the slaves continue to serve the last known good version of the
zone.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https
to ns1.force9.net and
ns2.force9.net, and they appear to be responding properly.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
by connecting IP (glorified reverse DNS).
Rather than have to enter loads of lines to match up wide spans of ranges
I would like to define them using CIDR, but it seems it does not support
it.
Maybe you can do what you want with $GENERATE?
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
it on the firewall, then the requests will never hit the
server, so of course it will mitigate its effect on the server. It
won't help with the downstream bandwidth on your DSL, but it will stop
the REFUSED replies from being sent back, so your upstream bandwidth
will improve.
--
Barry Margolin, bar
is probably irrelevant.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
a forward zone for it, obey it (send to its forwarders if
any, otherwise follow NS records).
If there's global forwarding enabled, send to them.
Follow the NS records.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group
setup a local webserver, say by using apache to do that thing?
The operators of the dynamic DNS service may offer an HTTP redirect
service that does this for you.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group
asking
about?
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https
listed, the slave tries to
transfer from ALL of them. If any of them are down, the rest will still
be used.
Like I said, the SOA record is totally irrelevant for zone transfers.
All it cares about is the list of masters in named.conf.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
there, and the slaves will
pull from any master that has a higher serial number than the one they
have.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
update only one record. So why so many updates are been made.
The response probably contained NS records in the Authority Section and
the corresponding A records in the Additional Section. These update the
cache as well.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me
. MAC addresses
don't leave the local LAN.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman
supposed to happen if you overflow in the Additional
section, is it? These records are already optional, so they can be left
out if it would cause the packet to exceed the maximum UDP size.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them
is usually used for zone transfers, but may also be used if a
response is too big for UDP.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users
what is intended.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
In article glmqqb$jv...@sf1.isc.org,
mlel...@serpens.de (Michael van Elst) wrote:
Barry Margolin bar...@alum.mit.edu writes:
customer.com. IN MX 10 mx.yourdomain.com.
mx.yourdomain.com. IN CNAME mx.outsourcer.com.
mx.outsourcer.com. IN A ...
That's just the same as
| customer.com
the A
record. It's nice if it does, since it saves a query, but this is just
an optimization.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind
there are many ISPs out there that are too lazy, incompetent, or
just don't care, where probably never going to be rid of these kinds of
attacks.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group
find zone files, it will have to
pull them from the master.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https
the source of attacks on
others.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
change your CNAME record. And if
the outsourcing company re-IPs their server, they change the A record.
Everyone can perform their job without having to make any of the
downstream customers adjust their records.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me
: mark_andr...@isc.org
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group
, since they're supposed
to follow CNAME records automatically, and return the requested record
type from the canonical name.
There isn't even an option in the DNS spec to tell the resolver not to
follow CNAMEs. The only way to avoid it is to query for the CNAME
explicitly.
--
Barry Margolin, bar
if it is a bad idea please let me know.
Why don't you just use normal reverse DNS:
zone for 1.1.1.in-addr.arpa
1 IN PTR metis.local.
IN PTR bob-www-sol-l01.local.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group
of returning the PID is so
that you can tell when the process has actually gone away. What would
be the point if the command didn't returning until the process had
exited?
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group
; };
allow-transfer { none; };
masters { 10.1.1.1; };
};
};
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https
to authoritative servers, so there's no reason to send
these as recursive (many, if not most, authoritative servers have
recursion disabled, so sending them recursive queries is pointless).
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them
@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
___
bind-users mailing list
bind-users@lists.isc.org
https
odd to me, and I've not been able to find
information about this behaviour in the book(s).
It's just the basic DNS protocol. If a name is in a delegated
subdomain, you follow the NS records to get the answer. Read the
resolver algorithm description in RFC 1034.
--
Barry Margolin, bar
www.google.com, which has four A
records?
I don't think BIND can be forced to return only one A record at a time
without code changes. Why don't you replace your aging load balancer
with a new load balancer?
--
Barry Margolin, [EMAIL PROTECTED]
Arlington, MA
*** PLEASE don't copy me
401 - 431 of 431 matches
Mail list logo
