.thekelleys.org.uk ; <<>> DiG 9.7.3 <<>> @8.8.8.8 aaaa spike.lan.thekelleys.org.uk ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50734 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;spike.lan.thekelleys.org.uk. IN AAAA ;; ANSWER SECTION: spike.lan.thekelleys.org.uk. 600 IN AAAA 2a01:348:29f::100 ;; Query time: 119 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon Apr 22 09:29:14 2013 ;; MSG SIZE rcvd: 73 srk@spike:$ dig @8.8.8.8 -x 2a01:348:29f::100 ; <<>> DiG 9.7.3 <<>> @8.8.8.8 -x 2a01:348:29f::100 ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29329 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.9.2.0.8.4.3.0.1.0.a.2.ip6.arpa. IN PTR ;; ANSWER SECTION: 0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.9.2.0.8.4.3.0.1.0.a.2.ip6.arpa. 337 IN PTR spike.lan.thekelleys.org.uk. ;; Query time: 29 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon Apr 22 09:29:50 2013 ;; MSG SIZE rcvd: 131 Cheers, Simon.