>
>
> Named should be sending queries with DO=1 and it should be getting back
> signed responses. I suspect that you will need to run packet captures of
> the traffic to and from 162.140.15.100 and 162.140.254.200 port 53 from the
> nameserver. Either signed responses will cease or DNSSEC
On Tue, Mar 14, 2023 at 4:34 PM Mark Andrews wrote:
>
>
> > On 15 Mar 2023, at 02:08, Alexandra Yang wrote:
> >
> > Hi Group,
> >
> > I wonder if anyone can shed some light on this, our nameserver(BIND
> 9.16.37 )keeps giving error on resolving gpo.gov and ns3.gpo.gov, here
> are the errors:
>
I've been having problems resolving www.federalregister.gov which is served
by ns3.gpo.gov and ns4.gpo.gov, using BIND 9.16.27. Haven't been able to
quite figure out why so I've stuck an NTA in for the time being.
On Tue, Mar 14, 2023 at 8:52 AM Stephane Bortzmeyer
wrote:
> On Tue, Mar 14,
On Sat, May 23, 2020 at 12:19 PM Vinícius Ferrão via bind-users <
bind-users@lists.isc.org> wrote:
>
> grant * subdomain local.example.com. ANY;
> };
> };
>
>
>
I use:
grant LOCAL.EXAMPLE.COM ms-self .;
...for my domain joined members and
grant HOSTNAME$@LOCAL.EXAMPLE.COM
Can anyone from ISC comment on what Linux kernel version(s) they are seeing
the issue described at
https://deepthought.isc.org/article/AA-01213/0/What-causes-refresh%3A-failure-trying-master-...%3A-operation-canceled-error-messages.html
on and whether there is any new info on this issue that might
nsupdate will use the MNAME regardless of whether it is matched by a
NS record. ISC dhcpd, as you indicated, does not unless overridden
manually via a zone statement.
-Tim
On Fri, Jan 18, 2013 at 9:35 AM, Chris Buxton cli...@buxtonfamily.us wrote:
On Jan 16, 2013, at 1:01 PM, Chuck Swiger
This is because Dell has incorrectly configured their F5 GTM load
balancers to return NXDOMAIN on a query instead of NOERROR (this
is configurable on a per-wideip basis in the GTM configuration - at
least in present versions. In earlier versions you had to ensure that
you had a record of
I'm unclear how BIND could be modified to fix this. The querying
client machines are asking BIND for records. BIND goes out to
the authoritative nameservers to attempt to resolve said records.
The broken nameservers (PowerDNS 3.0 etc) timeout or otherwise hand
out bad responses
One thing I also learned recently is that the Cisco IPSEC VPN client
dialer hijacks all UDP DNS packets and sends them to the DNS server
handed out by the VPN concentrators. So dig @x.x.x.x and nslookup
foo.bar x.x.x.x queries don't actually go to x.x.x.x. Don't know if
that's in play here but
BIND-9.5.1-P1.
When ixfr-from-differences yes; is configured on a zone, and an edit
is made to the zone file and the zone reloaded via rndc reload
foo.com a journal file is not created. However, when an rndc
reload of the whole configuration is done, then the journal is
created. Is this
10 matches
Mail list logo