Re: are journal files required on slave?

Klaus Darilion wrote: > > I have now set > max-journal-size 50M; > and restartet bind a few times. But the journal files are still GBytes. > When should Bind flush the journal into the zone file? I think `rndc sync` should do what you want. I can't remember

RE: Bind 9.9 upgrade and RFC 1918 Errors

Thanks Matus, The below tips fixed things ;). I did make a mistake on the zone entry. Best Regards, Chris W. -Original Message- From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Matus UHLAR - fantomas Sent: Wednesday, March 14, 2018 7:53 AM To:

Re: Bind 9.9 upgrade and RFC 1918 Errors

On 14.03.18 04:44, Chris Wilson wrote: I just recently upgraded one of our servers to bind 9.9, and I'm having some issues. We have a legacy software application running that likes to see both forward/reverse dns, however since the upgrade reverse dns is no longer working. We have this server

Re: are journal files required on slave?

Am 14.03.2018 um 13:38 schrieb Tony Finch: > Klaus Darilion wrote: >> >> Thanks for the detailed answer. So I will use a few MBytes. But would it >> be possible to set max-journal-size=0? > > There's a minimum journal size (the calculation in the code comes to

Re: are journal files required on slave?

Klaus Darilion wrote: > > Thanks for the detailed answer. So I will use a few MBytes. But would it > be possible to set max-journal-size=0? There's a minimum journal size (the calculation in the code comes to about 1KB I think), so if you set max-journal-size to 0

Re: are journal files required on slave?

Am 14.03.2018 um 13:04 schrieb Tony Finch: > Klaus Darilion wrote: >> >> But on a server with slave-zone only (fetched by ixfr) - do I need a >> journal at all? How can I disable it - by setting the max-size to 0? > > The journal reduces the cost of re-writing

Re: Maximum zone file size

Am 14.03.2018 um 13:10 schrieb Ray Bellis: > On 14/03/2018 12:08, Anand Buddhdev wrote: > >> Not that I know of. The amount of RAM in a server is probably the most >> significant limit for loading zones into BIND. > > Anand is correct - there's no intrinsic limit other than RAM. > > I

Re: Maximum zone file size

Klaus Darilion wrote: > > I couldn't find it online - is there a limit on the zone file size? Look for the max-records option. This was added in response to CVE-2016-6170 https://kb.isc.org/article/AA-01390 The extra accounting that was implemented to support

Re: Maximum zone file size

On 14/03/2018 12:08, Anand Buddhdev wrote: > Not that I know of. The amount of RAM in a server is probably the most > significant limit for loading zones into BIND. Anand is correct - there's no intrinsic limit other than RAM. I personally know of BIND instances running with in the region of 25

Re: Maximum zone file size

On 14/03/2018 12:54, Klaus Darilion wrote: > Hi! > > I couldn't find it online - is there a limit on the zone file size? Not that I know of. The amount of RAM in a server is probably the most significant limit for loading zones into BIND. Regards, Anand

Re: are journal files required on slave?

Klaus Darilion wrote: > > But on a server with slave-zone only (fetched by ixfr) - do I need a > journal at all? How can I disable it - by setting the max-size to 0? The journal reduces the cost of re-writing zone files: basically, the IXFR just gets appended to the

Maximum zone file size

Hi! I couldn't find it online - is there a limit on the zone file size? Thanks Klaus ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org

Re: AW: Roadmap for DNSSEC signing/automation?

Stelzner, Tore wrote: > > For KSK updates and rollovers we use some scripts by a third company > that work with the API of the domain reseller. At the moment it seems to > be very specific for the API of this reseller and so nothing to share. What I would like

are journal files required on slave?

Hi! The default setting of max-journal-size filled my disk. I do have plenty of zone from KByte to GByte. So I wonder, what would be the perfect size to configure. So, I wondered - do I need a journal at all? I know the journal is needed for ixfr-from-differences and DDNS. But on a server with

Re: TLD Registries supporting RFC 7344/8078

Oli Schacher wrote: > On 14.03.18 09:37, Carsten Strotmann wrote: > > > > I hope there will be more adoption of this protocol from other TLDs. > > .ch/.li is currently implementing it and I hope we'll be able to go live > this year. Awesomeness :-) Tony. --

Re: TLD Registries supporting RFC 7344/8078

On 14.03.18 09:37, Carsten Strotmann wrote: > Thanks, I've got a ".cz" domain and will start some testing ;) > > I hope there will be more adoption of this protocol from other TLDs. .ch/.li is currently implementing it and I hope we'll be able to go live this year. Best regards Oli

Bind 9.9 upgrade and RFC 1918 Errors

Hello Everyone, I just recently upgraded one of our servers to bind 9.9, and I'm having some issues. We have a legacy software application running that likes to see both forward/reverse dns, however since the upgrade reverse dns is no longer working. We have this server working with DHCPD

Strange response with option "minimal-response YES"

Hi all, My server is a caching-only server, and provides recursive service with "minimal-response YES". when i digged some domain name, my server answered with all fields « ADDITIONAL RECORDS » and « AUTHORITATIVE NAMESERVERS » fill with the DNS root server. I think this is WRONG and

Strange response with option "minimal-response YES"

Hi all, My server is a caching-only server, and provides recursive service with "minimal-response YES". when i digged some domain name, my server answered with all fields « ADDITIONAL RECORDS » and « AUTHORITATIVE NAMESERVERS » fill with the DNS root server. I think this is WRONG and

Strange response with option "minimal-response YES"

Hi all,My server is a caching-only server, and provides recursive service with "minimal-response YES". when i digged some domain name, my server answered with all fields « ADDITIONAL RECORDS » and « AUTHORITATIVE NAMESERVERS » fill with the DNS root server. I think this is WRONG and

Re: TLD Registries supporting RFC 7344/8078

Hello Stephane, Stephane Bortzmeyer writes: > On Tue, Mar 13, 2018 at 10:52:50AM +0100, > Carsten Strotmann wrote > a message of 19 lines which said: > >> is automatic DNSSEC Delegation Trust Maintenance (RFC 7344/8078) >> already support at the TLD

AW: Roadmap for DNSSEC signing/automation?

Hello, we use dnssec-keymgr for the key management and it is really helpful. My current feature request would be wildcards in the config file but maybe it is already there as I still have to check the updates brought by Bind 9.12. For KSK updates and rollovers we use some scripts by a third