On Thu, Oct 3, 2013 at 5:52 PM, Mark Andrews wrote:
> Then I suggest that you just add CNAMEs whenever you remove other record.
> Once a part of the namespace only have CNAME/DNAME below it replace it
> with a DNAME. You will converge on the earlier example.
>
Thanks - I'll start there.
Casey
In message
, Casey
Deccio writes:
>
> On Thu, Oct 3, 2013 at 5:42 PM, Mark Andrews wrote:
>
> >
> > Use a DNAME record. That works with DNSSEC.
> >
> >
> Thanks for the suggestion. I would use DNAME, except the old namespace
> will still have names under it, and names are not allowed to exi
On Thu, Oct 3, 2013 at 5:42 PM, Mark Andrews wrote:
>
> Use a DNAME record. That works with DNSSEC.
>
>
Thanks for the suggestion. I would use DNAME, except the old namespace
will still have names under it, and names are not allowed to exist below a
DNAME. In other words, we're not replacing t
Use a DNAME record. That works with DNSSEC.
e.g.
oldzone.com SOA .
oldzone.com NSns1.newzone.com
oldzone.com NSns2.newzone.com
oldzone.com MX0 mail.newzone.com
oldzone.com A ...
oldzone.com ...
oldzone.com DNAME
This works for me and is the standard method:
rndc freeze
update serial
rndc thaw
Rndc freeze merges the .jnl files into the zone files and stops dynamic
updates. Thaw allows dynamic updates to resume.
On 04/10/13 02.12, David Newman wrote:
> Thanks all for your responses.
>
> On 10/1/13 6:42 PM
Thanks all for your responses.
On 10/1/13 6:42 PM, Mark Andrews wrote:
> As Alan said copy the .key and .private files over.
>
> Disable updating on the old master.
>
> Transfer the zone contents by setting up as a slave
> using "masterfile-format text"; or using by using dig.
> This will give y
On Thu, Oct 3, 2013 at 2:54 PM, Paul Wouters wrote:
> You are why we can't have nice things :P
>
> We had enough Sitewinders. With DNSSEC on the endnode, your lies won't
> be believed anway. What you are trying is wrong, bad and broken.
>
>
This might be a fair statement in the right context. Bu
On Thu, 3 Oct 2013, Casey Deccio wrote:
I would like to apply something similar to a "redirect" zone (for NXDOMAIN
responses)
You are why we can't have nice things :P
We had enough Sitewinders. With DNSSEC on the endnode, your lies won't
be believed anway. What you are trying is wrong, bad a
Hi Mathus one thing more. I´m little bit lost in bind9. Can you tell me
which one those files where is defined the internal o external host? If
is in mydomain.com.hosts.lan for internal and mydomain.com.hosts for
external I already put them in each configuration file. But I´m still
getting the
So the reason it's failing is because you don't have a view configured
for the zones contained in /etc/bind/named.conf.default-
zones. If you implement views then all zones must be added to a view.
Edit the /etc/bind/named.conf.default-zones file and insert in the
view statements e.g.
view "in
When I copy named.conf.default-zones inside "dmz" view in named.conf.local
then named started but is problem with requested other zone than
authoritative for this server:
Served by:
- M.ROOT-SERVERS.NET
- A.ROOT-SERVERS.NET
.
.
it is ok?
My conf file are:
# cat named.conf
// This is the primary c
On Oct 3, 2013, at 12:47 AM, Kevin Oberman wrote:
> On Wed, Oct 2, 2013 at 9:18 PM, Balanagaraju Munukutla <9ba...@sg.ibm.com>
> wrote:
>
> Hi
>
> Any one could help on the error below.
>
>
> [andrew@oc8163211842 ~] $ dig @.com abcd.com.sg mx
>
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16
Please post your full named.conf config file (you can obfuscate any
sensitive information).
Steve
On 3 October 2013 18:53, Paweł Ch. wrote:
> Hi list
>
> I have problem with views in bind9 on debian 6. I configured server like
> here https://wiki.debian.org/Bind9 and it works. When i add entry:
Hi list
I have problem with views in bind9 on debian 6. I configured server like
here https://wiki.debian.org/Bind9 and it works. When i add entry: view
"dmz" { match-clients { 10.0.0.0/24; }; }; bind9 can't start.
What I can do to solve problem?
Thanks
__
Hi all,
I'm looking to get RPZ-like behavior in a non-RPZ context. From the BIND9
ARM (9.9.4), this is a snippet from an RPZ zone:
; redirect x.bzone.domain.com to x.bzone.domain.com.garden.example.com
*.bzone.domain.com CNAME *.garden.example.com.
I would like to apply something similar
On Wed, Oct 2, 2013 at 9:56 PM, Balanagaraju Munukutla <9ba...@sg.ibm.com>wrote:
>
> Hi All
>
> To explain more on the below. We are trying to do a query on MX record for
> abcd.com.sg. domain to the Authoritative nameserver .com from my pc.
> You can see the reply as below. Done this mean tha
As others have pointed out, "allow-update-forwarding" only works for slaves.
Yet another reason to go with a large-authoritative-core approach,
instead of stringing stuff together with recursive arrangements. Would
you rather build an enterprise-strength DNS infrastructure from fragile
filamen
As others have already commented, it could mean either, there isn't enough
information provided to try to identify where the fault lies.
Are these systems accessible from the Internet? if so then please provide
the correct names so we can also run tests from our locations to see if we
get the same
18 matches
Mail list logo