Re: [dns-operations] Bind 9.8.0 intermittent problem with non-recursive responses
On 5/28/2011 4:18 PM, Michael Sinatra wrote: This will be in BIND 9.8.1 final. BIND 9.8.1b1 is already cut and will need this to be applied. I just noticed that the patch for query.c has been added as an extra patch to the FreeBSD port for 9.8.0-P2, so if you build the bind98 port from the latest FreeBSD ports collection, you'll get the bugfix now. (Thanks, dougb) Glad to help. :) -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bind 9.8.0 with openssl 1.0.0d in chroot Bug
On 5/28/2011 7:25 AM, Martin Wismer wrote: Hello together, I'm try to use bind 9.8.0 with openssl 1.0.0d under chroot. Not sure where solaris puts its openssl libraries, but you want to copy engines/libgost.so into the equivalent location in your chroot directory. For example, if it's in /usr/local/lib/engines/libgost.so in the base system them copy it to ${CHROOT}/usr/local/lib/engines/libgost.so. Then you should be fine. Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
DNS Racing -Multi ISP load balancing with failover using DNS.
DNS-Racing is a method of load balancing access to servers which are multi homed and provides lowest latency access to users and network resilience to ISP/routing failure. * **What does it do?* It permits a server which is connected to two ISPs to use the optimal ISP when transferring data to a user regardless of TCP/UDP protocol. When a user does a DNS look up it will select the IP address of the server to which is closest. If one of the two ISPs is down or there is a routing problem the user will only be offered the IP address of the server it has access to. It also means that traffic will have the lowest latency. DNS Racing can be done with 2 or more providers and permits to scale network bandwidth horizontally by adding more providers. In theory up to 14 different ISPs/IPs could be used to do the delivery. IT is a poor man’s replacement for BGP multihoming and IP anycast. For those that want a full explanation and an implementation guide. http://blog.hk.com/index.php?/archives/84-DNS-Racing.-Multi-ISP-load-balancing-with-failover-using-DNS..html Hey it is Free and you can implement it using BIND. Regards, Maren. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS Racing -Multi ISP load balancing with failover using DNS.
On 5/29/2011 5:12 PM, Maren S. Leizaola wrote: IT is a poor man’s replacement for BGP multihoming and IP anycast. Hey it is Free and you can implement it using BIND. And you've just broken DNSSEC. AlanC signature.asc Description: OpenPGP digital signature ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS Racing -Multi ISP load balancing with failover using DNS.
And if people used happy-eyeballs[1] or similar[2] in the applications this would not be needed. Chrome already does this with their latest browser. It uses a 300ms timer to switch to the next address. Happy-eyeballs was primarially written to deal with broken 6to4 links but the techniques are applicable to any multi-homed service be it IPv4 only, IPv6 only or a mixture of IPv4 and IPv6. Mark [1] http://tools.ietf.org/html/draft-wing-v6ops-happy-eyeballs-ipv6-01 [2] https://www.isc.org/community/blog/201101/how-to-connect-to-a-multi-homed-server-over-tcp In message 4de2c00b.6090...@isc.org, Alan Clegg writes: This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===2705591056810672531== Content-Type: multipart/signed; micalg=pgp-sha1; protocol=application/pgp-signature; boundary=enig46D823F06B8505CC93187062 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --enig46D823F06B8505CC93187062 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 5/29/2011 5:12 PM, Maren S. Leizaola wrote: IT is a poor man=92s replacement for BGP multihoming and IP anycast. Hey it is Free and you can implement it using BIND. And you've just broken DNSSEC. AlanC --enig46D823F06B8505CC93187062 Content-Type: application/pgp-signature; name=signature.asc Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename=signature.asc -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) iEYEARECAAYFAk3iwA0ACgkQcKpYUrUDCYdMXwCgmIsTehj06i1fsZtJmCaPEHIi JqcAoJPhcXKDf/QgPK06MkkYt2N9gZPB =nLtA -END PGP SIGNATURE- --enig46D823F06B8505CC93187062-- --===2705591056810672531== Content-Type: text/plain; charset=us-ascii MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users --===2705591056810672531==-- -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS Racing -Multi ISP load balancing with failover using DNS.
Warren Kumari -- Please excuse typing, etc -- This was sent from a device with a tiny keyboard. On May 29, 2011, at 5:52 PM, Alan Clegg acl...@isc.org wrote: On 5/29/2011 5:12 PM, Maren S. Leizaola wrote: IT is a poor man’s replacement for BGP multihoming and IP anycast. Hey it is Free and you can implement it using BIND. And you've just broken DNSSEC. Um, how? Surely you can just sign the responses, same as any others? Maybe I'm missing something obvious, but this just looks like normal DNS LB... W AlanC ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS Racing -Multi ISP load balancing with failover using DNS.
In message 2c591af8-860d-45a5-9f3a-3603f3733...@kumari.net, Warren Kumari writes: Um, how? Surely you can just sign the responses, same as any others? Maybe I'm missing something obvious, but this just looks like normal DNS LB... W It depends on who is doing the modification. From the description it looks like this would be being done in the recursive nameserver as it has view into site reachability which won't work with DNSSEC. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS Racing -Multi ISP load balancing with failover using DNS.
Warren Kumari -- Please excuse typing, etc -- This was sent from a device with a tiny keyboard. On May 29, 2011, at 9:32 PM, Mark Andrews ma...@isc.org wrote: In message 2c591af8-860d-45a5-9f3a-3603f3733...@kumari.net, Warren Kumari writes: Um, how? Surely you can just sign the responses, same as any others? Maybe I'm missing something obvious, but this just looks like normal DNS LB... W It depends on who is doing the modification. From the description it looks like this would be being done in the recursive nameserver as it has view into site reachability which won't work with DNSSEC. Oh, well, yeah, there you go then... Thanks, W Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Split DNS Configuration in BIND
Hi, Would like to know how to configure split DNS in BIND running in RHEL 5.0 version. Below is our setup and requirement. We have a zone called mycompany.com . So whenever my company users sitting in LAN try to access mycompany.com domain in explorer, they should get internal IP address(private IP address) whereas whenever users from internet should get public IP for mycompany.com domain Kindly let me know the guide or procedure for configuring it. Regards Babu ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Hosting my company DNS server in Internet
Hi, Can anyone have any idea as to how we can host our own autherative DNS server for my company. For example if my company domain is mycompany.com, we want to maintain our own DNS server so that users across world should contact our DNS server for name resolution for mycompany.com domain. Regards babu___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users