gure something? I thought both nameservers should be questioned
> and the first working result be used, or not?
Not quite.
It performs failover if the first nameserver doesn't respond. But if it
gets a response, it uses the response, even if it reports an error.
uld be solved with mixing:
I suspect the pain he was referring to is not really DNS-specific, but
just due to having to manage servers with different operating systems.
This means using a more diverse set of management tools, different
configuration syntax, etc.
--
Barry Margolin
Arlington, MA
__
t type-specific. It simply makes one name an alias for another
name. If the target name has a TXT record, then you'll get that when you
look up TXT for the CNAME.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/list
's a common assumption that mail is sent from a domain
that can receive mail. Even email that says "Don't reply to this"
usually comes from an account at a domain that can receive mail; they
just ignore that mailbox.
> >
> > A common practice is to point the MX record to ".&
ld anybody
> help me with this?
A common practice is to point the MX record to ".".
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-use
I'm not sure how effective this will be. I suspect
most people don't check the logs routinely, only when something goes
wrong.
Is it really much of a hassle to leave the obsolete options in the
parser, but just ignore them?
--
Barry Margolin
Arlington, MA
___
e well known source port of protocols that are
> abuse prone:
Why would the original source port be close to any of these low port
numbers? Source ports should normally be ephemeral ports.
--
Barry Margolin
Arlington, MA
___
Please visit https:
y question is, While I have the delegation is in place (even though it is
> useless), is there a way to override Delegation (and possibly replace with
> forwarders) ?
Forwarders are only used when recursing. If recursion is disabled,
forwarders are useless.
se of "forward only", but what happens if
> there are forwarders defined and both "recursion yes" (default) and
> "forward first" (default) are specified?
It's set for any type of forwarding, it doesn't matter whether it's
"only" or "first&quo
ursive query. This is the normal way that host
resolver libraries work, and it's what BIND does when you configure
"forwarders".
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
), then when you bumped it
back up they all timed out the old records at about the same time, and
ever since they've been refreshing at the same times.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinf
he name. There's no way for it to know automatically that different "w"
values are delegated to different servers.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this lis
t; Why there were different IPs in the command and the output of my
> first example .. I have no idea. I somehow mixed up my notices.
>
> Sorry again.
The last : in the netstat output is separating the IP address from the
port number -- :53 means i
wish NOT to receive e-mail advertising to this address.
> >> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> >> They that can give up essential liberty to obtain a little temporary
> >> safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759
&g
done on a centos7).
> >
> > dig +trace follows the returned delegations.
> >
> > > Any ideas?
> > > Thanks!
> > > ___
> > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> > uns
In article ,
Tom wrote:
> Hi all
> Is there a way to override/rewrite QTYPE (ex. MX) with RPZ? If no, is
> this planned in future releases of BIND?
What would be the point? If a query is for MX, and you return A instead,
the client won't be able to do anything with it.
--
Barry
u're moving within
the same filesystem, this is an atomic rename operation.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
http
In article ,
Dennis Clarke wrote:
> On 10/11/2018 03:21 PM, Leonardo Rodrigues wrote:
> > Em 11/10/18 16:13, Barry Margolin escreveu:
> >>
> >> If you accidentally, or someone else intentionally, create a link to the
> >> site that uses the IP and put
someone else intentionally, create a link to the
site that uses the IP and put it on a web page that Google can get to,
it will probably find the page.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsub
il.midominio.principal.hosting.com.
> sb1 IN A xxx.xxx.xxx.52
> sb2 IN A xxx.xxx.xxx.53
> www IN A xxx.xxx.xxx.53
> mail IN A xxx.xxx.xxx.53
> webmail IN CNAME mail
> * IN A xxx.xxx.xxx.53
Not related to the problem, but the comments at the top don't accurately
describe this file.
When it reports errors, it can be difficult to
tell specifically what the actual error was.
One example I can think of is that for some reason it expects the
nameserver to be able to reverse-resolve its own IP. If it can't, it
reports this as an error, and you might think that it's reporting an
e
-servers.net
> IPv6 address = 2001:501:b1f9::30
> ttl = 163960 (1 day 21 hours 32 mins 40 secs)
> -> d.gtld-servers.net
> internet address = 192.31.80.30
> ttl = 77579 (21 hours 32 mins 59 secs)
>
>
> Non-authoritative answer:
> Name:
main registrar is the place to go, I expect most of them have
standard procedures for exactly this problem.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users
servers.
NXDOMAIN responses are cached, it's one hit and then nothing for a while.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bi
t device.
An upstream firewall might already be parsing it, so telling it not to
pass some of them through could be relatively cheap.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
In article ,
jo...@hasig.de wrote:
> hi,
> why dont you just delete the zones?
That won't stop the queries from coming to the server.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsub
In article ,
Matus UHLAR - fantomas wrote:
> Use longer expire times if you expect to experience this kind of problems
> more often.
Who EXPECTS to be down longer than a week? :)
--
Barry Margolin
Arlington, MA
___
Please visit
w of any better way to records that
Exactly right. Whenever it successfully refreshes a zone, it updates the
file's modification time. This is how it implements the expiration time,
by comparing the current time with the file timestamp.
It could keep the refresh time in memory, but that would be lost
As a result, all the other customers who use these
caching servers continue to get the obsolete version of this customer's
domains.
When I worked at an ISP a couple of decades ago, I wrote a script that
periodically checked the delegations of all the domains w
In article <mailman.457.1518214391.749.bind-us...@lists.isc.org>,
Grant Taylor <gtay...@tnetconsulting.net> wrote:
> On 02/09/2018 09:37 AM, Barry Margolin wrote:
> > As long as you understand the implications of what you're doing?
>
> I don't think my level of u
hy of cooperation. An
ISP could also drop every other packet, and say "that's my problem, not
yours", but we wouldn't consider that to be a reasonable way to run a
network.
IMHO you should at least be transparent about it, so your us
nd the implications of what you're doing?
The zone owner may be using short TTLs to implement load balancing
and/or quick failover. If you extend the TTLs, your users may experience
poor performance when they try to go to these sites using out-of-date
cache entries.
--
Barry Margolin
Arlington, MA
_
echanism. I think Google Public
DNS does this. So they obey TTL when deciding when to try to refresh the
cache, but will continue returning whatever they've cached if necessary.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.
most responses don't fit in the traditional
500 byte UDP packet, and EDNS0 buffer size is usually used rather than
switching to TCP.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
, but they don't happen very often (only when the zone
changes). To avoid all slaves hammering the master at the same time,
NOTIFY messages are staggered after a change is loaded.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/ma
I think the issue is that he needs to resolve the hostname of the NTP
server.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.
st IP has reverse DNS that
resolves to c-71-192-114-133.hsd1.ma.comcast.net.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-user
should the
result of a query depend on coincidences of history of the server? Cache
is meant for performance improvement, but it shouldn't affect the
semantics.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/lis
rver should simply not recurse. It answers with
whatever it has in its cache or authoritative data. If it has the
answer, it sends that; otherwise, if it has referral data, it sends that.
--
Barry Margolin
Arlington, MA
___
Please visit https://lis
client is supposed to retry with
TCP.
The problem with sending a partial Answer Section is that there's no way
for the client to know if the omitted answers are important. So it has
to retry anyway.
--
Barry Margolin
Arlington, MA
___
Please v
webserver*, I can not access. Gives resolution
> error. For any other site, for example, google.com, I can access.
>
> I'm not finding the problem. Any idea?
Is this server configured to be authoriative for your domain? Does it
have delegation records for the subdomains? It won't follow f
there are no delegation records for the subdomain, the parent
server believes it's authoritative for them, despite having forwarders
configured.
Forwarding is generally only useful on resolvers, not authoritative
servers.
--
Barry Margolin
Arlington, MA
___
gt; > zone "in.acv.orion.education.gouv.fr" {
> > type slave;
> > file "/etc/named/in.acv.orion.education.gouv.fr.db";
> > masters {172.29.16.135; };
> > };
> > zone "." IN {
> > type hint;
> > file &quo
domain.
But a wildcard in the root domain doesn't just rewrite for NXDOMAIN, it
rewrites *everything* that doesn't have a delegation. So even if you
could somehow limit the number of levels it processes, it still wouldn't
do what you want.
--
Barry Margolin
Arlington, MA
__
e.
> This happens during the night, usually around 20h EST.
>
> This zone has a serial of 3017020401 (yes, I typo the 3 somewhere in the
> past).
> When it reverts its zone information, it goes back to 3016060101.
It sounds to me like there's a cron job restoring the zone from a ba
amai's Global Traffic Management).
These services can't easily update each other.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-user
enough big customers to demand
this that they'll change their policies.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
even sure if Dyn offers caching DNS).
I heard that the impact of the attack was even narrower than just the
US, it was mostly eastern US. That suggests some things about the
granularity of Dyn's anycast network and the distribution of the Mirai
botnet.
--
Barry Margolin
Arlington, MA
___
zones but mobile clients (don't have
> vpn client) needs to access to all zones exception vpn (but can use FQDN)
>
> any idea?
If there are zones that both sets of clients should see, you have to
duplicate them in both views. Overlapping views don't do this
aut
irectly with public ip of
> >master instead of unicast ip.
>
> I don't get it. What do you mean by "unicast" and "public" IP?
My guess was that he's doing Anycast DNS for his public IP, and the
unicast address is the real address that the router forwards to.
Or he'
d of unicast ip.
It uses whatever address is in the "master" statement in named.conf.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@
in the Additional section
with records related to the ones in the Answer section. If the client
doesn't already have those records cached, it will need to make an
additional query to get them. So instead of one query that returns
everything the client needs, it needs to make two queries.
--
Barry
LAN1
None of this has anything to do with BIND zones. You can serve multiple
zones on the same nameserver IP.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
e.
It shouldn't flush the entire cache, but it would certainly make sense
to flush entries within a forwarding zone that's modified.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this l
w not reachable?
>
> There should be some way, this should not happen
>
> [P.S: I was trying a web link yesterday, and i got into this issue, but I was
> still able to open the cached web page link 2 days ago]
Caching web pages has nothing
nt clients look up the same name they can be returned
from cache.
For example, consider all the thousands of lookups for things like
google.com, twitter.com, etc. that an ISP receives every second. If they
didn't cache these responses, DNS traffic might rival YouTube (OK,
that's an exaggeration).
time sent in response by Bind server for Positive Responses?
That's the only place where it can be used. The authoritative server
doesn't have the records in cache, it's loaded permanently.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists
udflare's method is "RFC-compliant", but what MS is doing
with sharepoint.com is not.
>
> - Kevin
>
> -Original Message-
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry
&g
doesn't seem valid to begin with. The .COM zone has delegation NS
records for sharepoint.com. Having a CNAME record for the same name is
wrong.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsub
es be transforming it at a lower level?
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
You should check the archives.
>
> -JP
Weren't the past threads about sending additional information in the
reply. This is about sending additional information in the request.
I think the only acceptable way to do this would be via the EDNS0
extension mechanis
o
> fix this issue?
This suggests that the problem is that the domain isn't delegated to
your server. If you don't use @localhost, the query goes to your normal
resolver, which follows the delegations from the root, and they don't
lead to your server.
--
Barry Margolin
Arlington, MA
__
so they should be included in the answer
to save you from having to request them separately.
DNS is supposed to be a lightweight protocol, so it's inappropriate to
return more data than is really needed.
--
Barry Margolin
Arlington, MA
___
Please visit ht
hat I should do is "./dig @chosen_DNS_server google.com",
> but I do not know how to configure the server.
The default configuration of a DNS server should work for this. You only
need to add extra configuration if your server will be authorit
n R. (HEALTH)
> > <brian.cutt...@health.ny.gov> wrote a message of 34 lines which said:
> >
> > > I configured the change for my external test server only
> > > (199.184.16.7, which is _probably_ available for external query)
> >
> > No.
> >
> > % dig @199.184.16.7 A wadsworth.org
> >
> > ; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @199.184.16.7 A wadsworth.org ; (1
> > server found) ;; global options: +cmd ;; connection timed out; no servers
> > could be reached
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
 In both cases there appears to be
> broken delegations involved.
>
> REFUSED usually means that the server is not configured for the
> zone.
>
> SERVFAIL usually means that the server is configured for the zone
> but doesn't have a current copy.
>
> You could use wh
f the nameserver which
> is receiving it? That's precisely the use case for "allow-notify"...
The use case for also-notify is when you have slave servers that aren't
in the NS records of the zone. Otherwise, those slaves won't update
until the Refres
; read the word "root" in that document?
>
I've long since stopped getting bothered by sloppy language like this,
ever since people started using "IP" as short for "IP address", or using
"class A, B, C" to refer to /8, /6, and /24 p
lving the CNAME it hooks into the CDN algorithms.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
it crashed
Because it has a bug.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
that could be included in the Authority
section, but they aren't required, it can leave them out without setting
TC.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
expect them to treat
any differently from other types that they don't know about.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@list
s lower than 512 MUST be treated as equal to 512.
https://tools.ietf.org/html/rfc6891#section-6.2.3
So I expect BIND obeys this.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this lis
In article <mailman.481.1459014144.73610.bind-us...@lists.isc.org>,
Ron <ron.a...@gmail.com> wrote:
> Barry,
>
> On Sat, Mar 26, 2016 at 3:13 AM, Barry Margolin <bar...@alum.mit.edu> wrote:
> > In article <mailman.464.1458924548.73610.bind-us...
In article <mailman.469.1458936922.73610.bind-us...@lists.isc.org>,
Dave Warren <da...@hireahit.com> wrote:
> On 2016-03-25 07:21, Barry Margolin wrote:
> > In article <mailman.456.1458889802.73610.bind-us...@lists.isc.org>,
> > Dave Warren <da...@hi
In article <mailman.464.1458924548.73610.bind-us...@lists.isc.org>,
John Wobus <jw...@cornell.edu> wrote:
> On Mar 18, 2016, at 6:28 AM, Barry Margolin <bar...@alum.mit.edu> wrote:
> > In article <mailman.384.1458255932.73610.bind-us...@lists.isc.org>,
>
argely before today's connected mobile devices were a thing.
But it was also before the widespread use of CDNs (Akamai was founded
only 3 years earlier). These days, the most heavily used web sites use
CDNs, which make heavy use of short TTLs for the leaf CNAME and A
records.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
5 records. It still has TXT
records in its cache, and it will return them in response to a query.
It won't go back to the authoritative server until ALL the TXT records
expire. During the period between the short TTL and the longest TTL, it
will be as if the short-TTL records don't exis
or the
authoritative server operator to fix their problem.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
lable if you have a network of machines running
different operating systems, and you'd like to have your central
resolver take care of all the caching.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
situation for redundancy.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ternal nameservers, they're not reached
via public delegation. So NS records are probably irrelevant to how
they're used by clients.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
fr
e option:
allow-query {
10.4.1/24;
127.0.0.1;
};
10.4.3.101 isn't in 10.4.1/24. The slave has to be allowed to query the
master.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
ired yet).
Subtract the time until expiry from the SOA Expire field, and that tells
you how long it has been since it last refreshed.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscr
es it
can be because of heavy load on the server, or a congested network link,
or other temporary conditions.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users ma
quot;transient data" to be written
> to disk. They had to make sure that if the physical device was stolen,
> all of their zone data didn't follow it out the door.
The in-memory copy is likely to end up in the swap partition.
--
Barry Margolin
Arlington, MA
___
just want to get their work done.
Google understands that there are lots of broken DNS configurations out
there, but their users don't want to hear that it's someone else's fault.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/m
In article <mailman.2962.1447861903.26362.bind-us...@lists.isc.org>,
Reindl Harald <h.rei...@thelounge.net> wrote:
> Am 18.11.2015 um 16:47 schrieb Barry Margolin:
> > In article <mailman.2958.144784.26362.bind-us...@lists.isc.org>,
> > Reindl Hara
ce you wrote that
it tries each server in the root hints file until it gets a successful
response. That suggests that you understood that the built-in list is
used in place of the file if no file is provided.
--
Barry Margolin
Arlington, MA
___
Please visit http
m are served by ns[1-4].google.com.
You'll see additional queries like this if you look up servers hosted by
the Akamai CDN, because the CNAME points from the original domain to one
of Akamai's domains.
--
Barry Margolin
Arlington, MA
___
Please visi
).
Theoretically, this could be useful for HTTP, so you wouldn't have to
put :port# in URLs if the domain uses an alternate port. It would make
things easier when you have servers for multiple domains behind a NAT
router with a single public address. But AFAIK there's been no movement
to require b
-transfer { any; };
> };
>
> zone "0.0.127.in-addr.arpa" {
> type master;
> file "masters/db.127.0.0";
> allow-update { none; };
> allow-transfer { any; };
> };
>
> zone "0/27.1.168.192.in-addr.arpa" {
> type ma
version,
> in which release it was fixed?
>
> I tried to go through CHANGELOG and to Google it,
> but without any luck.
I'm pretty sure BIND has *always* worked correctly in this regard. The
failures have generally come from standalone devices with minimal DNS
implementations, often DNS-ba
if there's no $TTL
directive? If not, the software needs to do something, and using the old
method for compatibility is as good anything else (on the assumption
that anyone who didn't put $TTL in the file was depending on this use of
the SOA record).
--
Barry Margolin
Arlington, MA
as the default TTL.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
when it was changed to be the negative cache TTL.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org
matches, to protect against spoofed
responses.
https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing
within these zones,
since there's no delegation, it will just return an authoritative
NXDOMAIN for any address within these blocks.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
the +norecurse option, the server will try to make
a recursive query for you (assuming you're in its allow-recursion access
list). If dig times out before that completes, you'll get a timeout
error.
--
Barry Margolin
Arlington, MA
___
Please visit
a backup, and it gets the original mtime.
Wouldn't you want a reload to pick this up? Maybe it should warn about
it, but not reject it completely.
--
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users
1 - 100 of 431 matches
Mail list logo