Re: Reverse lookup flood from a single host
A related question (and apologies for the top post...) Does anyone know a good way to figure out the process that is making queries? Every 30 minutes or so I get 500 - 600 for around a minute for 'vimes.kumari.net', on the machine called vimes, from 127.0.0.1. I realized that I was missing this from my hosts file and so have added it, but would still like to know how to find this next time.. There is nothing obvious in cron that fires every 30min, netstat / tcpdump, etc doesn't show anything (other than queries), I dont know what the process is, so I cannot strace it, killing random processes to see what make it stop is an option, but an annoying one... Any ideas? Warren Kumari -- Please excuse typing, etc -- This was sent from a device with a tiny keyboard. On Jul 15, 2011, at 6:00 PM, Benny Pedersen m...@junc.org wrote: On Fri, 15 Jul 2011 13:24:29 -0600, Joshua Beard wrote: Is this abuse? If so, is it likely intentional? 100% guess, the client ip running a mailserver ? if so all is ok ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
9.8.1b3 windows binary
The link in the download page seems to point to b2... Jukka ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: 9.8.1b3 windows binary
The link in the download page seems to point to b2... Whoops. Thanks, we'll get that fixed. Meantime, you can use the direct ftp URL: ftp://ftp.isc.org/isc/bind9/9.8.1b3/BIND9.8.1b3.zip -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: 9.8.1b3 windows binary
16.7.2011 21:37, Evan Hunt kirjoitti: The link in the download page seems to point to b2... Whoops. Thanks, we'll get that fixed. Meantime, you can use the direct ftp URL: ftp://ftp.isc.org/isc/bind9/9.8.1b3/BIND9.8.1b3.zip Yeah figured the correct address and just in the process of upgrading our servers... ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
bind weighted round robin not working
Hi,
Ive got a problem getting weighted round robin dns to work. What I need is
ip adress 1 getting twice the hits of ip address 2, however making multiple
entries of ip address 1 in my zonefile (according to
https://lists.isc.org/mailman/htdig/bind-users/2007-April/066196.html ) does
not seem to help. See below for my troubleshooting configuration and
testing, can anyone tell whats going wrong ?
root@Kiwi:/var/named]# cat /etc/named.conf // // named.conf // // Provided
by Red Hat bind package to configure the ISC BIND named(8) DNS // server as
a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory /var/named;
dump-file /var/named/data/cache_dump.db;
statistics-file /var/named/data/named_stats.txt;
memstatistics-file /var/named/data/named_mem_stats.txt;
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file /etc/named.iscdlv.key;
managed-keys-directory /var/named/dynamic; };
logging {
channel default_debug {
file data/named.run;
severity dynamic;
};
};
zone . IN {
type hint;
file named.ca;
};
zone test.nl {
type master;
file test.nl.hosts;
};
include /etc/named.rfc1912.zones;
include /etc/named.root.key;
root@Kiwi:/var/named]# cat /var/named/test.nl.hosts $TTL 3600 test.nl.
IN SOA localhost. dns.cornholio.nl. (
2011061406
1800
14400
604800
3600 )
test.nl. NS localhost.
test.nl. A 80.57.38.19
test2 IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 2.2.2.2
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: test2.test.nl
Address: 1.1.1.1
Name: test2.test.nl
Address: 2.2.2.2
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: test2.test.nl
Address: 2.2.2.2
Name: test2.test.nl
Address: 1.1.1.1
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: test2.test.nl
Address: 1.1.1.1
Name: test2.test.nl
Address: 2.2.2.2
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: test2.test.nl
Address: 2.2.2.2
Name: test2.test.nl
Address: 1.1.1.1
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: test2.test.nl
Address: 1.1.1.1
Name: test2.test.nl
Address: 2.2.2.2
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: test2.test.nl
Address: 2.2.2.2
Name: test2.test.nl
Address: 1.1.1.1
Regards,
Marc
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: ISC BIND 9.8.1b3 is now available
On Jul 16 2011, Evan Hunt wrote: BIND 9.8.1b3 is the third beta release of BIND 9.8. I am a bit intrigued by this entry in the CHANGES file 3133. [bug] Change #3114 was incomplete. [RT #24577] as I can't find a reference to #3114 or RT #24577 anywhere else... -- Chris Thompson Email: c...@cam.ac.uk ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bind weighted round robin not working
That doesn't work with recent versions. BIND discards the duplicates.
-Ben Croswell
On Jul 16, 2011 4:28 PM, d...@cornholio.nl wrote:
Hi,
I’ve got a problem getting weighted round robin dns to work. What I need
is
ip adress 1 getting twice the hits of ip address 2, however making
multiple
entries of ip address 1 in my zonefile (according to
https://lists.isc.org/mailman/htdig/bind-users/2007-April/066196.html )
does
not seem to help. See below for my troubleshooting configuration and
testing, can anyone tell what’s going wrong ?
root@Kiwi:/var/named]# cat /etc/named.conf // // named.conf // // Provided
by Red Hat bind package to configure the ISC BIND named(8) DNS // server
as
a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory /var/named;
dump-file /var/named/data/cache_dump.db;
statistics-file /var/named/data/named_stats.txt;
memstatistics-file /var/named/data/named_mem_stats.txt;
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file /etc/named.iscdlv.key;
managed-keys-directory /var/named/dynamic; };
logging {
channel default_debug {
file data/named.run;
severity dynamic;
};
};
zone . IN {
type hint;
file named.ca;
};
zone test.nl {
type master;
file test.nl.hosts;
};
include /etc/named.rfc1912.zones;
include /etc/named.root.key;
root@Kiwi:/var/named]# cat /var/named/test.nl.hosts $TTL 3600 test.nl
.
IN SOA localhost. dns.cornholio.nl. (
2011061406
1800
14400
604800
3600 )
test.nl. NS localhost.
test.nl. A 80.57.38.19
test2 IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 1.1.1.1
IN A 2.2.2.2
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address:127.0.0.1#53
Name: test2.test.nl
Address: 1.1.1.1
Name: test2.test.nl
Address: 2.2.2.2
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address:127.0.0.1#53
Name: test2.test.nl
Address: 2.2.2.2
Name: test2.test.nl
Address: 1.1.1.1
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address:127.0.0.1#53
Name: test2.test.nl
Address: 1.1.1.1
Name: test2.test.nl
Address: 2.2.2.2
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address:127.0.0.1#53
Name: test2.test.nl
Address: 2.2.2.2
Name: test2.test.nl
Address: 1.1.1.1
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address:127.0.0.1#53
Name: test2.test.nl
Address: 1.1.1.1
Name: test2.test.nl
Address: 2.2.2.2
root@Kiwi:/var/named]# nslookup test2.test.nl
Server: 127.0.0.1
Address:127.0.0.1#53
Name: test2.test.nl
Address: 2.2.2.2
Name: test2.test.nl
Address: 1.1.1.1
Regards,
Marc
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: bind weighted round robin not working
On 07/16/2011 13:10, d...@cornholio.nl wrote: I’ve got a problem getting weighted round robin dns to work. What I need is ip adress 1 getting twice the hits of ip address 2, As you were told that's not going to work. What you could do is add an additional IP address as an alias on the interface that you want to get more traffic, then add that address to the dns obviously. hth, Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: ISC BIND 9.8.1b3 is now available
I am a bit intrigued by this entry in the CHANGES file 3133. [bug] Change #3114 was incomplete. [RT #24577] as I can't find a reference to #3114 or RT #24577 anywhere else... D'oh! Sorry about that. 3114. [bug] Retain expired RRSIGs in dynamic zones if key is inactive and there is no replacement key. [RT #23136] -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
