On 01. 08. 22 18:15, John W. Blue via bind-users wrote:
As some enterprise networks begin to engineer towards the concepts of
ZeroTrust, one item caught me unaware: PM’s asking for the DNSSEC
signing of an internal zone.
Granted, it has long been considered unwise by DNS pro’s with a commonly
Just my opinion.
Don't rate limit tcp. The RRL feature in Bind only rate limits UDP.
UDP is connection-less and the source address can be forged, generating
DDOS traffic to a 3rd party.
Proper DNS software will fall back to TCP. Because TCP is connection
based, much harder to forge source
Hi Ondřej,
Sorry to bother you one more time regarding the same topic.
I have looked through your shared logs one more time. This is what you have
shared
YOUR LAB RESULTS ARE:
BIND 9.16.32 / BIND 9.18.6 / BIND 9.19.4
RSS:30454872 / RSS:29451056 / RSS:29066580
OUR LAB RESULTS ARE:
BIND 9.16.21 /
Le 04/08/2022 à 17:48, Dmitri Pavlov a écrit
Therefore, a very small request. Would it be possible on your side to run the same
experiment as with (BIND 9.16.32 / BIND 9.18.6 / BIND 9.19.4) one more time but
with BIND 9.16.21 (or any other version in 9.16.x <25 range )?
Why not the opposite ?
On 02/08/2022 22:04, Saleck wrote:
Dne úterý 2. srpna 2022 22:02:58 CEST, Robert Moskowitz napsal(a):
Recently I have been having problems with my server not responding to my
requests. I thought it was all sorts of issues, but I finally looked at
the logs and:
Aug 2 15:47:19 onlo named[6155]:
On Wed, 3 Aug 2022 15:10:39 -0400
Timothe Litt wrote:
> Hmm. Your resolv.conf says that it's written by NetworkManager.
>
> What I suggested should have stopped it from updating resolv.conf.
>
> See
> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_an
What Emmanuel said…
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 4. 8. 2022, at 19:15, Emmanuel Fusté wrote:
>
> Le 04/08/2022 à 17:48, Dmitri Pavlov a écrit
>> Therefore,
7 matches
Mail list logo