Re: Not receiving "Fixed/Ordered" query response
On 25.01.19 13:39, Brent Douglas wrote: We are testing a query: FQDN: test.testdomain.net Query Type: Client > DNS A > DNS B Simplified DNS query flow: 1. Client queries test.testdomain.net -t 2. Query goes to DNS A which then forwards the query to DNS B 3. DNS B responds with 2 ORDERED IPV6 addresses to DNS A 4. DNS A receives the 2 ORDERED IPV6 addresses from DNS B Expected 5. DNS A responsds with 2 ORDERED IPV6 addresses to Client What is happening 5. DNS A responds with 2 NON-ORDERED IPV6 addresses to Client maybe you could try configure sortlist: ftp://ftp.isc.org/isc/bind9/9.9.11/doc/arm/Bv9ARM.ch06.html#the_sortlist_statement BTW what is the point of you wanting to use fixed order? Things we have tried: Turn off cacheing on DNS A and DNS B Things we noticed: When the query goes from DNS A to DNS B, the transaction ID changes it does not change, it is a different DNS transaction. When DNS A responds with 2 IPV6 address to Client, the transaction ID changes back to the original transaction ID. It does not change, it is the original transaction. What options/settings are we overlooking to make sure the Client receives fixed ordered query responses? What could be the reason for DNS A receiving the ordered query response from DNS B, but does not send the ordered query response back to the client? ftp://ftp.isc.org/isc/bind9/9.9.11/doc/arm/Bv9ARM.ch06.html#options Note In this release of BIND 9, the rrset-order statement does not support "fixed" ordering by default. Fixed ordering can be enabled at compile time by specifying "--enable-fixed-rrset" on the "configure" command line. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. It's now safe to throw off your computer. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Not receiving "Fixed/Ordered" query response
Hello BIND ISC, We are testing a query: FQDN: test.testdomain.net Query Type: Client > DNS A > DNS B Simplified DNS query flow: 1. Client queries test.testdomain.net -t 2. Query goes to DNS A which then forwards the query to DNS B 3. DNS B responds with 2 ORDERED IPV6 addresses to DNS A 4. DNS A receives the 2 ORDERED IPV6 addresses from DNS B Expected 5. DNS A responsds with 2 ORDERED IPV6 addresses to Client What is happening 5. DNS A responds with 2 NON-ORDERED IPV6 addresses to Client Things we have tried: Turn off cacheing on DNS A and DNS B Things we noticed: When the query goes from DNS A to DNS B, the transaction ID changes When DNS A responds with 2 IPV6 address to Client, the transaction ID changes back to the original transaction ID. What options/settings are we overlooking to make sure the Client receives fixed ordered query responses? What could be the reason for DNS A receiving the ordered query response from DNS B, but does not send the ordered query response back to the client? Thanks Brent D ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNS Flag Day may cause any problem in private DNS servers ?
Thanks a lot! El jue., 24 ene. 2019 a las 16:24, Evan Hunt () escribió: > On Thu, Jan 24, 2019 at 10:53:49AM -0300, Roberto Carna wrote: > > Dear, I've just worked around on my public BIND DNS's in order to solve > the > > problem of DNS Flag Day. > > > > But I have a pair of private DNS (BIND and Windows) that respond to > > internal queries and also forward non authoritative queries to my public > > DNS'smay my private DNS's become unstables after DNS Flag Day if I > > don't any workaround on them ? > > DNS flag day is when vendors of recursive name servers will stop releasing > new software that coddles ancient or broken authoritative servers and > firewalls. Instead of trying over and over in different ways to coax some > broken remote system to send back an answer, new resolver software will > just declare the remote server to be broken, and give up. > > Nothing will stop working suddenly on February 1. However, the next time > you upgrade your recursive name server to the latest version, you *might* > have problems then. My guess is that you won't, but I can't guarantee it. > > If you do have some legacy server running internally that can't be fixed to > support EDNS properly, you can still configure your resolvers not to use > EDNS when talking to that specific server. That option will still be > available after flag day. > > An easy way to check would be to install the latest BIND development > release (version 9.13.5) and see if it works. It already has all the flag > day changes in it. > > -- > Evan Hunt -- e...@isc.org > Internet Systems Consortium, Inc. > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: RNDC Stats
N. Max Pierson wrote:
>
> Under Incoming Requests it has QUERY's among some other stats. Is this
> the total queries across all zones? If it is, it doesn't seem to add up
> to what the total of each zone added together in the per zone stats.
Hmm, good question. I suspected it might be something to do with REFUSED
queries for zones that you are not authoritative for, but that doesn't add
up for me either, because my server sent a lot more refused responses than
the difference between its overall query count and the zone query
counts...
awk '
/queries received/ {
if (n < 2) { server += $1 }
else { zones += $1 }
n += 1;
}
/REFUSED/ { refused = $1 }
END {
printf "server %d\n", server;
printf "zones %d\n", zones;
printf "difference %d\n", server - zones;
printf "refused %d\n", refused;
}
' named.stats
server 141242445
zones 141221559
difference 20886
refused 364380
Tony.
--
f.anthony.n.finchhttp://dotat.at/
Cape Wrath to Rattray Head including Orkney: Westerly 5 to 7, occasionally
gale 8 at first in north, becoming variable 3 or 4, then cyclonic 5 to 7
later. Slight or moderate in east, moderate or rough, occasionally very rough
in north. Showers then rain. Good, becoming moderate or poor.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
