gt;>> 3x more on 9.16 than it is on 9.18.
>>>>>>> > >>>
>>>>>>> > >>> If you encounter it again please get back to us so we can
>>>>>>> > >>> diagnose it.
>>>>>>> > >>
You might search the list archives, as I think this came up recently...
But I think the general consensus is that you shouldn't have a server that is
both authoritative AND that allows recursive queries. (Security reasons)
And if you do allow both, to limit recursive queries to internal
ght" but it needs to exist. I don't
> know the internal BIND logic for that but I have always taken it as "I load
> the parent and I know the child doesn't exist because there isn't a
> delegation to make it exist so why would I forward something that doesn't
> exist"
urs.
>> On 28. 2. 2022, at 21:47, Gregory Sloop wrote:
>> So, I want to forward all queries for
>> *.ab.somedomain.local to some other internal DNS servers.
>> (Records in *.ab.somedomain.local actually are our active domain servers)
>>
>> (Ye
ic-sub and
then re-group if it doesn't work.
Thanks all!
> But one thing to check, you do have recursion enabled on the server?
> On Mon, Feb 28, 2022 at 6:34 PM Gregory Sloop wrote:
>> Wow. I hate to be the guy who looks the gift horse in the mouth - but that
&g
s. It’s got something to do with the way the record is
> matched (or not) before the forward statement is hit.
> J
>> On Feb 28, 2022, at 3:47 PM, Gregory Sloop wrote:
>> So, I want to forward all queries for
>> *.ab.somedomain.local to some other internal DNS servers.
>
So, I want to forward all queries for
*.ab.somedomain.local to some other internal DNS servers.
(Records in *.ab.somedomain.local actually are our active domain servers)
(Yes, I know .local is reserved now, but we've been using it a long time and
changing would be rather painful. Unless
d-users to unsubscribe
> from this list
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
This feels a lot like responding to trolls, but I'll instead assume that you're
asking (or making a point) in good faith.
So, we'll stipulate that - you're actually interested in truth and knowledge.
So, it's easily compiled on Mac, Unix, FreeBSD, Linux, SunOS, RaspPi, etc.
And it compiles on a
It's not like there's been a paucity of "Yeah, I'm interested" messages, but I
agree with the rest.
+1000
I'd love to see it!
DNS over HTTPS support appears to be steadily increasing and it looks like the
next version of Windows 10, Windows 10 21H2, will including support for DoH at
the
ery when you run dig +trace.
MA> If you prime the cache the plain lookup should work. Report the out
MA> of date glue to the zone administrator.
MA> Mark
>> On 3 Mar 2021, at 13:06, Gregory Sloop wrote:
>> I've got a case, (and I see several other similar reports) where BIND is
port the out
MA> of date glue to the zone administrator.
MA> Mark
>> On 3 Mar 2021, at 13:06, Gregory Sloop wrote:
>> I've got a case, (and I see several other similar reports) where BIND is
>> failing to find an A record for a domain.
>> Yet a dig +trace doe
I've got a case, (and I see several other similar reports) where BIND is
failing to find an A record for a domain.
Yet a dig +trace does.
(I'm doing the dig on the BIND server. It's set to be a root resolving server,
not a forwarder.)
As I understand this, +trace will also involve resolve.conf
This isn't, IMO, very useful as a response to the OP.
To sum up the response; "It's better to never fail!"
Yes, that seems pretty obvious. It *would* be better to never fail. Way, way
better.
But the big problem in life is; We're always failing! Dammit!
So, learning how to gracefully fail, and
So, I've spent some time looking at the man pages and googling without any
definitive answer.
I'm generating some new rndc keys for my bind9 config. (9.11.3 in this
particular case, if it matters.)
rndc-confgen has quite a number of options for the key-type - but I'm not sure
what BIND9 will
This whole discussion seems so misguided.
The TLDR; version, at least for me is;
Does it really cost you that much to use language that's polite and kind to
those around you, and change that language to live up to those ideals when you
can?
Sure you _have the right_ to run down the street and
That code of conduct is a good starting place, at minimum.
Regardless of how it may be now, it may not always be a great a place - and
setting out the expectations and standards expected is a good hedge against
future tyrants.
So, I applaud ISC for taking the steps to formally set out the
Thanks for the idea.
I did resolve this a day or two ago.
The story is;
This server was a fairly recent replacement for an older Ubuntu setup. The new
server as well as the old one are/were VM's - yet on different VM platforms.
The old VM was turned off, and was marked never to start except
st 172.24.67.32
Swap out eth0 for whatever you have configured and the host IP address for a
host that is having problems.
John
Sent from Nine
From: Gregory Sloop
Sent: Thursday, May 30, 2019 7:11 PM
To: bind-users@lists.isc.org
Subject: Bind9 stops responding for some clients
So, this is a v
So, this is a very odd situation and I'm kind of grasping at straws here.
So, I've come to see if any of you have any good straws!
The setup.
---
Ubuntu 18.04 LTS is the distro we're running on.
All software is packaged [from the distro] - not compiled from sources.
Bind9 acting as a recursive
20 matches
Mail list logo
