DNS64 - multiple mapping
Hi All, Is it possible for me to add multiple dns64 in options? I want to have different IPv6 prefix for each IPv4 network address. If not, what are the other possible options? Thanks, Rock___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS64 - multiple mapping
On 05/24/2012 07:36 AM, Rock July wrote: Hi All, Is it possible for me to add multiple dns64 in options? I want to have Yes. different IPv6 prefix for each IPv4 network address. I don't know what the means, but the dns64 option takes a quite comprehensive set of ACLs to match client and original packet A address(es) as well as other options. Perhaps you should read the ARM? ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Operation cancelled Error
Hello, Any reply please... Regards, Ben Hi, I am doing load testing for bind as caching dns server.Fro that i configure one machine as client and one as server.I setup bind as caching dns server and set recursive-clients 3. While doing load test from client machine via resperf, i got many errors in named.run file which shows,I checked that time there is no cpu high usage / memory high usage on server and clients.Why server is not permitted operation. 23-May-2012 23:30:12.085 error (operation canceled) resolving 'www.thethreadexchange.com//IN': 192.33.14.30#53 23-May-2012 23:30:12.085 error (operation canceled) resolving 'c2.nstld.net/A/IN': 192.42.93.31#53 23-May-2012 23:30:12.085 error (operation canceled) resolving 'nothirst.com/A/IN': 192.54.112.30#53 23-May-2012 23:30:12.085 error (operation canceled) resolving '172.153.42.186.in-addr.arpa/PTR/IN': 199.212.0.53#53 23-May-2012 23:30:12.085 error (operation canceled) resolving 'xxy.com/MX/IN': 192.12.94.30#53 23-May-2012 23:30:12.086 error (operation canceled) resolving '192.140.138.187.in-addr.arpa/PTR/IN': 193.0.9.3#53 23-May-2012 23:30:12.086 error (operation canceled) resolving 'mail.n-u-c.ru/A/IN': 193.232.128.6#53 23-May-2012 23:30:12.086 error (operation canceled) resolving 'www.gayteacher.net/A/IN': 108.59.10.134#53 23-May-2012 23:30:12.086 error (operation canceled) resolving 'www.forever-christies.com/A/IN': 192.12.94.30#53 23-May-2012 23:30:12.086 error (operation canceled) resolving '166.98.232.189.in-addr.arpa/PTR/IN': 200.3.13.10#53 23-May-2012 23:30:12.086 error (operation canceled) resolving '89.140.112.200.in-addr.arpa/PTR/IN': 202.12.28.140#53 23-May-2012 23:30:12.086 error (operation canceled) resolving '9z772drlt.89ys/A/IN': 192.228.79.201#53 23-May-2012 23:30:12.087 error (operation canceled) resolving 'video327.myfreecams.com/A/IN': 192.26.92.30#53 23-May-2012 23:30:12.087 error (operation canceled) resolving 'ns1.thny.bbc.co.uk/A/IN': 194.83.244.131#53 23-May-2012 23:30:12.087 error (operation canceled) resolving '6.246.26.190.in-addr.arpa/PTR/IN': 200.3.13.10#53 23-May-2012 23:30:12.087 error (operation canceled) resolving 'instagram.com/A/IN': 192.54.112.30#53 23-May-2012 23:30:12.087 error (operation canceled) resolving 'acriacao.com/A/IN': 192.12.94.30#53 23-May-2012 23:30:12.087 error (operation canceled) resolving 'technologie.gazeta.pl/A/IN': 192.203.230.10#53 rndc status shows, version: 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 CPUs found: 8 worker threads: 8 number of zones: 19 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is ON recursive clients: 6400/29900/3 tcp clients: 0/100 server is up and running i constanly watch rndc status command , and at recuresive-clients tab , first values increases maximum up to 6000-6500, why it is not going to maximum which i define 3..? rndc status shows 8 worker process, when i checked by pgrep named , it shows only single instance.so does it need to show 8 instance or ? Currently we use bind as caching name server , so why rndc status shows number of zones 19..? Kindly guide me to resolve above confusion. Bind build info: named -V BIND 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego' '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'target_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS= -DDIG_SIGCHASE' From client machine : /usr/local/nom/bin/resperf -s 10.115.1.231 -d /root/dnsperf_test_queries.tsv DNS Resolution Performance Testing Tool Nominum Version 2.0.0.0 [Status] Command line: resperf -s 10.115.1.231 -d /root/dnsperf_test_queries.tsv [Status] Sending [Status] Reached 65536 outstanding queries [Status] Waiting for more responses [Status] Testing complete Statistics: Queries sent: 74038 Queries completed:74038 Queries lost: 0 Run time (s): 100.00 Maximum throughput: 2838.00 qps Lost at that point: 24.32% what are the configuration parameter required to increase QPS for server? I mean any fine tuning in bind / OS side,
Re: Operation cancelled Error
On Thu, 24 May 2012, Ben wrote: version: 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 CPUs found: 8 worker threads: 8 number of zones: 19 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is ON recursive clients: 6400/29900/3 tcp clients: 0/100 server is up and running i constanly watch rndc status command , and at recuresive-clients tab , first values increases maximum up to 6000-6500, why it is not going to maximum which i define 3..? I don't know why it never reached the maximum. resperf should try to scale up to attempting 100,000 questions in its last second. (At 60th second I think; the final 40 seconds is waiting for responses.) It only tries 74038 during its total time, but I am not sure what is limiting it. Maybe your datafile is not unique enough? Maybe your source port range is not large enough? So then BIND 9 is matching existing requests and dropping. It depends a lot on the dataset. (I think I have seen around 17,000 queries with resperf and as low as 236 qps -- in this case it was depending on number of ACLs.) I don't know why you have the burst of operation canceled. (The ISC_R_CANCELED can happen from different problems.) rndc status shows 8 worker process, when i checked by pgrep named , it shows only single instance.so does it need to show 8 instance or ? 8 worker threads is different than 8 processes. Currently we use bind as caching name server , so why rndc status shows number of zones 19..? The 19 zones are built-in zones. (See the ARM for the list.) By the way, to set some comparison maximum baseline you can try having resperf query the built-in zones. (It won't be real recursive work, but should show you some potential maximum qps.) Jeremy C. Reed ISC ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
different between views and having multiple instances
Hi all I need to understand the difference between configuring bind views and having multiple instances of bind. I have 5 network interfaces on my server and I want to have 2 instances of DNS server (just for testing) and I don't know which one to do ? thanks ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Graphing Tool
I have several years of logs that I would like to 'put into' graphs to see the trending. I would like to 'import' the logs on a different server as I don't have to have 'real time' graphs.. Thx Charles ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: dlz_dlopen plug-in for ENUM from LDAP
Just a brief update... this is now available in packaged form on Debian: http://packages.debian.org/sid/dlz-ldap-enum The package source VCS probably provides a useful insight into how to package a dlz_dlopen module independently of the bind9 source tree, the git links are here: http://packages.qa.debian.org/d/dlz-ldap-enum.html On 17/05/12 16:58, Daniel Pocock wrote: I've recently released a dlz ENUM module for the bind9 nameserver: http://www.opentelecoms.org/dlz-ldap-enum Basically, it handles ENUM queries from repro, FreeSWITCH, Kamailio, Asterisk, Lumicall, etc, searches for the phone number in LDAP, and if found, returns the email address as both a SIP address and Jabber address (NAPTR records) This should make it even easier than ever before to get federated VoIP up and running using email addresses interchangeably with phone numbers. If the data already exists in LDAP as an address book, then just installing this module is sufficient to get up and running. This code is based on the dlz_ldap code in bind 9.8.0. Looking through the git repo it is possible to see how to adapt the statically linked dlz_ldap to work as a dlz_dlopen module, completely dynamically. I'd be interested in any feedback about the way it has been implemented. Regards, Daniel ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: different between views and having multiple instances
In theory, you would use views to serve up different data to subnets. For example, you may want to show your internal clients one set of IP addresses while the external world see's a subset of that data. That is a perfect utilization of views. You may want to setup different instances of BIND if you have different configuration requirements, or if you want different zones to be served on different IP addresses. Hope that helps. From: Amira Othman a.oth...@cairosource.com To: bind-users@lists.isc.org Sent: Thursday, May 24, 2012 11:04 AM Subject: different between views and having multiple instances Hi all I need to understand the difference between configuring bind views and having multiple instances of bind. I have 5 network interfaces on my server and I want to have 2 instances of DNS server (just for testing) and I don't know which one to do ? thanks ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: different between views and having multiple instances
-Original Message- From: Amira Othman a.oth...@cairosource.com Date: Thursday, May 24, 2012 8:04 AM To: bind-users@lists.isc.org Subject: different between views and having multiple instances Hi all I need to understand the difference between configuring bind views and having multiple instances of bind. I have 5 network interfaces on my server and I want to have 2 instances of DNS server (just for testing) and I don't know which one to do ? i'm sure others will chime in with additional detail, but i think it's largely a matter of your needs and level of paranoia. if you are separating authoritative and caching functions, do you trust software to institute that policy or do you want to have physical segregation? i use views extensively now, and haven't had any issues... but have gone the physical route in the past (particularly before views existed). however, when i did that i actually had entirely different servers on disparate networks hosting the internal and external instances of bind. the other thing is if your testing needs to stop/start named for some reason, it might be less impactful to run separate instances. however, if you run 'rndc' you will see that many of the commands can be ran in a manner that only affects specified views. historically there were also performance considerations, but i think those are mostly moot with all the tuning in recent releases. if it's all on one server, views probably make sense... ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: different between views and having multiple instances
In article mailman.872.1337885546.63724.bind-us...@lists.isc.org, Mike Hoskins micho...@cisco.com wrote: the other thing is if your testing needs to stop/start named for some reason, it might be less impactful to run separate instances. however, if you run 'rndc' you will see that many of the commands can be ran in a manner that only affects specified views. Even if you don't have to stop the server, you might want to run separate instances so that there's less danger of breaking the named.conf used by the production server during testing. -- Barry Margolin Arlington, MA ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
