rndc flush /recursive ?
With Unbound, there are two commands to clear the cache, one which deletes only the records with the exact name and one which is recursive (deletes everything under the name). With BIND, I find only the first one, rndc flushname. Any command that I missed to delete recursively? ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: rndc flush /recursive ?
On Mon, Feb 27, 2012 at 02:32:31PM +0100, Stephane Bortzmeyer wrote: With Unbound, there are two commands to clear the cache, one which deletes only the records with the exact name and one which is recursive (deletes everything under the name). With BIND, I find only the first one, rndc flushname. Any command that I missed to delete recursively? It's in the new 9.9.0 rndc: flush Flushes all of the server's caches. flush [view] Flushes the server's cache for a view. flushname name [view] Flush the given name from the server's cache(s) flushtree name [view] Flush all names under the given name from the server's cache(s) Bill. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: rndc flush /recursive ?
flushtree In message 20120227133231.ga3...@nic.fr, Stephane Bortzmeyer writes: With Unbound, there are two commands to clear the cache, one which deletes only the records with the exact name and one which is recursive (deletes everything under the name). With BIND, I find only the first one, rndc flushname. Any command that I missed to delete recursively? ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: rndc flush /recursive ?
On Mon, Feb 27, 2012 at 08:36:28AM -0500, Bill Owens ow...@nysernet.org wrote a message of 18 lines which said: It's in the new 9.9.0 rndc: Thanks, exactly what I needed. On Tue, Feb 28, 2012 at 12:37:17AM +1100, Mark Andrews ma...@isc.org wrote a message of 21 lines which said: flushtree Not in any released (much yet packaged) version. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: rndc flush /recursive ?
In message 20120227134537.ga3...@nic.fr, Stephane Bortzmeyer writes: On Mon, Feb 27, 2012 at 08:36:28AM -0500, Bill Owens ow...@nysernet.org wrote a message of 18 lines which said: It's in the new 9.9.0 rndc: Thanks, exactly what I needed. On Tue, Feb 28, 2012 at 12:37:17AM +1100, Mark Andrews ma...@isc.org wrote a message of 21 lines which said: flushtree Not in any released (much yet packaged) version. It's packaged. FreeBSD: ports/dns/bind99/Makefile PORTNAME= bind99 PORTVERSION=9.9.0.rc2 PKGNAMESUFFIX= -devel ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
what's wrong with the e.hushpuppies-australia.com delegation @ns.domainnetwork.se ?
dig -t any e.hushpuppies-australia.com @ns.domainnetwork.se ; DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 -t any e.hushpuppies-australia.com @ns.domainnetwork.se ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 19181 ;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;e.hushpuppies-australia.com. IN ANY ;; ANSWER SECTION: e.hushpuppies-australia.com. 600 IN NS ns1.exacttarget.com. e.hushpuppies-australia.com. 600 IN NS ns2.exacttarget.com. ;; Query time: 91 msec ;; SERVER: 203.27.227.61#53(203.27.227.61) ;; WHEN: Mon Feb 27 14:08:18 2012 ;; MSG SIZE rcvd: 93 But dig e.hushpuppies-australia.com +nssearch @8.8.8.8 Yields no nameserver list. Thanks! Martin Meadows ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: what's wrong with the e.hushpuppies-australia.com delegation @ns.domainnetwork.se ?
Hi-- On Feb 27, 2012, at 12:14 PM, M. Meadows wrote: But dig e.hushpuppies-australia.com +nssearch @8.8.8.8 Yields no nameserver list. +nssearch does SOA lookups for each of the nameservers, but ns.domainnetwork.se (and so forth) only returns an SOA record for hushpuppies-australia.com and not e.hushpuppies-australia.com: % dig -t soa hushpuppies-australia.com. @ns.domainnetwork.se ; DiG 9.6-ESV-R4-P3 -t soa hushpuppies-australia.com. @ns.domainnetwork.se ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 2169 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;hushpuppies-australia.com. IN SOA ;; ANSWER SECTION: hushpuppies-australia.com. 86400 IN SOA ns.domainnetwork.se. hostmaster.melbourneitcbs.com. 2012022200 28800 7200 1209600 86400 ;; Query time: 96 msec ;; SERVER: 203.27.227.61#53(203.27.227.61) ;; WHEN: Mon Feb 27 15:27:24 2012 ;; MSG SIZE rcvd: 124 % dig -t soa e.hushpuppies-australia.com. @ns.domainnetwork.se ; DiG 9.6-ESV-R4-P3 -t soa e.hushpuppies-australia.com. @ns.domainnetwork.se ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 56060 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;e.hushpuppies-australia.com. IN SOA ;; AUTHORITY SECTION: e.hushpuppies-australia.com. 600 IN NS ns1.exacttarget.com. e.hushpuppies-australia.com. 600 IN NS ns2.exacttarget.com. ;; Query time: 97 msec ;; SERVER: 203.27.227.61#53(203.27.227.61) ;; WHEN: Mon Feb 27 15:27:28 2012 ;; MSG SIZE rcvd: 93 Also notice that the nameservers listed in WHOIS (ie, ns*.domainnetwork.se) don't match ns*.exacttarget.com; you're missing several glue records as far as *.gtld-servers.net are concerned. Regards, -- -Chuck ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: what's wrong with the e.hushpuppies-australia.com delegation @ns.domainnetwork.se ?
Mmmm ... nevermind. Nothing wrong with the delegation. The e.hushpuppies-australia.com zone file isn't set up yet! Sorry. From: sun-g...@live.com To: bind-users@lists.isc.org Subject: what's wrong with the e.hushpuppies-australia.com delegation @ns.domainnetwork.se ? Date: Mon, 27 Feb 2012 15:14:19 -0500 dig -t any e.hushpuppies-australia.com @ns.domainnetwork.se ; DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 -t any e.hushpuppies-australia.com @ns.domainnetwork.se ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 19181 ;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;e.hushpuppies-australia.com. IN ANY ;; ANSWER SECTION: e.hushpuppies-australia.com. 600 IN NS ns1.exacttarget.com. e.hushpuppies-australia.com. 600 IN NS ns2.exacttarget.com. ;; Query time: 91 msec ;; SERVER: 203.27.227.61#53(203.27.227.61) ;; WHEN: Mon Feb 27 14:08:18 2012 ;; MSG SIZE rcvd: 93 But dig e.hushpuppies-australia.com +nssearch @8.8.8.8 Yields no nameserver list. Thanks! Martin Meadows ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Configuring a domain slave to look up subdomain hosts
In message cef5d429141640a98f49787ba7583...@netadmin.bart.gov, Mike Bernhardt writes: I have a domain and a subdomain which is delegated by the I am trying to figure out the correct way to have the slave of a parent domain look up hosts in a subdomain managed by others. I'm running BIND 9.8.1-P1. The current working configuration for the subdomain is this: options { directory /var/named; allow-recursion { any; }; allow-query { any; }; allow-query-cache { any; }; forwarders { 148.165.3.10; }; forward only; recursive-clients 2000; zone-statistics yes; }; zone domain.com { type slave; masters { 10.130.1.30; }; file db.domain; forwarders { }; }; But using forwarders doesn't seem like the correct way to do it. Well it is a correct way to do it. It turns *off* the global override on normal resolution for the name space covered by domain.com. I normally use forwarders { /* empty */ }; so that it is easier to see that it is supposed to be a empty list. It's in the options in order to forward internet queries to our external name server instead of to the root servers, which aren't accessible from inside. I've been messing with stub zones but that doesn't seem to work: zone domain.com { type slave; masters { 10.130.1.30; }; file db.domain; }; zone subdomain.domain.com { type stub; masters { 10.2.241.101; 10.2.242.222; }; file db.subdomain; }; With this configuration, the zone file for subdomain.domain.com is correctly created but when I run tcpdump I can see that queries for host.subdomain.domain.com are being forwarded to 148.165.3.10, not to the subdomain name servers. The result of course is NXDOMAIN. With forwarders set for the zone domain.com, the slave queries the zone master, which then queries the subdomain name server as it should. So the stub zone is apparently being ignored. What is wrong? Perhaps I'm misunderstanding the purpose of stub zones? Let me know if you need additional config details. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
ddns 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Hi I'm running DHCP Server V3.0.1 on Debian 3.2 and BIND 9.7.1-P2 on Ubuntu 10.10 , this is part of a staged migration , hens the old Debian server. When machines request an ip from the dhcp server I see the following in the dhcp server logs : Can't update forward map nzhmlwks0091.et.endace.com to 192.168.69.245: no such RRset And at the same time on the Bind server I see : Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426: view interenal: updating zone 'et.endace.com/IN': update unsuccessful: nzhmlwks0091.et.endace.com: 'name not in use' prerequisite not satisfied (YXDOMAIN) Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426: view interenal: updating zone 'et.endace.com/IN': update unsuccessful: nzhmlwks0091.et.endace.com/TXT: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET) What are these errors and how do I resolve them ? Thanks Greg ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: ddns 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
In message CAJzjPKmwVxMCR6yi4Wq6d6NnaiM=gERkcvfefU=wsrxczus...@mail.gmail.com, Gregory Machin writes: Hi I'm running DHCP Server V3.0.1 on Debian 3.2 and BIND 9.7.1-P2 on Ubuntu 10.10 , this is part of a staged migration , hens the old Debian server. When machines request an ip from the dhcp server I see the following in the dhcp server logs : Can't update forward map nzhmlwks0091.et.endace.com to 192.168.69.245: no such RRset And at the same time on the Bind server I see : Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426: view interenal: updating zone 'et.endace.com/IN': update unsuccessful: nzhmlwks0091.et.endace.com: 'name not in use' prerequisite not satisfied (YXDOMAIN) The DHCP server said only make this change if there is nothing at the name and there was something at the name. This is done to prevent DHCP overriding static entries. Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426: view interenal: updating zone 'et.endace.com/IN': update unsuccessful: nzhmlwks0091.et.endace.com/TXT: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET) The DHCP server said only make this change if the TXT record that says I did the last change exists and it doesn't. This is done to prevent the DHCP server changing/removing records it didn't add. The TXT record was used to encode what is now encoded in the DHCID record. See http://www.ietf.org/rfc/rfc4701.txt What are these errors and how do I resolve them ? If you are certain that there is not a collision removing all the records at the name will permit DHCP to add new record. dhcp-us...@isc.org would be a good place to discuss what DHCPD is trying to do. Thanks Greg ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: ddns 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Thanks for taking time to clarify those errors. Based on the explanation the errors are expected and correct. Thank you. Greg On Tue, Feb 28, 2012 at 5:40 PM, Mark Andrews ma...@isc.org wrote: In message CAJzjPKmwVxMCR6yi4Wq6d6NnaiM=gERkcvfefU=wsrxczus...@mail.gmail.com, Gregory Machin writes: Hi I'm running DHCP Server V3.0.1 on Debian 3.2 and BIND 9.7.1-P2 on Ubuntu 10.10 , this is part of a staged migration , hens the old Debian server. When machines request an ip from the dhcp server I see the following in the dhcp server logs : Can't update forward map nzhmlwks0091.et.endace.com to 192.168.69.245: no such RRset And at the same time on the Bind server I see : Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426: view interenal: updating zone 'et.endace.com/IN': update unsuccessful: nzhmlwks0091.et.endace.com: 'name not in use' prerequisite not satisfied (YXDOMAIN) The DHCP server said only make this change if there is nothing at the name and there was something at the name. This is done to prevent DHCP overriding static entries. Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426: view interenal: updating zone 'et.endace.com/IN': update unsuccessful: nzhmlwks0091.et.endace.com/TXT: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET) The DHCP server said only make this change if the TXT record that says I did the last change exists and it doesn't. This is done to prevent the DHCP server changing/removing records it didn't add. The TXT record was used to encode what is now encoded in the DHCID record. See http://www.ietf.org/rfc/rfc4701.txt What are these errors and how do I resolve them ? If you are certain that there is not a collision removing all the records at the name will permit DHCP to add new record. dhcp-us...@isc.org would be a good place to discuss what DHCPD is trying to do. Thanks Greg ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users