Its maybe sily just for you. But not for all.
For example,
I authorize users via radius with 2 way: without acl and with guest acl.
So I give same dns servers to all users, but I give public ip to the normal
users and private ip to the users with guest acl for purpose redirecting all
dns
Not helped...
view internal-in in {
match-clients { zone1; };
recursion yes;
zone . {
type master;
file db.lockdown;
};
};
-Original Message-
From: Nadir Aliyev [mailto:na...@ultel.net]
Sent: Tuesday, July 13, 2010 3:28 PM
To:
--
An HTML attachment was scrubbed...
URL:
https://lists.isc.org/pipermail/bind-users/attachments/20100713/178f7aef/at
tachment-0001.html
--
Message: 3
Date: Tue, 13 Jul 2010 00:43:14 -0500
From: Larry Brower la...@maxqe.com
Subject: Re: Defining custom root zone by subnet
Hello,
I have a signed zone (dnssec.lu) with NSEC3 / no optout, signed through
OpenDNSSEC. The zone contains a wildcard with a TXT and A record.
Each time the server is queried for something where the QNAME is matched
by the wildcard, but the QTYPE is not, named logs a warning: expected
covering
It looks like normal NSEC to me, unless you are referring to an isolated
copy of the domain not accessible to the public:
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 22416
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version:
Kalman Feher wrote:
It looks like normal NSEC to me, unless you are referring to an isolated
copy of the domain not accessible to the public:
Yes, indeed, sorry about that. I should keep my playgrounds tidier. The
actual zone is located on nssec.restena.lu, and is publicly queriable
(even with
Ok now I see it.
The response appears ok, but the log entry is odd. I see the same on my test
box (9.7.1 not patched to P1 yet). A brief thread on this occurred earlier
in the year (archived here):
http://newsgroups.derkeiler.com/Archive/Comp/comp.protocols.dns.bind/2010-03
/msg00282.html
On
Kalman Feher wrote:
Ok now I see it.
The response appears ok, but the log entry is odd. I see the same on my test
box (9.7.1 not patched to P1 yet).
I saw this on earlier 9.7 as well.
A brief thread on this occurred earlier
in the year (archived here):
Dear All
This is in reference to the performance tuning , i had already gone through
the mailing list archives , but could not find answer to my
specific query mentioned here.
I had installed bind as a caching name server for test purposes and
planning to test performance that could give me
On 7/13/2010 1:11 PM, Shiva Raman wrote:
Dear All
This is in reference to the performance tuning , i had already gone
through the mailing list archives , but could not find answer to my
specific query mentioned here.
Right now i am using queryperf to test the performance with sample query
At Thu, 8 Jul 2010 02:30:25 -0700 (PDT),
khanh rua duonghoahoc_k4...@yahoo.com wrote:
I install bind as a cache server on Solaris 10, Sun Sparc T5140. It
has problem, bind always hang out when named reach to 5-600 Mb
('prstat' check). I have several servers and all have this problem
even when
Hi,
Can anyone explain to me why the 'ad'-flag is set for this query?
dig +dnssec -t RRSIG www.forfunsec.org
How does a validating resolver determine that such an answer is secure?
Thank you.
--
Marco Davids
___
bind-users mailing list
On Tue, 13 Jul 2010, Marco Davids (SIDN) wrote:
Hi,
Can anyone explain to me why the 'ad'-flag is set for this query?
dig +dnssec -t RRSIG www.forfunsec.org
I'm using 9.7.1-P1 with dlv and I'm not seeing the AD flag on that. What
version of BIND are you using?
Doug
--
Improve
On Wed, 14 Jul 2010, Marco Davids (SIDN) wrote:
On 07/13/10 23:58, Doug Barton wrote:
Can anyone explain to me why the 'ad'-flag is set for this query?
dig +dnssec -t RRSIG www.forfunsec.org
I'm using 9.7.1-P1 with dlv and I'm not seeing the AD flag on that. What
version of BIND are you
On Fri, 9 Jul 2010, Tomasz Chmielewski wrote:
Hi,
I'm about to set up bind with GeoIP patches.
What I'm not sure, is how do you guys handle high availability?
Suppose I have zones for Americas and Europe,
Just to be clear, you're saying that you have 2 different zones, one
with the
15 matches
Mail list logo