Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Using avahi to publish IPV6 DNSservers - Security?
Special Forums UNIX and Linux Applications Using avahi to publish IPV6 DNSservers - Security? Post 302969187 by darktux on Saturday 19th of March 2016 10:02:47 AM
Old 03-19-2016
[Solved] Using avahi to publish IPV6 DNSservers - Security?
Hello,

we use here internal avahi to publish IPV6 DNSservers. It was the easiest way for us to use the service with radvd. Here is the part from the avahiconf:
publish-dns-servers=IPV6adress-dns-server
This works really fine. But my problem is the security. When you have this config for example in an public locaten. Some go here and broadcast his own dnsserver.

There is some file "/etc/mdns.allow". Here can you set domainnames. But this is only "from this client". For example: "tux.at"
When this is set, only client in the avahi-domain "tux.at" are dissolvable.

But what I would like to know is, is there a place on the client where i can set the IPadress of the server that is allowed to publish his dnsservers?

Thanks for help
Best Regards
Last edited by darktux; 04-22-2016 at 05:32 PM..
 

5 More Discussions You Might Find Interesting

1. Programming

Unable to publish data

Hi All, In my application, we are using Publish/subscribe model implemented in JAVA and when I implemented it on windows to windows os,it is working fine and able to publish the right data and even when I am trying the same between two different OS i.e between Windows and Solaris sparc or... (1 Reply)
Discussion started by: smartgupta
1 Replies

2. UNIX for Dummies Questions & Answers

avahi , change the log location

avahi error message goes to /var/log/messages , how can put avahi to log the error in a file /var/log/avahi-error instead of /var/log/messages (1 Reply)
Discussion started by: prpkrk
1 Replies

3. UNIX for Dummies Questions & Answers

Assigning ipv6 to bonding interface - getting old as well as changed ipv6 in ifconfig output

Hi, I have created a bonding bond1 interface with 6 Eth , mode=4. Recently i have changed my old ipv6 to new one and tried to restart as well as reload network service. Post which i can see old as well as changed ipv6 in ifconfig command output. Below are few files and command output for your... (1 Reply)
Discussion started by: omkar.jadhav
1 Replies

4. UNIX and Linux Applications

Publish notification

hi All I use tomcat server to publish war file. How to send an notification to users via the application screen and it should dismiss once user clicks X mark. Any suggestions ? (0 Replies)
Discussion started by: anil529
0 Replies

5. Web Development

Publish notification

hi All I use tomcat server to publish war file. How to send an notification to users via the application screen and it should dismiss once user clicks X mark. Any suggestions ? (1 Reply)
Discussion started by: anil529
1 Replies

LEARN ABOUT DEBIAN

avahi-daemon

avahi-daemon(8) 					      System Manager's Manual						   avahi-daemon(8)

NAME

       avahi-daemon - The Avahi mDNS/DNS-SD daemon

SYNOPSIS

       avahi-daemon [options]

       avahi-daemon --kill

       avahi-daemon --reload

       avahi-daemon --check

DESCRIPTION

       The Avahi mDNS/DNS-SD daemon implements Apple's Zeroconf architecture (also known as "Rendezvous" or "Bonjour"). The daemon registers local
       IP addresses and static services using mDNS/DNS-SD and provides two IPC APIs for local programs to make use of the mDNS	record	cache  the
       avahi-daemon  maintains. First there is the so called "simple protocol" which is used exclusively by avahi-dnsconfd (a daemon which config-
       ures unicast DNS servers using server info published via mDNS) and nss-mdns (a libc  NSS  plugin,  providing  name  resolution  via  mDNS).
       Finally there is the D-Bus interface which provides a rich object oriented interface to D-Bus enabled applications.

       Upon  startup  avahi-daemon  interprets	its  configuration  file /etc/avahi/avahi-daemon.conf and reads XML fragments from /etc/avahi/ser-
       vices/*.service which may define static DNS-SD services. If  you  enable  publish-resolv-conf-dns-servers  in  avahi-daemon.conf  the  file
       /etc/resolv.conf will be read, too.

OPTIONS

       -f | --file= FILE
	      Specify the configuration file to read. (default: /etc/avahi/avahi-daemon.conf)

       -D | --daemonize
	      Daemonize after startup. Implies --syslog.

       -s | --syslog
	      Log to syslog instead of STDERR. Implied by --daemonize.

       --debug
	      Increase verbosity to debug level.

       --no-rlimits
	      Don't enforce resource limits as specified in the configuration file. (See setrlimit(2) for more information)

       --no-drop-root
	      Don't drop root privileges after startup and don't require daemon to be started as root. We recommend not to use this option.

       --no-chroot
	      Don't chroot(2) the daemon. This option is only available when compiled with chroot() support.

       --no-proc-title
	      Don't  change  the  process  name while running. Unless this option is specified avahi-daemon will reflect its current state and the
	      selected host name in the process title.

       -k | --kill
	      Kill an already running avahi-daemon. (equivalent to sending a SIGTERM)

       -r | --reload
	      Tell an already running avahi-daemon to reread /etc/resolv.conf (in case you enabled publish-resolv-conf-dns-servers  in	avahi-dae-
	      mon.conf)  the  files from /etc/avahi/services/. Please note that this will not reload the /etc/avahi/avahi-daemon.conf. (equivalent
	      to sending a SIGHUP)

       -c | --check
	      Return 0 as return code when avahi-daemon is already running.

       -h | --help
	      Show help

       -v | --version
	      Show version information

FILES

       /etc/avahi/avahi-daemon.conf: the default configuration file for avahi-daemon, avahi-daemon.conf(5) for more information.

       /etc/avahi/hosts: additional static hostname mappings to publish in mDNS, see avahi.hosts(5) for more information.

       /etc/avahi/services/*.service: static service definitions, see avahi.service(5) for more information.

SIGNALS

       SIGINT, SIGTERM: avahi-daemon will shutdown. (Same as --kill).

       SIGHUP: avahi-daemon will reload unicast DNS server data from /etc/resolv.conf and static service  definitions  from  /etc/avahi/services/.
       (Same as --reload)

       SIGUSR1: avahi-daemon will dump local and remote cached resource record data to syslog.

AUTHORS

       The Avahi Developers <avahi (at) lists (dot) freedesktop (dot) org>; Avahi is available from http://avahi.org/

SEE ALSO

       avahi-daemon.conf(5), avahi.hosts(5), avahi.service(5), avahi-dnsconfd(8), avahi-set-host-name(1)

       http://avahi.org/wiki/AvahiAndUnicastDotLocal documents the problems when using Avahi in a unicast DNS zone .local.

COMMENTS

       This man page was written using xml2man(1) by Oliver Kurth.

Manuals 							       User							   avahi-daemon(8)
All times are GMT -4. The time now is 01:00 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy