On Wed, 16 Apr 2008, David Ulevitch said:
What else are operators doing to get the pages out when things go wonky?
I added asterisk and a cheap X100P card to my Nagios setup. Now I
can get a voice call if things are really bad.
I started to install some text-to-speech tools also, but got
On Thu, 18 Oct 2007, Jack Bates said:
We use home-grown scripts to follow the NS trail and verify that we are
I do something similar with a nagios plugin (perl script). It
reports lameness and serial mismatch. I've put it online here:
ISI folks have been taking this census since at least mid 2003.
We vizualized their data using our tool and then made a movie showing
the changes from 2003 to late 2006. If you have 27 MB and a few
minutes to spare you can download it from here:
I am looking for a way that you, or anyone else, could indicate a domain
should not be considered in service although the name is registered and
has an A record pointing to an active server so when I check that name
it doesn't require a human to interpret the results.
You might be able to use
On Thu, 3 Aug 2006, Joe Abley said:
Do you have an example of a parked domain with no SOA record?
eoileon.com
tri-cityhearald.com
Surely for that to work for most of the domains we're talking about, the
parking companies would need to be able to insert arbitrary records into
zones such
Found: HP laptop power supply left on a large round table late
tuesday night in the main hallway. Here's hoping you have enough
juice left to read this email...
Hi NANOG,
Beginning monday of next week (2005-06-27) my company (The Measurement
Factory) plans to begin a survey of DNS authoritative nameservers.
You may see queries, including VERSION.BIND and zone transfer attempts,
coming from 199.45.255.0/24.
For more information please see
Just one?
Squid.
By default Squid complains if it finds an underscore in a URL
hostname. It returns an Invalid URL error message and explains
that underscores are not allowed in hostnames. Of course you can
make Squid accept underscores if you prefer.
We felt this was better than returning a
anyone got any figures for how much port 0 traffic is around?
For F-root, queries with UDP source port 0 make up about 0.001% of
the traffic. Or 4500 queries yesterday.
I'm not seeing any source port 0 queries at ISC's AS112 node or their TLD
server.
Duane W.
Ask the ASN 112 folks how many queries their servers handle.
http://www.as112.net/
I have a few stats for ISC's AS112 node:
- It gets about 2300 DNS UDP queries/sec
+ about 1300/sec SOA (due to dynamic DNS updates)
+ about 1000/sec PTR
- It also gets about 1200 DNS TCP
So there is no need to anycast the DNS servers and rely on BGP topology for
selection.
Instead use bind's behaviour so that each resolving nameserver will be
querying the authoritative nameserver that responds the fastest.
However, note that only BIND does this. djbdns always selects
[EMAIL PROTECTED] (Dan Mahoney, System Admin) writes:
What I was basically asking for was a silently drop queries for X-domain
option. But one doesn't exist in bind.
take a look at www.as112.net to see what happens to queries for
10.in-addr.arpa and its brothers. you can easily
If a zone owner lowers a TTL and causes an increase in load, most of
the foot being shot off is his or her own: the zone's own name servers
will bear the brunt of the increased query load.
Maybe, but don't forget that when BIND9 and DJBDNS caches find
expired nameserver address (A) records
I wonder why you made your configuration so complex.
complexity may be in the eye of the beholder.
Why tunnel an extra IP address to the laptops?
I am working with the following constraints:
1) The IPsec gateway is a standalone box. It is not the access
point and it is not the
If you plan to attend Sunday's hands-on tutorial for using the IPsec
server at NANOG, you may want to have a look at the slides in
advance. You can find them at: http://www.packet-pushers.net/NANOG/ipsec/
Unix users, in particular, may need to prepare their systems by
building a new kernel
What i'm interested in is an allways up to date glogal URL list
that has all Ad url's constantly updated.
Was just wondering if such thing exists.
We have some linked from here:
http://www.squid-cache.org/Doc/FAQ/FAQ-10.html#ss10.12
Duane W.
The IN-ADDR.ARPA delegations for RFC1918 space are just like any
other block. You'll just end up hitting IANA's blackhole servers,
and not all that much, the cache times are one week.
In theory, yes.
In reality there are quite a few resolvers that, apparently, do not
receive the delegation
On Tue, 3 Feb 2004, Alexei Roudnev wrote:
So, instead of changing 'visialization' part of IE, MS give up and decided
to drop important piece of standard?
Placing the username and password in a URL has been deprecated for
HTTP. From RFC 2616:
3.2.2 http URL
The http scheme is
You'd think that an unresponsive nameserver would be flagged dead, and such
information be cached. Does anyone know whether that's actually done in Bind
8.3.4? Or perhaps not by default?
This certainly does not happen when all authoritative nameservers
are unresponsive. See
I have four .org domains that I transferred from gandi to godaddy a couple
of months ago. However, the pir.org whois still lists whois.gandi.net
as the referral whois. For example:
Domain ID: D46124408-LROR
Domain Name: HTCP.ORG
Created On:
I've been collecting a list of things that are broken, or might break,
now that the two most populated TLDs have A and MX record wildcards.
You can find the list at http://www.packet-pushers.net/tld-wildcards/
I'll be happy to receive any additions or corrections that you might
have.
Duane W.
On Mon, 15 Sep 2003, Matt Larson wrote:
Today VeriSign is adding a wildcard A record to the .com and .net
zones.
The Web Proxy Auto-discovery Protocol (WPAD) is another reason to
fear and loathe this change. If your host has a bogus name and
makes a WPAD request, they can send your
22 matches
Mail list logo
