Firstly upgrade the primary. Microsoft issued a fix for this March 2019.
Unknown EDNS options are supposed to be ignored and not produce FORMERR.
Named has stopped working around broken servers that return FORMERR to unknown
EDNS options and include the OPT record. It has also stopped working
Error seems to be related to character set checking. I do have the zone
configured to ignore checking names but it doesn't seem to work.
zone "domain.com" { type secondary; primaries { 1.1.2.2; }; check-names
ignore; max-journal-size 32k; masterfile-format text; file
I turned on all logs channels and this is the error I get:
zone domain.com/IN: refresh: unexpected rcode (FORMERR) from primary
1.1.2.2#53 (source 0.0.0.0#0
tcpdump seems to also agree with the FORMERR
1.1.2.2.domain > secondary.58648: 113 FormErr- 0/0/1 (45)
Regards,
Lefteris
On
On 5/23/22 5:55 PM, Lefteris Tsintjelis via bind-users wrote:
Nothing actually. Windows logs are clean. Unix logs also.
#trustTheBitsOnTheWire
#useTheSniffer
I'd start by capturing w/ tcpdump using the `-s 0` and `-w
/path/to/capture.pcapng` options. Then use Wireshark to analyze the
Nothing actually. Windows logs are clean. Unix logs also.
host -l seems to work perfectly OK from the unix
machine so it does not seem to be a windows problem and yet for some
reason there is no zone transfer at all.
On 24/5/2022 1:50, Ben Lavender wrote:
Any logs?
Regards
Ben Lavender
Any logs?
Regards
Ben Lavender
On Mon, 23 May 2022, 21:52 Lefteris Tsintjelis via bind-users, <
bind-users@lists.isc.org> wrote:
> I must be missing something. Any ideas why does it fail? Everything
> seems normal. Works well with Windows 2016. Downgrading to 9.16 works
> again.
> --
> Visit
I must be missing something. Any ideas why does it fail? Everything
seems normal. Works well with Windows 2016. Downgrading to 9.16 works again.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support
On 5/23/22 4:30 AM, Nux wrote:
Hi,
Does anyone know whether it's possible to generate with Bind these kind
of A records automatically on the authoritative side, similar to
services like xip.io or nip.io? Eg:
127.0.0.1.nip.io -> 127.0.0.1
name.127.0.0.1.nip.io -> 127.0.0.1
and so on.
Does
On 23-05-2022 16:12, Sandro wrote:
I'll do some more digging through the log files. I meanwhile increased
the severity to 'debug 3' for dnssec_debug.
Nothing really pops out. I have scrolled through all the logs since
rotation on Sunday at midnight. Since increasing verbosity on category
Thank you
On 23 May 2022 13:06:14 BST, Jan-Piet Mens via bind-users
wrote:
>> DLZ are loadable modules
>
>I should have pointed to the documentation [1] and some example modules [2].
>
> -JP
>
>[1] https://github.com/isc-projects/bind9/tree/main/contrib/dlz/example
>[2]
On 23-05-2022 15:48, Tony Finch wrote:
The place I would look first is the log messages from `named`: is it
complaining about anything?
Plenty of:
zone penguinpee.nl/IN/external: reconfiguring zone keys
zone penguinpee.nl/IN/external: next key event: 22-May-2022 01:00:01.961
When the log
Sandro wrote:
>
> I was notified this morning by my registrar, that validation of my zone
> records failed. Upon inspection, it turned out that only the SOA record was
> still up to date. A and MX al returned RRSIG expired.
Yuck, that's painful.
> Since I want to avoid this happening
Hello,
I was notified this morning by my registrar, that validation of my zone
records failed. Upon inspection, it turned out that only the SOA record
was still up to date. A and MX al returned RRSIG expired.
I checked my logs and did not see any warning signs. I also tried to get
the
DLZ are loadable modules
I should have pointed to the documentation [1] and some example modules [2].
-JP
[1] https://github.com/isc-projects/bind9/tree/main/contrib/dlz/example
[2] https://github.com/isc-projects/bind9/tree/main/contrib/dlz/modules
--
Visit
Does anyone know whether it's possible to generate with Bind these
kind of A records automatically on the authoritative side
BIND has DLZ, Dynamically Loadable Zones, which is an extension which allows
zone data to be retrieved from basically anywhere. DLZ are loadable modules
written in the C
Hi,
Does anyone know whether it's possible to generate with Bind these kind
of A records automatically on the authoritative side, similar to
services like xip.io or nip.io? Eg:
127.0.0.1.nip.io -> 127.0.0.1
name.127.0.0.1.nip.io -> 127.0.0.1
and so on.
I already do this with PowerDNS and
16 matches
Mail list logo
