答复: rndc usage question

2010-04-12 Thread Peng YH 
 Thanks. That's nice.


-邮件原件-
发件人: ma...@isc.org [mailto:ma...@isc.org] 
发送时间: 2010年4月13日 9:59
收件人: Peng YH
抄送: 'Sergiu Bivol'; bind-us...@isc.org
主题: Re: rndc usage question 


In message <20100413011523.194024a...@mx.ams1.isc.org>, "Peng YH" writes:
> 
> I'm also interested in this item.
> Will it be supported in future? Thanks.

Don't know yet.

Single token names work so I would suggest using single token view names.
e.g. "default",  "internal",  "external", "my-default-view",
"my_default_view", "MyDefaultView".


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rndc usage question

2010-04-12 Thread Mark Andrews 

In message <20100413011523.194024a...@mx.ams1.isc.org>, "Peng YH" writes:
> 
> I'm also interested in this item.
> Will it be supported in future? Thanks.

Don't know yet.

Single token names work so I would suggest using single token view
names.  e.g. "default",  "internal",  "external", "my-default-view",
"my_default_view", "MyDefaultView".

> -=D3=CA=BC=FE=D4=AD=BC=FE-
> =B7=A2=BC=FE=C8=CB: =
> bind-users-bounces+pengyh=3dnsbeta.i...@lists.isc.org
> [mailto:bind-users-bounces+pengyh=3dnsbeta.i...@lists.isc.org] =
> =B4=FA=B1=ED Mark
> Andrews
> =B7=A2=CB=CD=CA=B1=BC=E4: 2010=C4=EA4=D4=C213=C8=D5 9:09
> =CA=D5=BC=FE=C8=CB: Sergiu Bivol
> =B3=AD=CB=CD: bind-users@lists.isc.org
> =D6=F7=CC=E2: Re: rndc usage question
> 
> 
> In message =
>  corp
> >, "Sergiu Bivol" writes:
> > Hi,
> >
> > We need to use rndc commands on a zone in a view with a name
> > containing spaces. For example:
> > rndc freeze test.zone.com My Default View
> >
> > So far we were unable to execute a command with such a view name. We
> > tried single/double quotes, backslashes, etc.
> >
> > What the syntax to supply such a view name to rndc?
> >
> > Thanks
> > Sergiu
> 
> It's not supported.
> 
> Mark
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
> ___
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

re: rndc usage question

2010-04-12 Thread Peng YH 
 
I'm also interested in this item.
Will it be supported in future? Thanks.


-邮件原件-
发件人: bind-users-bounces+pengyh=nsbeta.i...@lists.isc.org
[mailto:bind-users-bounces+pengyh=nsbeta.i...@lists.isc.org] 代表 Mark
Andrews
发送时间: 2010年4月13日 9:09
收件人: Sergiu Bivol
抄送: bind-users@lists.isc.org
主题: Re: rndc usage question 


In message , "Sergiu Bivol" writes:
> Hi,
> 
> We need to use rndc commands on a zone in a view with a name 
> containing spaces. For example:
> rndc freeze test.zone.com My Default View
> 
> So far we were unable to execute a command with such a view name. We 
> tried single/double quotes, backslashes, etc.
> 
> What the syntax to supply such a view name to rndc?
> 
> Thanks
> Sergiu

It's not supported.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rndc usage question

2010-04-12 Thread Mark Andrews 

In message , "Sergiu Bivol" writes:
> Hi,
> 
> We need to use rndc commands on a zone in a view with a name containing
> spaces. For example:
> rndc freeze test.zone.com My Default View
> 
> So far we were unable to execute a command with such a view name. We
> tried single/double quotes, backslashes, etc.
> 
> What the syntax to supply such a view name to rndc?
> 
> Thanks
> Sergiu

It's not supported.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rndc usage question

2010-04-12 Thread Warren Kumari 


On Apr 12, 2010, at 1:58 PM, Sergiu Bivol wrote:


Hi,

We need to use rndc commands on a zone in a view with a name  
containing spaces. For example:


sed 's/ /_/g' ?!


rndc freeze test.zone.com My Default View

So far we were unable to execute a command with such a view name. We  
tried single/double quotes, backslashes, etc.


What the syntax to supply such a view name to rndc?



"Doctor Doctor, it hurts when I do this..."

W


Thanks
Sergiu
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


--
Outside of a dog, a book is your best friend, and inside of a dog,  
it's too dark to read



___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Job Opening - Managed DNS Pre-Sales Engineer Philadelphia area

2010-04-12 Thread Anna Antosiewicz 
DNS Pre-Sales Engineer

 

Afilias USA, Inc. is searching for a DNS Pre-Sales Engineer to join our team
in Horsham, PA, to perform the following duties:

 

o  Work with DNS Sales Executives to provide product and technical
knowledge in support of pre-sales activities.

o  Production of responses to requests for information and requests for
pricing.

o  Work with development team to understand details of the Managed DNS
product.

o  Communicate customer feedback with Marketing to refine sales messages

o  Responsible for staying abreast of the product roadmap as well as
understanding the scenarios, features and functions and how these are
applied to address business and technical problems. 

o  Attendance at trade shows and conferences

o  Responsible for staying current on competitive analyses and
understanding differentiators between Afilias and its competitors.

o  Responsible for preparing for meetings and tailoring communications
to address business needs of potential clients as part of the pre-sales
process.

o  Responsible for providing feedback from the market to management and
development regarding products including coordinating gaps between product
functionality and market/customer demands.

 

The successful candidate will possess the following skills:

 

o  Excellent ability to understand Managed DNS and how it can be used to
solve business problems

o  Able to communicate technical and business information to widely
varied audiences

o  Excellent interpersonal relationship building skills

o  Ability to understand business processes and business problems 

o  Ability to understand and capture business and technical requirements

o  Ability to develop a broad awareness of the client's technical
architecture to determine what is and is not possible.

o  Previous DNS experience preferred

 

 

About the Company:

Afilias is a global provider of Internet infrastructure services that
connect people to their data. Afilias' reliable, secure, scalable, and
globally available technology supports a wide range of applications
including Internet domain registry services, Managed DNS, and services in
the RFID and supply chain market with its Afilias Discovery Service. For
additional information please visit www.afilias.info
   

 

No relocation provided. This is an exempt position. 

ONLY ONLINE APPLICATIONS. NO AGENCIES WILL BE CONSIDERED.

EOE. We are an equal opportunity employer. Reasonable accommodations may be
made to individuals with disabilities able to perform the essential
functions.

 

PLEASE RESPOND TO resum...@afilias.info

 

 

Domain name system, DNS/DHCP, BIND, anycast, n-tier network, DDoS
protection, hosted services, traffic management

Product manager, product specialist, technology sales, technical sales,
client executive, client engineer

 

 

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

rndc usage question

2010-04-12 Thread Sergiu Bivol 
Hi,
 
We need to use rndc commands on a zone in a view with a name containing
spaces. For example:
rndc freeze test.zone.com My Default View
 
So far we were unable to execute a command with such a view name. We
tried single/double quotes, backslashes, etc.
 
What the syntax to supply such a view name to rndc?
 
Thanks
Sergiu
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rndc reload & allow-update

2010-04-12 Thread Alan Clegg 
On 4/12/2010 7:25 AM, aihua zhang wrote:
> 
> hi all,
> i found if your zone in named.conf set a statement
> {allow-update{any};};then when you use rndc reload ,any modifies will
> not  happen. how can i figure it ? thx

You can only modify dynamic zones in two ways:

1)  dynamic updates (using 'nsupdate' from the command line)
2)  while the zone is frozen
rndc freeze 
edit zone file
rndc thaw 

Note that #2 keeps any updates that occur during your "editing session"
to be lost.

I highly recommend that once a zone is made dynamic that you only use
nsupdate to perform the needed edits.

AlanC



signature.asc
Description: OpenPGP digital signature
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How to make one ZONE (subdomain) non-public?

2010-04-12 Thread Michelle Konzack 
Hello Matus UHLAR - fantomas,

Am 2010-04-12 11:21:07, hacktest Du folgendes herunter:
> On 12.04.10 10:24, Michelle Konzack wrote:
> > Hello Matus UHLAR - fantomas,
> > 
> > Am 2010-04-12 09:52:03, hacktest Du folgendes herunter:
> > > allow-access in zone statement.
> 
> sorry, I've meant allow-query.

:-D

I have already seen in the logfiles, that several peoples had  tried  to
access the DNS and it was denied...

[ '/var/log/named.log' ]
Apr 12 11:01:04 dns named[4501]: 12-Apr-2010 11:01:04.433 security: info: 
client 74.125.76.78#33964: query 'michelle1.private.tamay-dogan.net/A/IN' denied
Apr 12 11:01:04 dns named[4501]: 12-Apr-2010 11:01:04.482 security: info: 
client 74.125.76.78#3: query 'michelle1.private.tamay-dogan.net/A/IN' denied
Apr 12 11:48:51 dns named[4501]: 12-Apr-2010 11:48:51.055 security: info: 
client 77.88.42.250#5335: query 'samba3.private.tamay-dogan.net/A/IN' denied
Apr 12 12:00:05 dns named[4501]: 12-Apr-2010 12:00:05.432 security: info: 
client 220.181.12.2#45710: query 'michelle1.private.tamay-dogan.net/A/IN' denied
Apr 12 12:00:05 dns named[4501]: 12-Apr-2010 12:00:05.707 security: info: 
client 220.181.12.2#39523: query 'michelle1.private.tamay-dogan.net/A/IN' denied
Apr 12 12:01:26 dns named[4501]: 12-Apr-2010 12:01:26.201 security: info: 
client 217.147.177.250#22248: query 'private.tamay-dogan.net/A/IN' denied


Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator

-- 
# Debian GNU/Linux Consultant ##
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsyst...@tdnet France   itsyst...@tdnet UG (haftungsbeschränkt)
Gesch. Michelle Konzack  Gesch. Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz   Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil   Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

  
 

Jabber linux4miche...@jabber.ccc.de
ICQ#328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/


signature.pgp
Description: Digital signature
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

rndc reload & allow-update

2010-04-12 Thread aihua zhang 
hi all,
i found if your zone in named.conf set a statement
{allow-update{any};};then when you use rndc reload ,any modifies will not
 happen. how can i figure it ? thx

-- 
Best regards!

Sincerely,
aiHua Zhang

State Key Lab. of Networking Technology Research Institute, BeiJing
University of Posts and Telecommunications, 100876, P.R.China
Email :aih...@bupt.cn



-- 
Best regards!

Sincerely,
aiHua Zhang

State Key Lab. of Networking Technology Research Institute, BeiJing
University of Posts and Telecommunications, 100876, P.R.China
Email :aih...@bupt.cn
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: MX and A

2010-04-12 Thread Joseph S D Yao 
On Sat, Apr 10, 2010 at 09:19:47PM +0300, Mihamina Rakotomandimby wrote:
> Manao ahoana, Hello, Bonjour,
> 
> In a zone (the zone == the domain, here), I want a basic thing:
> - mails for the domain goes to smtp1.mg.tambazotra.net.
> - http://the-domain.tld and http://www.the-domain.tld 
>  both resolve to the IP 64.8.123.230
> I setup this:
> 
>   @   IN MX 10 smtp1.mg.tambazotra.net.
>   @   IN  A 64.8.123.230
>   www IN  A 64.8.123.230
> 
> With this, the HTTP constraint is OK, but the domain owner 
> doesnt receive mails.
> 
> If I try this:
> 
>   @   IN MX 10 smtp1.mg.tambazotra.net.
>   www IN  A 64.8.123.230
> 
> The domain owner receives his mails.
> How to modify the second setting so that http://the-domain.tld 
> (without prepending "www") resolves to 64.8.123.230 and 
> keep the mails working?


emip.mg.38400   IN  NS  ns1.mg.tambazotra.net.
emip.mg.38400   IN  NS  ns2.mg.tambazotra.net.
emip.mg.38400   IN  NS  ns1.fr.malagasy.com.

emip.mg.38400   IN  MX  10 smtp1.mg.tambazotra.net.
emip.mg.38400   IN  MX  20 smtp2.mg.tambazotra.net.
emip.mg.38400   IN  MX  30 smtp3.mg.tambazotra.net.

smtp1.mg.tambazotra.net. 1  IN  A   41.204.104.61
smtp2.mg.tambazotra.net. 1  IN  A   41.204.104.57
smtp3.mg.tambazotra.net. 1  IN  A   41.204.120.141
ns1.fr.malagasy.com.43200   IN  A   87.98.132.231
ns1.mg.tambazotra.net.  38400   IN  A   41.204.103.193
ns2.mg.tambazotra.net.  38400   IN  A   41.204.104.40

www.emip.mg.38400   IN  A   64.8.123.230

230.123.8.64.in-addr.arpa   win11.securedc.com.


Both smtp1 and smtp3 identify themselves as second-camel.malagasy.com.
If they are the same machine, this is not diversity.  If they are not -
have you tried checking the other machines for the missing e-mail?

I'm also wondering whether the so-short TTLs on the three smtp names
might cause some problems for a poorly programmed mail transfer agent.

Otherwise, I'd have to agree with earlier comments that the MX records
should trump the A record, and that the sending MTA program is at fault.
Have you tried this from multiple e-mail accounts, e.g., get a free
yahoo or gmail account and try this?

Of course, you have no control over the many MTAs that presumably are
sending e-mail to domain-ow...@emip.mg.


--
/*\
**
** Joe Yao  j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How to make one ZONE (subdomain) non-public?

2010-04-12 Thread Matus UHLAR - fantomas 
On 12.04.10 10:24, Michelle Konzack wrote:
> Hello Matus UHLAR - fantomas,
> 
> Am 2010-04-12 09:52:03, hacktest Du folgendes herunter:
> > allow-access in zone statement.

sorry, I've meant allow-query.

> [ STDIN ]---
> Apr 12 10:16:48 samba3 named[16931]: starting BIND 9.3.4-P1.2 -u bind
> Apr 12 10:16:48 samba3 named[16931]: found 4 CPUs, using 4 worker threads
> Apr 12 10:16:48 samba3 named[16931]: loading configuration from 
> '/etc/bind/named.conf'
> Apr 12 10:16:48 samba3 named[16931]: /etc/bind/named.conf.local:63: unknown 
> option 'allow-access'
> Apr 12 10:16:48 samba3 named[16931]: loading configuration: failure
> Apr 12 10:16:48 samba3 named[16931]: exiting (due to fatal error)
> 
> 
> Maybe "allow-query"?

-- 
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows 2000: 640 MB ought to be enough for anybody
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How to make one ZONE (subdomain) non-public?

2010-04-12 Thread Gregory Hicks 

> Date: Mon, 12 Apr 2010 09:52:03 +0200
> From: Matus UHLAR - fantomas 
> 
> On 12.04.10 09:47, Michelle Konzack wrote:
> > in my domain I have a "subdomain" which is absolutely private  and
> > non-accesible from the rest of the world.  It use <192.168.x.y>.
> > 
> > Which option must I use hat this ZONE ist only accesible/visible  
local?
> 
> allow-access in zone statement.

I think the easiest way to do this would make several VIEWS.  Put the
zone file for the subdomain in the internal only view.  Yes, some zone
descriptions would be duplicated, but... Oh well...

For instance, when it is time for my children to do homework, I add a
zone "facebook.com" that points to localhost to my zone descriptions.
This effectively locks them out of facebook for the duration of
"homework time".  (This local facebook.com zone is NOT something that I
would want the internet to use...)

eg:

// for the ACL, you can put in CIDR notation for your network ALSO...
// Note that the difference between the zone descriptions is that 
// "some-subdomain" is missing from the external view.  You would also 
// populate the views with any additional zones...

acl internal {localhost; localnets; };

view "trusted" {
  match-clients { "internal"; };
  recursion yes;
  
 zone "ext-domain" in {
type master;
file "db.ext-domain";
allow-update { none; };
allow-transfer { ; ; };
};
 zone "some-subdomain" in {
type master;
file "db.sub-domain";
allow-update { none; };
allow-transfer { ; ; };
};

More zone(s) {}

}; // End of trusted or internal view

view "external" {
 match-clients { "any"; };
 recursion no;
 additional-from-cache no;

 zone "ext-domain" in {
type master;
file "db.ext-domain";
allow-update { none; };
allow-transfer { ; ; };
};

}; // End of External view

-
Gregory Hicks   | Principal Systems Engineer
| Direct:   408.569.7928

People sleep peaceably in their beds at night only because rough men
stand ready to do violence on their behalf -- George Orwell

The price of freedom is eternal vigilance.  -- Thomas Jefferson

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton

___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How to make one ZONE (subdomain) non-public?

2010-04-12 Thread Michelle Konzack 
Hello Matus UHLAR - fantomas,

Am 2010-04-12 09:52:03, hacktest Du folgendes herunter:
> allow-access in zone statement.

Ehm...

[ STDIN ]---
Apr 12 10:16:48 samba3 named[16931]: starting BIND 9.3.4-P1.2 -u bind
Apr 12 10:16:48 samba3 named[16931]: found 4 CPUs, using 4 worker threads
Apr 12 10:16:48 samba3 named[16931]: loading configuration from 
'/etc/bind/named.conf'
Apr 12 10:16:48 samba3 named[16931]: /etc/bind/named.conf.local:63: unknown 
option 'allow-access'
Apr 12 10:16:48 samba3 named[16931]: loading configuration: failure
Apr 12 10:16:48 samba3 named[16931]: exiting (due to fatal error)


Maybe "allow-query"?

zone "private.tamay-dogan.net" {
typemaster;
file"/etc/bind/net.tamay-dogan.private";
allow-transfer  { 192.168.0.194; 192.168.0.195; };
allow-update{ 192.168.0.91; 192.168.0.92; 192.168.0.93; 
192.168.0.112;  };
allow-query { 192.168.0.0/24;  };
};

but now I can not more access bind9 from my workstation...

Can you try to query

dig michelle1.private.tamay-dogan.net @dns1.tamay-dogan.net

please?

Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator

-- 
# Debian GNU/Linux Consultant ##
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsyst...@tdnet France   itsyst...@tdnet UG (haftungsbeschränkt)
Gesch. Michelle Konzack  Gesch. Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz   Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil   Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

  
 

Jabber linux4miche...@jabber.ccc.de
ICQ#328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/


signature.pgp
Description: Digital signature
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How to make one ZONE (subdomain) non-public?

2010-04-12 Thread Matus UHLAR - fantomas 
On 12.04.10 09:47, Michelle Konzack wrote:
> in my domain I have a "subdomain" which is absolutely private  and  non-
> accesible from the rest of the world.  It use <192.168.x.y>.
> 
> Which option must I use hat this ZONE ist only accesible/visible  local?

allow-access in zone statement.

-- 
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

How to make one ZONE (subdomain) non-public?

2010-04-12 Thread Michelle Konzack 
Hello *,

in my domain I have a "subdomain" which is absolutely private  and  non-
accesible from the rest of the world.  It use <192.168.x.y>.

Which option must I use hat this ZONE ist only accesible/visible  local?

Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator

-- 
# Debian GNU/Linux Consultant ##
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsyst...@tdnet France   itsyst...@tdnet UG (haftungsbeschränkt)
Gesch. Michelle Konzack  Gesch. Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz   Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil   Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

  
 

Jabber linux4miche...@jabber.ccc.de
ICQ#328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/


signature.pgp
Description: Digital signature
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users