Re: Understanding cause of DNS format error (FORMERR)

2012-06-26 Thread Gabriele Paggi
Hello Sam, There's some kind of delegation bug as well.  If I query dns1[0-3].one.microsoft.com for SOA and NS for partners.extranet.microsoft.com you get sensible answers though the origin host is different for each server queried and those origins are privately addressed. Which kind of

Re: Understanding cause of DNS format error (FORMERR)

2012-06-26 Thread Sam Wilson
In article mailman.1143.1340715359.63724.bind-us...@lists.isc.org, Gabriele Paggi gabriele@gmail.com wrote: Hello Sam, There's some kind of delegation bug as well.  If I query dns1[0-3].one.microsoft.com for SOA and NS for partners.extranet.microsoft.com you get sensible answers

Re: Understanding cause of DNS format error (FORMERR)

2012-06-26 Thread Barry Margolin
In article mailman.1144.1340718471.63724.bind-us...@lists.isc.org, Sam Wilson sam.wil...@ed.ac.uk wrote: For a NXDOMAIN response, or NOERROR with an empty answer section, the server should provide the SOA record in the authority section. That SOA is the apex of the zone which doesn't

Re: Reverse zones best practices

2012-06-26 Thread nex6
* David Dowdle ddow...@leopard.net [2012-06-25 14:20:43 -0700]: so, create zones based on how networking creates vlans eg: /24s we dont have any /8 or /16 vlan networks yet I strongly recommend splitting on /8 /16 and /24 boundries. With the number of zones you are talking about,

Re: Reverse zones best practices

2012-06-26 Thread nex6
* Brad Bendily brad.bend...@la.gov [2012-06-25 16:35:28 -0500]: wouldn't it be more confusing, in a big IP space with servers, desktops etc all mashed together into one zone? I don't know about best practice in this case, but I decided to put our reverse entries into one super netting

Re: Reverse zones best practices

2012-06-26 Thread Phil Mayers
On 26/06/12 16:42, nex6 wrote: * Brad Bendilybrad.bend...@la.gov [2012-06-25 16:35:28 -0500]: wouldn't it be more confusing, in a big IP space with servers, desktops etc all mashed together into one zone? If you have enough hosts for this to be confusing, you have enough hosts to store the

RE: Reverse zones best practices

2012-06-26 Thread Brad Bendily
Personally, I'd rather edit 1 file, than hundreds of different files. I can add the DNS entry and IP address and reload the service. No trying to figure out which file it goes in. I try to keep the file in alphabetical order which makes finding and adding entries easier. bb -Original

Re: Reverse zones best practices

2012-06-26 Thread nex6
* Phil Mayers p.may...@imperial.ac.uk [2012-06-26 16:54:55 +0100]: I am not going to be editing files by hand, we actually have a tool. I am more concerned about best practices, and how to fix the mess. eg, say we have about 500 vlans (/24s) and say only 350 have reverse zones. from what I