Re: A newbies Bind question

In article gm67gf$al...@sf1.isc.org, Peter Arends peter.are...@essexpost.com wrote: In addition to these recommendation, you can use MAC filtering to restrict users. This is ofcourse if you have a iptables based firewall with MAC module. MAC filtering isn't much use if the clients are

Error: isc_lex_gettoken() failed: I/O error

While running a checkzone, one of my users is getting this error: dns_master_load: /var/named/var/named:1: isc_lex_gettoken() failed: I/O error dns_master_load: /var/named/var/named:1: I/O error Google isn't helping me too much. We're thinking maybe it's terminal related - a user has had

Re: BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT Illegal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 29 Jan 2009 22:33:24 -0800, Al Stu wrote: Analyze this. Query MX dns.com Response MX nullmx.domainmanager.com Query A nullmx.domainmanager.com Response CNAME mta.dewile.net, A 64.40.103.249 So the fact that other random folks

Bind 9 query logging

Sorry, I should have been a been a bit more specific. In reference to the O Reilly book: O' Reilly DNS and Bind by Paul Albitz Cricket Liu (4th Edition) pg. 163 - 173 (specifically pg. 164, paragraph 4) and pg. 405 - 421 (info about using the debug options) The web sites I looked at were:

How many nameservers?

How may NS entries typically is allowed per zone? Is there a bind limit or does it cause any side effects if the slaves are geographically distributed ? We would like to setup one zone for my new group who have offices all over the world ? We are planning to use BIND 9 over FreeBSD. There may be

Re: How many nameservers?

I have never heard of there being any downside to a large number of NS records for a domain. I know internally to my company we have large numbers of NS records for the internal domains. -- -Ben Croswell On Sun, Feb 1, 2009 at 7:51 PM, shulkae shul...@gmail.com wrote: How may NS entries

Re: Bind 9 query logging

On Fri, 30 Jan 2009, Robert Coward wrote: Sorry, I should have been a been a bit more specific. In reference to the O Reilly book: O' Reilly DNS and Bind by Paul Albitz Cricket Liu (4th Edition) pg. 163 - 173 (specifically pg. 164, paragraph 4) and pg. 405 - 421 (info about using the debug

Re: BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT Illegal

David Sparks wrote: There are plenty of ways to get a mail loop that don't involve DNS mis-configuration. As such pretty much every major MTA detects and stops mail loops. Not if you (accidentally) fat-finger the MTA configuration. It is completely possible to still mis-configure a MTA to

RE: BIND still will not resolve

It also appears that your name server (iceman) is configured to accept IPv4 queries only from itself. #listen-on port 53 { 127.0.0.1; }; -Original Message- From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Matthew Pounsett

Re: error sending response log messages

In article glpv2m$2l4...@sf1.isc.org, Andre LeClaire alecla...@yahoo.com wrote: Mark Andrews wrote: In message 497caef2.80...@yahoo.com, Andre LeClaire writes: Hello everyone, I've been seeing these syslog messages for about a week on a FreeBSD server running BIND 9.4.3-P1: Jan 25 02:35:21

RE: BIND still will not resolve

Brain fart times 2. That defines what IPv4 addresses it will listen on for queries, not what addresses are allowed to query it. And I failed to notice that it was commented out. -Original Message- From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On

Upgrade 9.5.1-P1 to 9.6.0.P1 question

Hello, I successfully and effortlessly upgraded two Bind servers running 9.5.1-P2 directly to 9.6.0-P1, simply by running ./configure make make install Although this worked just fine, I am now planning to perform the same procedure one of my production servers which is running 9.5.1-P1, and

Re: How many nameservers?

On Sun, Feb 01, 2009 at 04:51:52PM -0800, shulkae shul...@gmail.com wrote a message of 17 lines which said: How may NS entries typically is allowed per zone? The protocol has no limit. But you may run into problems with old software which still limits the DNS packets to 512 bytes. See all

Re: How many nameservers?

On Mon, Feb 02, 2009 at 02:25:35PM -0600, bsfin...@anl.gov bsfin...@anl.gov wrote a message of 41 lines which said: One downside - if you have many NS records, then they might not all fit in one UDP packet Let me demonstrate a bit of pedantism: the correct sentence is rather they might not

Re: Caching-only Name server does Zone Updates

On 02.02.09 17:25, Ashish wrote: Our DNS is configured as Caching-only Name server. However, it's still performing Zone updates like a Slave Name Server. Is it possible that a Caching-only Name server performs Zone updates, if yes under what conditions is this possible. Zone updates work

Re: Bind-9.5.1 logging

At Fri, 30 Jan 2009 22:06:57 -0500, Peter Fraser petros.fra...@gmail.com wrote: I'm trying to configure bind-9.5 logging to help troubleshoot a problem. I put this in named.conf logging { channel myfile { file /etc/namedb/dns.log; severity info; print-time

Re: Is per view logging possible with bind?

At Sat, 31 Jan 2009 08:31:35 -0500 (EST), Justin Piszcz jpis...@lucidpixels.com wrote: I have multiple views: internal external localhost Is it possible instead of seeing this in the logs: It's impossible if my understanding of the implementation is correct. --- JINMEI, Tatuya

Re: Is per view logging possible with bind?

Date: Mon, 02 Feb 2009 14:37:42 -0800 From: JINMEI Tatuya / ...@l@C#:H(B jinmei_tat...@isc.org At Sat, 31 Jan 2009 08:31:35 -0500 (EST), Justin Piszcz jpis...@lucidpixels.com wrote: I have multiple views: internal external localhost Is it possible instead of seeing this

Re: Upgrade 9.5.1-P1 to 9.6.0.P1 question

At Mon, 2 Feb 2009 12:34:06 -0800 (PST), Terpasaur emery.rudo...@gmail.com wrote: I successfully and effortlessly upgraded two Bind servers running 9.5.1-P2 directly to 9.6.0-P1, simply by running ./configure make make install Although this worked just fine, I am now planning to perform

Re: Is per view logging possible with bind?

At Mon, 2 Feb 2009 15:13:54 -0800 (PST), Gregory Hicks ghi...@hicks-net.net wrote: Is it possible instead of seeing this in the logs: It's impossible if my understanding of the implementation is correct. I may have mis-understood here, but I have TWO views and get logging by view,

RE: Caching-only Name server does Zone Updates

Hello All, Thank you for your replies. Our configuration file is fairly simple (I have changed the domain name for security). domain example.group.net cache ./etc/dnscache We use BIND 4. Actually our DNS

Re: How many nameservers?

In article gm7ksm$198...@sf1.isc.org, bsfin...@anl.gov wrote: One downside - if you have many NS records, then they might not all fit in one UDP packet (the Authority and/or Addition sections of a response to a DNS query). This will cause the protocol to revert to TCP. Truncation isn't

Re: Caching-only Name server does Zone Updates

In message 009201c985c0$aff05cb0$f9281...@wipro74039c7ca, Ashish writes: Hello All, Thank you for your replies. Our configuration file is fairly simple (I have changed the domain name for security). You care about security yet you run BIND 4? domain example.group.net

RE: Caching-only Name server does Zone Updates

Thank you Mark, Doupdate is followed by lot of statements like Db_update Match Please see the content below. = Doupdate(zone 0, savens x, flags y) Doupdate: dname 21.in-addr.arpa type 6 class 1 ttl 600