For new deployments, I would likely choose RHEL6 over RHEL5; unless you
have a compelling reason to run RHEL5. RHEL6 includes BIND 9.7.0. You
mention that you would like to keep your DNS boxes appliance like. If
this is the case, rolling out source code and compiling on each box may
not be the
If these are new servers that are only for BIND I'd suggest going with
RHEL6 rather than 5.6 - RHEL releases have very long life cycle. When
I get a spare moment I intend to update our servers to RHEL6.
We use the RHEL5 BIND package for the reasons you give. However, the
way RedHat does things
Have two questions about the switchover of our external nameservers:
I'll call the old nameservers oldns1, oldns2, offsitens and the new nameservers
newns1 and newns2
Q1: I had thought to add newns12 to the whois record, whether or not they are
online. Just as my offsitens gets all the
On Tue, 15 Mar 2011, Stewart Dean wrote:
Have two questions about the switchover of our external nameservers:
I'll call the old nameservers oldns1, oldns2, offsitens and the new
nameservers newns1 and newns2
So, you're replacing oldns1 oldns2 with newns1 newns2, while keeping
offsitens.
See below
On 3/15/2011 10:59 AM, Jay Ford wrote:
On Tue, 15 Mar 2011, Stewart Dean wrote:
Have two questions about the switchover of our external nameservers:
I'll call the old nameservers oldns1, oldns2, offsitens and the new
nameservers newns1 and newns2
So, you're replacing oldns1
So, how many servers are you talking about?
After having tried to use the distribution supplied packages (for multiple
distributions) my opinion is that building from source is the right answer for
BIND. The distributions lag more than I'm comfortable with, and BIND builds
cleanly from source
Hi,
we have an internal distribution point running BIND 9.5.0-P2 (SLES 11.1
distribution package). It slaves about 1800 zones from a commercial DNS
management software running on 127.0.0.1:8054 and distributes them
towards our servers.
Whenever we restart BIND on that system, the 1800 zones are
I recompile the source rpm fedora core 14 bind 9.7.3 to EL4 and EL5
with koji see my blog for explanations
http://fakessh.eu/2011/03/10/bind-9-7-3-sur-centos-5-5-depuis-rpm-source-fecora-14/
Le mardi 15 mars 2011 à 09:45 -0400, Mike Diggins a écrit :
I'm about to transition my name servers
fakessh @ writes:
I recompile the source rpm fedora core 14 bind 9.7.3 to EL4 and EL5
with koji see my blog for explanations
http://fakessh.eu/2011/03/10/bind-9-7-3-sur-centos-5-5-depuis-rpm-source-fecora-14/
Yep, that works fine, and even on RHEL3.
Is there a recommended set of firewall rules that insure that all
necessary DNS traffic can enter and leave, even the larger
packets that result from dns-sec?
We want port 53 traffic from anywhere, in this case and
can send it anywhere, and want to be sure that no port 53
traffic is being
On Mar 15, 2011, at 11:08 AM, Martin McCormick wrote:
Is there a recommended set of firewall rules that insure that all
necessary DNS traffic can enter and leave, even the larger
packets that result from dns-sec?
# allow UDP DNS queries out to the world, and in to your nameservers
## It's
In message ilo4hp$s5g$1...@dough.gmane.org, Bernhard Schmidt writes:
Hi,
we have an internal distribution point running BIND 9.5.0-P2 (SLES 11.1
distribution package). It slaves about 1800 zones from a commercial DNS
management software running on 127.0.0.1:8054 and distributes them
In message 1200b563-8a00-4c0a-822d-85733143f...@mac.com, Chuck Swiger writes
:
On Mar 15, 2011, at 11:08 AM, Martin McCormick wrote:
Is there a recommended set of firewall rules that insure that all
necessary DNS traffic can enter and leave, even the larger
packets that result from
On Tue, 15 Mar 2011, Warren Kumari wrote:
After having tried to use the distribution supplied packages (for multiple
distributions) my opinion is that building from source is the right answer for
BIND. The distributions lag more than I'm comfortable with, and BIND builds
cleanly from source
ISC has deployed two test zones with specially configured servers
to support the testing of firewalls and EDNS.
You can test the firewall rules using:
dig edns-v4-ok.isc.org txt (IPv4)
dig edns-v6-ok.isc.org txt (IPv6)
These queries will only
Most of the time it's own preference, we use FreeBSD, because of the light and
clean packages.
--
Paul Ooi
On 10-Mar-2011, at 3:52 AM, pollex wrote:
Hi, I want to know in your experience what is the best operating
system to run bind for an ISP. We currently have Debian for the 5
Cache
16 matches
Mail list logo