Re: How can I tell if a quiry is answered or denied

2022-04-20 Thread Benny Pedersen 

On 2022-04-20 23:07, Richard T.A. Neal wrote:

Hi Hal,

In addition to this you might also want to look into Response Rate
Limiting. This may help to reduce the load on your DNS servers from
bad actors without having to play a cat & mouse game of spotting and
blocking them.

Response Rate Limiting is explained in detail in the BIND ARM here
(scroll down to section 4.2.16.19):

https://downloads.isc.org/isc/bind9/9.18.2/doc/arm/html/reference.html


how well does this work with very low $TTL in zone file ?

https://blog.apnic.net/2019/11/12/stop-using-ridiculously-low-dns-ttls/
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How can I tell if a quiry is answered or denied

2022-04-20 Thread King, Harold Clyde (Hal) via bind-users 
That's not in my version of bind-9.16.23.

Thanks anyway!


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:d0cf86b5-1da2-47ba-9a66-0e3522260ce4]

From: Jeff Sumner 
Sent: Wednesday, April 20, 2022 4:25 PM
To: King, Harold Clyde (Hal) ; bind-users 

Subject: Re: How can I tell if a quiry is answered or denied

You don't often get email from kc4...@gmail.com. Learn why this is 
important





***

You can turn on answer logging:



rndc answerlog







Apologies- I believe the above is likely specific to EIP DNS builds.



J
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: How can I tell if a quiry is answered or denied

2022-04-20 Thread Richard T.A. Neal 
Hi Hal,

In addition to this you might also want to look into Response Rate Limiting. 
This may help to reduce the load on your DNS servers from bad actors without 
having to play a cat & mouse game of spotting and blocking them.

Response Rate Limiting is explained in detail in the BIND ARM here (scroll down 
to section 4.2.16.19):
https://downloads.isc.org/isc/bind9/9.18.2/doc/arm/html/reference.html

Best,
Richard.


From: bind-users  On Behalf Of Jeff Sumner
Sent: 20 April 2022 9:25 pm
To: King, Harold Clyde (Hal) ; bind-users 

Subject: Re: How can I tell if a quiry is answered or denied



***
You can turn on answer logging:

rndc answerlog



Apologies- I believe the above is likely specific to EIP DNS builds.

J
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How can I tell if a quiry is answered or denied

2022-04-20 Thread Jeff Sumner 


***
You can turn on answer logging:

rndc answerlog



Apologies- I believe the above is likely specific to EIP DNS builds.

J
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How can I tell if a quiry is answered or denied

2022-04-20 Thread Jeff Sumner 
From: bind-users  on behalf of King, Harold 
Clyde (Hal) via bind-users 
Date: Wednesday, April 20, 2022 at 3:29 PM
To: bind-users 
Subject: How can I tell if a quiry is answered or denied
I'm trying to find bad actors stretching out my load on my main DNS server I 
can't tell from the query log if a host is denied an answer, or given an 
answer. Also, can I get the answer in my logs? I got one great answer today, 
maybe I'm pushing my luck, but I do feel lucky.


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:fe5c07f5-ef0a-4dd8-a8d0-f22481933b6b]




You can turn on answer logging:

rndc answerlog


This will log answers:
client @0x47faa158 192.168.0.6#60588 (hobbes.nmsu.edu): answer: hobbes.nmsu.edu 
IN A +T (192.168.0.210) -> NOERROR hobbes.nmsu.edu. 3600 A 128.123.88.139


J
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

How can I tell if a quiry is answered or denied

2022-04-20 Thread King, Harold Clyde (Hal) via bind-users 
I'm trying to find bad actors stretching out my load on my main DNS server I 
can't tell from the query log if a host is denied an answer, or given an 
answer. Also, can I get the answer in my logs? I got one great answer today, 
maybe I'm pushing my luck, but I do feel lucky.


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:fe5c07f5-ef0a-4dd8-a8d0-f22481933b6b]
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Reading secondary PTR files

2022-04-20 Thread King, Harold Clyde (Hal) via bind-users 
Thank you that did the trick!


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:7843e9a7-77dc-4edb-92f4-95ba78de367b]

From: Larry Rosenman 
Sent: Wednesday, April 20, 2022 9:56 AM
To: King, Harold Clyde (Hal) 
Cc: bind-users 
Subject: Re: Reading secondary PTR files

You don't often get email from l...@lerctr.org. Learn why this is 
important

this is what I use with 9.18.1
named-compilezone -f raw -F text -o - 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa 
0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa.signed


On 04/20/2022 8:42 am, King, Harold Clyde (Hal) via bind-users wrote:

I  need to read the reverse zone in txt and I'm not sure how to decode the file 
with named-compilezone. Does anyone know the part I'm missing?
named-compilezone -f raw -F text -o 
/etc/named/secondary/9.249.192.in-addr.arpa.db 9.249.192 
/etc/named/secondary/9.249.192.in-addr.arpa.db


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:16504630076260111f6e158884917586@lerctr.org]




--
Larry Rosenman 
http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: 
l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Reading secondary PTR files

2022-04-20 Thread Larry Rosenman 



this is what I use with 9.18.1
named-compilezone -f raw -F text -o - 
0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa 
0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa.signed


On 04/20/2022 8:42 am, King, Harold Clyde (Hal) via bind-users wrote:

I  need to read the reverse zone in txt and I'm not sure how to decode 
the file with named-compilezone. Does anyone know the part I'm missing?
named-compilezone -f raw -F text -o 
/etc/named/secondary/9.249.192.in-addr.arpa.db 9.249.192 
/etc/named/secondary/9.249.192.in-addr.arpa.db


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599


--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reading secondary PTR files

2022-04-20 Thread King, Harold Clyde (Hal) via bind-users 
I  need to read the reverse zone in txt and I'm not sure how to decode the file 
with named-compilezone. Does anyone know the part I'm missing?
named-compilezone -f raw -F text -o 
/etc/named/secondary/9.249.192.in-addr.arpa.db 9.249.192 
/etc/named/secondary/9.249.192.in-addr.arpa.db

--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:36fbaf98-8bc3-4d0b-8a9a-8eeade380eaa]
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Is anyone here forwarding your bind-users messages to gmail or a google-hosted domain?

2022-04-20 Thread Matus UHLAR - fantomas 

Dan Mahoney  writes:

We've seen a number of messages reported to us as having an isc.org "from"
address, and as having our dkim signatures, but the signatures failing to
verify, perhaps because a forwarder may have added a subject tag or
rewritten some other header.  Of course, SPF also fails because those
servers aren't in our SPF record.


On 20.04.22 10:55, Bjørn Mork wrote:

I don't forward to gmail, but I've noticed that my DKIM signature on
messages to this list fail verification. I believe this problem is
specific to this list, as it doesn't happen with most other lists.

I assume the reason is the body modfications by the list server.


apparently.

from what I know, mailman only modifies From: if the headers/body are 
changed AND dmarc policy of the originator domain is set to reject.

yours is "none.

I encountered this problem with different mailing list and also got customer 
ticket with the same problem.



--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"Where do you want to go to die?" [Microsoft]
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Is anyone here forwarding your bind-users messages to gmail or a google-hosted domain?

2022-04-20 Thread Bjørn Mork 
Dan Mahoney  writes:

> We've seen a number of messages reported to us as having an isc.org "from" 
> address, and as having our dkim signatures, but the signatures failing to 
> verify, perhaps because a forwarder may have added a subject tag or 
> rewritten some other header.  Of course, SPF also fails because those 
> servers aren't in our SPF record.

I don't forward to gmail, but I've noticed that my DKIM signature on
messages to this list fail verification. I believe this problem is
specific to this list, as it doesn't happen with most other lists.

I assume the reason is the body modfications by the list server.

See for example <87mtgsx4n4@miraculix.mork.no> from Sun, 10 Apr 2022
18:52:15 +0200

Or you can just look at this messages, which will have a valid DKIM
signature when received by the lists.isc.org mx.  But most likely messed
up when forwarded from lists.isc.org.

I'm pretty sure the invalid DKIM signature counts as negative for gmail
even if the ISC DKIM signature is valid.  And fixing that should be
within your control?


Bjørn
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Communication error when we do axfr query for the large size zone

2022-04-20 Thread Ondřej Surý 
> bind 9.16.13

This. You are running outdated unsupported version of BIND 9. You need to 
upgrade to latest 9.16 version at least.

--
Ondřej Surý — ISC (He/Him)

My working hours and your working hours may be different. Please do not feel 
obligated to reply outside your normal working hours.

> On 20. 4. 2022, at 8:27, rams  wrote:
> 
> 
> We have CentOS Linux 7 , 128GB ram and bind 9.16.13.
> Could you please share what information exactly you are looking for? to 
> resolve the issue.
> 
>> On Wed, Apr 20, 2022 at 11:36 AM Ondřej Surý  wrote:
>> We can’t really help you if you withhold information. You need to learn to 
>> provide complete information if you want other people to help you instead of 
>> letting them guess what does you environment look like.
>> 
>> Ondrej
>> --
>> Ondřej Surý — ISC (He/Him)
>> 
>> My working hours and your working hours may be different. Please do not feel 
>> obligated to reply outside your normal working hours.
>> 
 On 20. 4. 2022, at 8:04, rams  wrote:
 
>>> 
>>> Seeing only these two line in log:
>>> Apr 20 05:54:20 perf-bind named[74314]: client @0x7fb844005288 
>>> 127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': AXFR 
>>> started (serial 1605611713)
>>> Apr 20 05:54:41 perf-bind monit[1105]: 'rootfs' space usage 92.9% matches 
>>> resource limit [space usage > 90.0%]
>>> Apr 20 05:54:41 perf-bind monit[1105]: 'rootfs' space usage 92.9% matches 
>>> resource limit [space usage > 90.0%]
>>> Apr 20 05:54:50 perf-bind named[74314]: client @0x7fb844005288 
>>> 127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': send: 
>>> operation canceled
>>> 
 On Wed, Apr 20, 2022 at 11:17 AM Crist Clark  
 wrote:
 Probably.
 
 Maybe check for any log messages from BIND. Do packet capture to see 
 exactly what's happening to the TCP.
 
> On Tue, Apr 19, 2022 at 10:12 PM rams  wrote:
> Hi,
> We are getting the following error when we query for the 25M zone with 
> axfr .
> 
> ]# dig @localhost 25million.com axfr |tail
> a8157794.25million.com. 86400   IN  A   1.1.1.1
> a8157795.25million.com. 86400   IN  A   1.1.1.1
> a8157796.25million.com. 86400   IN  A   1.1.1.1
> a8157797.25million.com. 86400   IN  A   1.1.1.1
> a8157798.25million.com. 86400   IN  A   1.1.1.1
> a8157799.25million.com. 86400   IN  A   1.1.1.1
> a81578.25million.com.   86400   IN  A   1.1.1.1
> a815780.25million.com.  86400   IN  A   1.1.1.1
> ;; communications error to 127.0.0.1#53: end of file
> 
> Do we need to increase or set any parameters?.
> 
> Regards,
> Ramesh
> -- 
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> ISC funds the development of this software with paid support 
> subscriptions. Contact us at https://www.isc.org/contact/ for more 
> information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>>> -- 
>>> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
>>> this list
>>> 
>>> ISC funds the development of this software with paid support subscriptions. 
>>> Contact us at https://www.isc.org/contact/ for more information.
>>> 
>>> 
>>> bind-users mailing list
>>> bind-users@lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Communication error when we do axfr query for the large size zone

2022-04-20 Thread rams 
We have CentOS Linux 7 , 128GB ram and bind 9.16.13.
Could you please share what information exactly you are looking for? to
resolve the issue.

On Wed, Apr 20, 2022 at 11:36 AM Ondřej Surý  wrote:

> We can’t really help you if you withhold information. You need to learn to
> provide complete information if you want other people to help you instead
> of letting them guess what does you environment look like.
>
> Ondrej
> --
> Ondřej Surý — ISC (He/Him)
>
> My working hours and your working hours may be different. Please do not
> feel obligated to reply outside your normal working hours.
>
> On 20. 4. 2022, at 8:04, rams  wrote:
>
> 
> Seeing only these two line in log:
> Apr 20 05:54:20 perf-bind named[74314]: client @0x7fb844005288
> 127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': AXFR
> started (serial 1605611713)
> Apr 20 05:54:41 perf-bind monit[1105]: 'rootfs' space usage 92.9% matches
> resource limit [space usage > 90.0%]
> Apr 20 05:54:41 perf-bind monit[1105]: 'rootfs' space usage 92.9% matches
> resource limit [space usage > 90.0%]
> Apr 20 05:54:50 perf-bind named[74314]: client @0x7fb844005288
> 127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': send:
> operation canceled
>
> On Wed, Apr 20, 2022 at 11:17 AM Crist Clark 
> wrote:
>
>> Probably.
>>
>> Maybe check for any log messages from BIND. Do packet capture to see
>> exactly what's happening to the TCP.
>>
>> On Tue, Apr 19, 2022 at 10:12 PM rams  wrote:
>>
>>> Hi,
>>> We are getting the following error when we query for the 25M zone with
>>> axfr .
>>>
>>> ]# dig @localhost 25million.com axfr |tail
>>> a8157794.25million.com. 86400   IN  A   1.1.1.1
>>> a8157795.25million.com. 86400   IN  A   1.1.1.1
>>> a8157796.25million.com. 86400   IN  A   1.1.1.1
>>> a8157797.25million.com. 86400   IN  A   1.1.1.1
>>> a8157798.25million.com. 86400   IN  A   1.1.1.1
>>> a8157799.25million.com. 86400   IN  A   1.1.1.1
>>> a81578.25million.com.   86400   IN  A   1.1.1.1
>>> a815780.25million.com.  86400   IN  A   1.1.1.1
>>> *;; communications error to 127.0.0.1#53: end of file*
>>>
>>> Do we need to increase or set any parameters?.
>>>
>>> Regards,
>>> Ramesh
>>> --
>>> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>>> from this list
>>>
>>> ISC funds the development of this software with paid support
>>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>>> information.
>>>
>>>
>>> bind-users mailing list
>>> bind-users@lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>>
>> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Communication error when we do axfr query for the large size zone

2022-04-20 Thread Ondřej Surý 
We can’t really help you if you withhold information. You need to learn to 
provide complete information if you want other people to help you instead of 
letting them guess what does you environment look like.

Ondrej
--
Ondřej Surý — ISC (He/Him)

My working hours and your working hours may be different. Please do not feel 
obligated to reply outside your normal working hours.

> On 20. 4. 2022, at 8:04, rams  wrote:
> 
> 
> Seeing only these two line in log:
> Apr 20 05:54:20 perf-bind named[74314]: client @0x7fb844005288 
> 127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': AXFR started 
> (serial 1605611713)
> Apr 20 05:54:41 perf-bind monit[1105]: 'rootfs' space usage 92.9% matches 
> resource limit [space usage > 90.0%]
> Apr 20 05:54:41 perf-bind monit[1105]: 'rootfs' space usage 92.9% matches 
> resource limit [space usage > 90.0%]
> Apr 20 05:54:50 perf-bind named[74314]: client @0x7fb844005288 
> 127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': send: 
> operation canceled
> 
>> On Wed, Apr 20, 2022 at 11:17 AM Crist Clark  
>> wrote:
>> Probably.
>> 
>> Maybe check for any log messages from BIND. Do packet capture to see exactly 
>> what's happening to the TCP.
>> 
>>> On Tue, Apr 19, 2022 at 10:12 PM rams  wrote:
>>> Hi,
>>> We are getting the following error when we query for the 25M zone with axfr 
>>> .
>>> 
>>> ]# dig @localhost 25million.com axfr |tail
>>> a8157794.25million.com. 86400   IN  A   1.1.1.1
>>> a8157795.25million.com. 86400   IN  A   1.1.1.1
>>> a8157796.25million.com. 86400   IN  A   1.1.1.1
>>> a8157797.25million.com. 86400   IN  A   1.1.1.1
>>> a8157798.25million.com. 86400   IN  A   1.1.1.1
>>> a8157799.25million.com. 86400   IN  A   1.1.1.1
>>> a81578.25million.com.   86400   IN  A   1.1.1.1
>>> a815780.25million.com.  86400   IN  A   1.1.1.1
>>> ;; communications error to 127.0.0.1#53: end of file
>>> 
>>> Do we need to increase or set any parameters?.
>>> 
>>> Regards,
>>> Ramesh
>>> -- 
>>> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
>>> this list
>>> 
>>> ISC funds the development of this software with paid support subscriptions. 
>>> Contact us at https://www.isc.org/contact/ for more information.
>>> 
>>> 
>>> bind-users mailing list
>>> bind-users@lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
> -- 
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
> this list
> 
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Communication error when we do axfr query for the large size zone

2022-04-20 Thread rams 
Seeing only these two line in log:
Apr 20 05:54:20 perf-bind named[74314]: client @0x7fb844005288
127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': AXFR
started (serial 1605611713)
Apr 20 05:54:41 perf-bind monit[1105]: 'rootfs' space usage 92.9% matches
resource limit [space usage > 90.0%]
Apr 20 05:54:41 perf-bind monit[1105]: 'rootfs' space usage 92.9% matches
resource limit [space usage > 90.0%]
Apr 20 05:54:50 perf-bind named[74314]: client @0x7fb844005288
127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': send:
operation canceled

On Wed, Apr 20, 2022 at 11:17 AM Crist Clark 
wrote:

> Probably.
>
> Maybe check for any log messages from BIND. Do packet capture to see
> exactly what's happening to the TCP.
>
> On Tue, Apr 19, 2022 at 10:12 PM rams  wrote:
>
>> Hi,
>> We are getting the following error when we query for the 25M zone with
>> axfr .
>>
>> ]# dig @localhost 25million.com axfr |tail
>> a8157794.25million.com. 86400   IN  A   1.1.1.1
>> a8157795.25million.com. 86400   IN  A   1.1.1.1
>> a8157796.25million.com. 86400   IN  A   1.1.1.1
>> a8157797.25million.com. 86400   IN  A   1.1.1.1
>> a8157798.25million.com. 86400   IN  A   1.1.1.1
>> a8157799.25million.com. 86400   IN  A   1.1.1.1
>> a81578.25million.com.   86400   IN  A   1.1.1.1
>> a815780.25million.com.  86400   IN  A   1.1.1.1
>> *;; communications error to 127.0.0.1#53: end of file*
>>
>> Do we need to increase or set any parameters?.
>>
>> Regards,
>> Ramesh
>> --
>> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>> from this list
>>
>> ISC funds the development of this software with paid support
>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>> information.
>>
>>
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users