On Fri, Mar 1, 2024 at 12:38 AM Matt Nordhoff wrote:
> On Thu, Feb 29, 2024 at 9:40 PM Ondřej Surý wrote:
> > Hey,
> >
> > BIND 9 supports a fixed rrset ordering (that is keeping the order of the
> > RRSets from the zone file). It has to be configured
> > a
27;s worth, Knot DNS is fixed by default. I know because the
first setting in my knot.conf file is "answer-rotation: on". :-)
NSD also has a "round-robin" setting, which is also off by default.
So other nameservers do support fixed order, but I personally don't
use it and d
lt;https://paste.debian.net/>...)
(I also did/will tell Quad9 about it for their information.)
Cheers,
--
Matt Nordhoff
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Hello Ondřej,
On Mon, Apr 17, 2023 at 9:26 AM Ondřej Surý wrote:
>
> > On 17. 4. 2023, at 15:59, Matt Zagrabelny via bind-users <
> bind-users@lists.isc.org> wrote:
> >
> > Greetings bind-users,
> >
> > I'm running a little older Debian bind:
&
On Mon, Apr 17, 2023 at 9:04 AM Marco wrote:
> Am 17.04.2023 um 08:59:29 Uhr schrieb Matt Zagrabelny via bind-users:
>
> > I'm running a little older Debian bind:
> >
> > bind9 1:9.9.5.dfsg-9
>
> The upgrade your OS, stretch already has 9.10 and
; 192.168.21.10.63839:
15372*- 1/0/1 fc00:101:101::53 (69)
2023-04-14 14:23:53.741303 IP 10.101.101.1.53 > 192.168.21.10.14682:
46647*- 1/0/1 fc00:223:13::53 (69)
Any ideas what I'm missing?
Thanks for the help!
-Matt
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to un
the same), ContextSize of 93,232, Lost 0. Most of the memory is in
the two zonemgr-pools that each has - roughly 1,272,678,490 per pool on each host.
Matt
On 4/28/22 10:43 AM, Ondřej Surý wrote:
Pull the memory stats from the statschannel (json or xml). Also make sure you
run 9.18 with jemalloc
n the
host either way.
Matt
On 4/28/22 9:44 AM, Matt Corallo wrote:
And then I restarted it with the original setting and it jumped right up to ~300M, a bit higher than
it was before (though before it had been running for a bit). In any case it does look like the
max-cache-size setting drives m
ebugging that makes sense
here.
Matt
On 4/28/22 9:38 AM, Matt Corallo wrote:
Hmm, they all have max-cache-size set to 8M (see config snippets in OP) but still show the divergent
memory usage.
That said, I tried bumping one to 1024M on one of the smaller hosts and usage increased from ~270MB
to ~
Hmm, they all have max-cache-size set to 8M (see config snippets in OP) but still show the divergent
memory usage.
That said, I tried bumping one to 1024M on one of the smaller hosts and usage increased from ~270MB
to ~437MB.
Matt
On 4/28/22 8:44 AM, Ondřej Surý wrote:
From top of my head
On 4/27/22 9:19 AM, Petr Špaček wrote:
On 27. 04. 22 16:04, Matt Corallo wrote:
I run a number of BIND9 (9.16-27-1~deb11u1 - Debian Stable) secondaries with some large zones (10s
of DNSSEC-signed zones with ~100k records, not counting signatures, with a smattering of other
zones). Somewhat
default-masters { ... }
in-memory no
min-update-interval 10;
zone "zones2.catalog"
default-masters { ... }
in-memory no
min-update-interval 10;
On 2020-06-18T06:34:12 -0700, Matt Pallissard wrote:
> Response in-line.
>
> > build now fails @ "fatal error: lmdb.h: No such file or directory"
> >
> > ...
> > libtool: compile: /usr/bin/gcc-10 -include
> > /usr/local/src/bind-9
luded from ./server.c:131:
There is no `-I/usr/local/lmdb/include` here
> echo $CPPFLAGS
> -I/usr/local/include -I/usr/local/openssl11/include
> -I/usr/local/lmdb/include -I/usr/include
I'd imagine you want CPPFLAGS here. or you can export C_INCLUDE_PATH
Mat
Hi Ronald,
You usually need to reinstall packages and ports after you do a major version
upgrade to FreeBSD.
pkg update && pkg upgrade
You should see bind-tools in the list. Version might stay the same but you’ll
be getting a different version, compiled against FreeBSD 12.
cheer
On 10/17/2016 05:50 PM, Mark Andrews wrote:
> In message ,
> "Pallissard, Matthew" writes:
>> On 10/16/2016 09:34 PM, Mark Andrews wrote:
>>> In message , "Pallissard,
>>> Matt" writes:
>>>>
>>>> Has anyone successfully u
.service: Main process exited, code=exited, status=1/FAILURE
I'm using the package provided by Arch Linux and can provide the flags the bind
package was compiled with if those are relevant.
Any advice would be greatly appreciated.
Matt Pallissard__
Hi All, just wanted to let you know that ThreatSTOP's DNS Firewall for BIND
has just been released and evaluations are available at the below link, we
would like to invite you to test it out.
https://www.threatstop.com/index.php?page=index&action=trial
DNS Firewall policies can be custom created
s are directed. Appreciate any
additional suggestions!
Thanks,
Matt
On Sat, Feb 28, 2015 at 4:48 AM, Robert Senger
wrote:
> Hi Matt,
>
> in my understanding, "rndc reload in " reloads the zone
> file only, not the configuration where the "matched-clients { }"
&
hat I could
simply do
*$ rndc reload domaintest.com <http://domaintest.com/> in view1$ rndc
reload domaintest.com <http://domaintest.com/> in view2*
and match-clients would also be updated but this doesn’t work. I increment
the serial of view1.zone
;t do that with views.
2. setting the zone up in one view, and then using in-view for the others,
but it complains that the zone isn't a type slave or master.
So, is there a sane way to get a policy zone associated with multiple views?
--
--Matt
___
Pl
I'm assuming it is a combination of host:port:query, but can anyone confirm
that?
--
--Matt
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
>> Also, is there a way to specify a backup parent NS
>> and ONLY use it if primary fails?
>
> Do you mean "NS" here? Or "forwarder"? I know of no way to manually
> "preference" the forwarders in a list, although you might find that the
> forwarder that responds fastest -- and thus gets automatical
I am using Bind for caching only. Currently my VM only has IPv4
access. Is there a way to selectively forward any requests that only
have IPv6 nameservers to another DNS server that is dual stacked?
If not is there a way to forward all requests that are not cached to a
parent nameserver? Also,
x27;t responding. It also seemed to be using a
balanced round-robin which certainly doesn't make sense if it was
weighting the forwarders based on RTT.
Can anyone tell me how the algorithm for forwarders works?
thanks,
--
--Matt
___
Please v
I would have to back port right now, and I have a work around that
will work until the we bump our fleet to a newer version. I was mostly
concerned about whether it was something in our network causing the
problem.
Thanks for all the help guys,
--Matt
On Thu, Feb 9, 2012 at 4:42 PM, Spain, Dr
, which happily serves up the data, and lodge a complaint
with Microsoft to fix their servers, but I want to make sure there
isn't something wrong somewhere in my network that is causing this
problem.
thanks,
--Matt
On Wed, Feb 8, 2012 at 8:05 PM, David Miller wrote:
> On 2/8/2012 10:32
et.microsoft.com. 10 IN A 131.107.97.31
;; Received 112 bytes from 131.107.125.65#53(dns10.one.microsoft.com) in 23 ms
--
--Matt
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-us
IN NS ns1.example.org.
IN NS ns2.example.com.
IN A 192.168.1.9
www IN CNAME @
...
etc.
--Matt
___
Please visit https://lists.isc.org/mailman/listinfo/bind-us
Thanks guys, sounds like a solution would be to transfer the zone
files outside of bind. I'll give some of the suggestions a try.
Matt
On Wed, Mar 9, 2011 at 1:01 PM, John Wobus wrote:
> On Mar 9, 2011, at 1:09 PM, Matt Rae wrote:
>>
>> Hi, I'm working on setting up
ost3 A x.x.x.x
Is there a way to have it not change the ORIGIN and assume the dots
are a subdomain?
Thanks!
Matt Rae
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
This message, while operational in nature, is probably of interest to
the subscribed on bind-users, so I'm forwarding it here.
- Forwarded message from "Wessels, Duane" -
From: "Wessels, Duane"
Subject: [Dnssec-deployment] Please upgrade validators to at least BIND-9.7.2
before .com
e can even point me at some documentation, I'd appreciate it --
> I've been looking for a few days, and everything I've found assumes a
> /24 subnet.
--
Matt Baxter
m...@fatpipe.org
___
bind-users mailing list
bind-users@lists.isc.or
A debug trace may be found at
http://the.earth.li/~huggie/lycos-bind9-issue.txt<http://the.earth.li/%7Ehuggie/lycos-bind9-issue.txt>
Any suggestions as to what the issue is or how it may be resolved would be
very welcome.
Kind Regards
Matt
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
can inside
the UDP packet). That should trigger a client to resubmit the query
via TCP. Zone transfers are the most common use for TCP, but it can
be required for normal queries, although that is far from normal.
--
Matt Baxter
m...@fatpipe.org
35 matches
Mail list logo