Using avahi to publish IPV6 DNSservers - Security?

Login or Register to Reply

 
Thread Tools Search this Thread
# 1  
[Solved] Using avahi to publish IPV6 DNSservers - Security?

Hello,

we use here internal avahi to publish IPV6 DNSservers. It was the easiest way for us to use the service with radvd. Here is the part from the avahiconf:
publish-dns-servers=IPV6adress-dns-server
This works really fine. But my problem is the security. When you have this config for example in an public locaten. Some go here and broadcast his own dnsserver.

There is some file "/etc/mdns.allow". Here can you set domainnames. But this is only "from this client". For example: "tux.at"
When this is set, only client in the avahi-domain "tux.at" are dissolvable.

But what I would like to know is, is there a place on the client where i can set the IPadress of the server that is allowed to publish his dnsservers?

Thanks for help
Best Regards

Last edited by darktux; 04-22-2016 at 04:32 PM..
# 2  
As far as I know, no. Avahi was not designed with security as a priority.
# 3  
Quote:
Originally Posted by fpmurphy
As far as I know, no. Avahi was not designed with security as a priority.
Yes, i know. But i don't know i can publish IPV6 DNSserver without it. Is it possible to use an IPV6 DHCPserver only for DNS?

Best Regards
# 4  
changed to an Layer3 Switch. HP2920. It gives all clients an IPV6 DNS over Router Advertisements. I think this is the better way.

Best Regards
Login or Register to Reply

|
Thread Tools Search this Thread
Search this Thread:
Advanced Search

More UNIX and Linux Forum Topics You Might Find Helpful
Assigning ipv6 to bonding interface - getting old as well as changed ipv6 in ifconfig output
omkar.jadhav
Hi, I have created a bonding bond1 interface with 6 Eth , mode=4. Recently i have changed my old ipv6 to new one and tried to restart as well as reload network service. Post which i can see old as well as changed ipv6 in ifconfig command output. Below are few files and command output for your...... UNIX for Dummies Questions & Answers
1
UNIX for Dummies Questions & Answers
avahi , change the log location
prpkrk
avahi error message goes to /var/log/messages , how can put avahi to log the error in a file /var/log/avahi-error instead of /var/log/messages... UNIX for Dummies Questions & Answers
1
UNIX for Dummies Questions & Answers