Hi,
Can anyone tell me how to enable Arabic domain name query in BIND running
Redhat RHEL 5.
Actually we have many internal domain name zone configured in BIND running in
Redhat 5 OS. Since i am from Middle east, users in my company wants to access
their internal domain name through
Hi,
Our setup is; We have internal DNS server wherein BIND is configured in RHEL 5
and many internal zones are configured. if Internet connection is down, our
Internal DNS severs are not able to get the DNS query from ISP DNS server.
Because of this, all users are not able to access many
[I changed the subject, which seemed wrong to me.]
On Wed, Feb 23, 2011 at 02:33:56PM +0530,
babu dheen babudh...@yahoo.co.in wrote
a message of 56 lines which said:
Can anyone tell me how to enable Arabic domain name query in BIND
running Redhat RHEL 5.
You have absolutely nothing to
I was thinking this is most likely the network problem, so you'd better
setup a good network with redundancy and high availability.
2011/2/23 babu dheen babudh...@yahoo.co.in
is there any option in BIND to give priority to HOST file before connecting
it to internet ISP or local zone?
--
Can anyone tell me how to enable Arabic domain name query in BIND running
Redhat RHEL 5.
Actually we have many internal domain name zone configured in BIND
running in Redhat 5 OS. Since i am from Middle east, users in my company
wants to access their internal domain name through arabic
On Wed, Feb 23, 2011 at 02:38:19PM +0530,
babu dheen babudh...@yahoo.co.in wrote
a message of 61 lines which said:
if Internet connection is down, our Internal DNS severs are not able
to get the DNS query from ISP DNS server. Because of this, all users
are not able to access many critical
On Tue, Feb 22, 2011 at 04:37:03PM -0500,
David Sparro dspa...@gmail.com wrote
a message of 24 lines which said:
it is up to the application how it will use the data.
MX records are only used by MTA and, no, it is NOT up to the MTA to
decide how to handle MX records, there is a standard for
is there any option in BIND to give priority to HOST file before
connecting it to internet ISP or local zone?
No. BIND doesn't read/use the hosts file.
What you _can_ do is configure BIND to believe it's authoritative for
those zones, but I'd not recommend doing this unless you have a very good
Hi,
Could you please tell me how to set up for recursive server for NS
delegation records.
It would be great if you give named.conf
Thanks Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
On 23.02.11 17:59, rams wrote:
Could you please tell me how to set up for recursive server for NS
delegation records.
for recursive server or for NS delegation?
It would be great if you give named.conf
there's at least one default named.conf provided within bind installation in
any package
On Wed, Feb 23, 2011 at 05:59:06PM +0530,
rams brames...@gmail.com wrote
a message of 33 lines which said:
Could you please tell me how to set up for recursive server for NS
delegation records.
It would be great if you give named.conf
It would be great if you rewrite your requirments
Dnia 2011-02-23 17:59 rams napisał(a):
Hi,
Could you please tell me how to set up for recursive server for NS
delegation records.
I know what a recursive nameserver is. I know what NS delegation record is.
I have no idea what a recursive nameserver for NS delegation records is.
Recursive
I have configuered recursion yes in named.conf and i queried for NS
delegated records against bind. Actually that domain is not exist in my
system. Here how bind will work.
On Wed, Feb 23, 2011 at 6:20 PM, rams brames...@gmail.com wrote:
I have configuered recursion yes in named.conf and i
On Wed, Feb 23, 2011 at 06:45:11PM +0530,
rams brames...@gmail.com wrote
a message of 104 lines which said:
I have configuered recursion yes in named.conf and i queried for NS
delegated records against bind. Actually that domain is not exist in
my system. Here how bind will work.
To tell
Hello,
after downloading and unpacking bind9.7.3, there's bind.keys file that
contains this comment:
# This file also contains a copy of the trust anchor for the DNS root zone
# (.). However, named does not use it; it is provided here for
# informational purposes only. To switch on DNSSEC
Thanks, Mark,
Last June I asked our firewall person to make sure our firewall not
blocking DNS packets over 512 bytes. He told me our firewall was not
blocking. I guess that might be some default setting of the firewall
and he does not really know. I did two digs here one with +dnssec and
On Feb 22, 2011, at 3:55 PM, Larissa Shapiro wrote:
Description and Impact:
When an authoritative server processes a successful IXFR transfer or a
dynamic update, there is a small window of time during which the IXFR/update
coupled with a query may cause a deadlock to occur. This deadlock
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Take a look at this. It is somewhat confusing, but it is helpful and
should tell you right away if you definitely have a firewall issue (and
frankly there's little else it could be).
https://www.dns-oarc.net/oarc/services/replysizetest
On 02/23/2011
# This file also contains a copy of the trust anchor for the DNS root zone
# (.). However, named does not use it; it is provided here for
# informational purposes only. To switch on DNSSEC validation at the
# root, the root key below can be copied into named.conf.
Does this still apply?
On Feb 23 2011, Matus UHLAR - fantomas wrote:
Hello,
after downloading and unpacking bind9.7.3, there's bind.keys file that
contains this comment:
# This file also contains a copy of the trust anchor for the DNS root zone
# (.). However, named does not use it; it is provided here for
#
On Feb 23 2011, Evan Hunt wrote:
# This file also contains a copy of the trust anchor for the DNS root zone
# (.). However, named does not use it; it is provided here for
# informational purposes only. To switch on DNSSEC validation at the
# root, the root key below can be copied into
That may have been the intent, but I can assure you that it isn't what
actually happens!
Whoops. You're right, and it's a bug. The keys aren't read without
dnssec-lookaside auto being turned on, but if it is, then both keys are
loaded. This works correctly in 9.8, but a little piece of code
On 2/23/2011 4:08 AM, babu dheen wrote:
Hi,
Our setup is; We have internal DNS server wherein BIND is configured
in RHEL 5 and many internal zones are configured. if Internet
connection is down, our Internal DNS severs are not able to get the
DNS query from ISP DNS server. Because of this,
[forgot to change the digest subject before sending - sorry folks]
On Wed, Feb 23, 2011 at 12:30, Christopher Cain ch...@christophercain.cawrote:
Ryan - thanks for the link. This would have saved me quite a bit of
troubleshooting time a few weeks back.
Christopher Cain
E:
On 2/23/2011 4:57 AM, Eivind Olsen wrote:
is there any option in BIND to give priority to HOST file before
connecting it to internet ISP or local zone?
No. BIND doesn't read/use the hosts file.
What you _can_ do is configure BIND to believe it's authoritative for
those zones, but I'd not
Date: Wed, 23 Feb 2011 17:32:44 +
From: Evan Hunt e...@isc.org
Sender: bind-users-bounces+oberman=es@lists.isc.org
That may have been the intent, but I can assure you that it isn't what
actually happens!
Whoops. You're right, and it's a bug. The keys aren't read without
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A couple more gems:
https://www.dnssec-deployment.org/wp-content/uploads/2010/03/DNSSEC-CPE-Report.pdf
(really anything at dnssec-deployment.org)
There was another table that I found someplace and cannot find now that
listed Cisco PIX and mentioned
Den 23. feb. 2011 kl. 18:19 skrev Kevin Darcy k...@chrysler.com:
One should also bear in mind that DNS isn't only used for obtaining address
records for purposes of immediate client/server connection.
...etc...
Fair enough. I didn't see any mention of that in the original posting, and I
On 2/23/2011 12:19 PM, Kevin Darcy wrote:
On 2/23/2011 4:57 AM, Eivind Olsen wrote:
reason. And if your Internet connection goes down, does it really matter
whether you can do lookups, if you can't make the connections anyway?
I hear that reasoning a lot, but it's actually a fallacy. Some
On 2/23/2011 4:56 AM, Stephane Bortzmeyer wrote:
On Tue, Feb 22, 2011 at 04:37:03PM -0500,
David Sparrodspa...@gmail.com wrote
a message of 24 lines which said:
it is up to the application how it will use the data.
MX records are only used by MTA and, no, it is NOT up to the MTA to
In PIX versions 6.3.2 and below you had to do:
fixup protocol dns maximum-length 4096
In later versions you need:
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 4096
or to increase the response size length:
policy-map global_policy
class inspection_default
There are multiple ways to interpret that question.
Normally, a resolver either uses recursion (with a preconfigured set of
forwarders) at a given point in resolving a particular name, or it
follows the NS records in a delegation chain, non-recursively, in order
to find the answer.
It
There was also a message-length client auto or something like that too
for some versions of some Cisco HW, but if memory serves, the version
that introduced it is broken. :)
On 02/23/2011 04:54 PM, Warren Kumari wrote:
In PIX versions 6.3.2 and below you had to do:
fixup protocol dns
Hi.
When I query my dns servers internally and directly from outside I get
[macgre@topnz15209-linux ~]$ dig @202.a.x.y mydomain.nz
; DiG 9.7.2-P3-RedHat-9.7.2-1.P3.fc13 @202.a.x.y mydomain.nz
; (1 server found)
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR,
On 23/02/2011 23:53, Gregory Machin wrote:
Hi Gregory,
why are
;; AUTHORITY SECTION:
mydomain.nz. 86400 IN NS mcvpdns01.mydomain.nz.
mydomain.nz. 86400 IN NS drvpdns01.mydomain.nz.
missing ?
Google DNS and OpenDNS are meant to be used by end-users, who don't
Hi.
Thanks for the feedback. I was warned not to provide to much info by
the security guy.
The domain name in question is openpolytechnic.ac.nz
Thanks
On Thu, Feb 24, 2011 at 12:36 PM, Anand Buddhdev ana...@ripe.net wrote:
On 23/02/2011 23:53, Gregory Machin wrote:
Hi Gregory,
why are
Further to my private message, is your border router using bogon
filters?
I can actually get your local NS's using a U.S host on an old IP, but
not from my connection, this suggests an outdated bogon filter
since i'm on 27.x IP range.
On Thu, 2011-02-24 at 15:00 +1300, Gregory Machin wrote:
Hi.
Thanks for the support and assitance. I see that the issue is related
to the bogon filter in bind configuration.
Where can I get a valid bogon list .
Thanks
On Thu, Feb 24, 2011 at 3:45 PM, Noel Butler noel.but...@ausics.net wrote:
Further to my private message, is your border router using
Hi,
You can pretty much remove the entire statement now, as all /8's are
issued as of about two weeks ago.
(Confirming, with my 27.x IP I can now get answers from your local NS's
so all looks good)
Cheers
On Thu, 2011-02-24 at 17:04 +1300, Gregory Machin wrote:
Hi.
Thanks for the support
https://blue-labs.org/software/dns/bogon-update.py
-david
On 02/23/11 23:04, Gregory Machin wrote:
Hi.
Thanks for the support and assitance. I see that the issue is related
to the bogon filter in bind configuration.
Where can I get a valid bogon list .
Thanks
On 24/02/2011 04:14, Noel Butler wrote:
You can pretty much remove the entire statement now, as all /8's are
issued as of about two weeks ago.
This works for me:
lucid-nonsense:~/src/namedb:% cat acl-ipv4-bogons.conf
// @(#) $Id: acl-ipv4-bogons.conf 800 2011-02-03 20:22:12Z matthew $
//
//
On 2/24/2011 1:19 AM, Matthew Seaman wrote:
On 24/02/2011 04:14, Noel Butler wrote:
You can pretty much remove the entire statement now, as all /8's are
issued as of about two weeks ago.
This works for me:
lucid-nonsense:~/src/namedb:% cat acl-ipv4-bogons.conf
// @(#) $Id:
42 matches
Mail list logo
