> With "auto-dnssec maintain", I expect the Zone Signing Keys and the
> individual RRSIGs to be completely managed and rotated as needed by bind, per
> https://kb.isc.org/article/AA-00626/0/Inline-Signing-in-ISC-BIND-9.9.0-Examples.html
and the Admin Reference, however, at the end of 4.9.7, it sa
On Fri, 1 Jun 2012, Alan Batie wrote:
> When it comes to the DS records registered at the registrar, I'm not
> sure where that comes from: the only way I can see to get it is to do a
> DS query from the nameserver (and at least one document basically said
> that). First, I'd like to know where it
I'm a little confused wading through the massive amount of detail about
dnssec, and have two main questions:
1. General key management
2. Specific problems with my test domain setup (raindrop.us)
For general key management:
With "auto-dnssec maintain", I expect the Zone Signing Keys and the
in
On Fri, Jun 01, 2012 at 01:11:48PM -0700, JINMEI Tatuya / ?$B?@L@C#:H wrote:
> At Fri, 01 Jun 2012 03:27:22 -0700,
> cleaning interval has been effectively no-op since BIND 9.5. Tweaking
> it won't improve performance, although it shouldn't cause a bad effect
> either.
If your cache is too small
At Fri, 01 Jun 2012 03:27:22 -0700,
Doug Barton wrote:
> One thing that can help is to set the cleaning interval more
> aggressively, but that can also cause performance problems for your
> clients if you are CPU bound, so use that option with care, and monitor
> the results after a change.
clea
On 31.05.12 22:26, blr maani wrote:
hmmm.. 75%-85% seems too large because the host runs email application in
addition to cache-and-forward-only BIND (for better local caching). So, I
was wondering if there are any best/proven practice/recommendations for
such shared application hosts ?
The def
On Jun 1 2012, Michael Graff wrote:
[...] The default of 32 MB is actually a fairly new thing.
Surely the default went back to 0 (effectively unlimited) long ago?
2253. [func] "max-cache-size" defaults to 32M.
"max-acache-size" defaults to 16M.
got into BIND
On 05/31/2012 22:26, blr maani wrote:
> Doug,
> hmmm.. 75%-85% seems too large because the host runs email application
> in addition to cache-and-forward-only BIND (for better local caching).
So get more RAM, or split your services onto multiple systems. Yes, I
realize that may not be possible f
8 matches
Mail list logo
