Re: named cpu usage pretty high because of dns_dnssec_findzonekeys2 -> file not found

> On 13 Mar 2019, at 2:42 am, Philippe Maechler > wrote: > > Hello Mark and bind users > > Thank you for the explanations. Some things are still not clear to me... > > > -Original Message- > > From: Mark Andrews > > Sent: Monday, March 11, 2019 8:53 AM > > To: Philippe Maechler

DynDB - handling arbitrary zones

Hi all, first of all, if this is not the right list for such questions, please redirect me. I am exploring the DynDB API of BIND whether it could help us to solve our needs. As I have played around with DLZ quite a few years ago, I was pleased to see a new interface seemingly resolving

Re: convert Knot DNS sigantures certs to BIND format.

Milan Jeskynka Kazatel wrote: > > I received a hint for a tool which allows converting .pem format used in > Knot to .key and .private used in BIND, but it, unfortunately, does not > support ECDSAP256SHA256 algorithm which I used. Ah, sounds like Knot uses a relatively familiar key format, so we

Re: BIND 9.11 no longer respects edns-udp-size?

Stéphane Bortzmeyer wrote: Does minimal-responses make sense for an authoritative name server? (Note there was no glue involved.) On Mar 11, 2019, at 7:12 AM, Tony Finch wrote: I think it helps reduce fragmentation if the max-udp-size is larger than the MSS, but apart from that it probably

RE: named cpu usage pretty high because of dns_dnssec_findzonekeys2 -> file not found

Hello Mark and bind users Thank you for the explanations. Some things are still not clear to me... > -Original Message- > From: Mark Andrews > Sent: Monday, March 11, 2019 8:53 AM > To: Philippe Maechler > Cc: bind-users@lists.isc.org > Subject: Re: named cpu usage pretty high

Re: BIND 9.11 no longer respects edns-udp-size?

On Mar 11, 2019, at 7:12 AM, Tony Finch wrote: > > Stéphane Bortzmeyer wrote: >> >> Does minimal-responses make sense for an authoritative name server? >> (Note there was no glue involved.) > > I think it helps reduce fragmentation if the max-udp-size is larger than > the MSS, but apart from

Undefined symbol: .isc_string_strlcpy compiling bind-9.11.6 on powerpc-ibm-aix7.1.0.0

Compiling bind-9.11.6 on AIX (powerpc-ibm-aix7.1.0.0) stops with ld: 0711-317 ERROR: Undefined symbol: .isc_string_strlcpy when trying to build bin/tests/system/dlzexternal/driver.so On the other hand, .isc_string_strlcpy seems to be defined in lib/isc/libisc.a, originating from

convert Knot DNS sigantures certs to BIND format.

Hello Comunity,  can I somehow convert Knot DNS stored certificates for a signed zone to BIND   format?    My use case is to change used topology for authoritative servers. I ´m manage existing zones in Knot, now I would like to transfer it to BIND  and use existing certificates for signing it