We are planning to run BIND on a FreeBSD server. We planned to use CPANEL but
is no longer available for FreeBSD. Do you have any other recommendation?
have you tried pfsense?
Pol
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
named virtual hosts anybody - you can run thousands of domains on a
single IP
understood Harld :)
cheers
Pol
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
so what are your real questions?
P.S.: you need more than one DNS server for a public domain which must
not run on the same network
I have to register some domains: example.com, example.ue, example.net,
exampe.org, etc.
on my server I've also apache web and I'd like have internet site based
Hello all, after weeks studying bind I'm here with a question:
I'd like have my own bind authority server for some domains. I just
configured my first zone (ie: www.example.org) with static IP of my DSL.
Everything works :-)
If I register another FQDN (ie: www.example.com) how can I set my
If there are zones that both sets of clients should see, you have to
duplicate them in both views. Overlapping views don't do this
automatically.
solved thanks your advice
cheers!
Pol
___
Please visit
Please be aware that only one view is visible for any client.
mhmh...
how I can solve my problem?
all clients need to access to my zones but mobile clients (don't have
vpn client) needs to access to all zones exception vpn (but can use FQDN)
any idea?
thanks
POl
Hi all :-)
I've two zones: zone1 is an internal zone and another zone: vpn.
I need that acl1 can "see" internal vpn zone, the problem is that acl1
"see" vpn zone as external zone because this zone is a FQDN, while
should see vpn as vpn.db.
192.168.1.0/24 are clients with also openvpn
And don't forget the copious comments in named.conf, so that your successor can
easily see, at a glance, what start/end addresses those clusters of ACL
elements represent.
sure! :-)
thanks
Pol
___
Please visit
Acls don’t support ranges, only prefixes. You don’t want the whole /24. I
think you want:
acl net1 {192.168.1.0/26; 192.168.1.64/27; 192.168.1.96/30; }
acl net2 {192.168.1.100/30; 192.168.104/29; 192.168.1.112/28; 192.168.1.128/26;
192.168.1.192/29; }
thanks guys :-)
Hello all :-)
I need to setup 2 kind of acl on same network, ie:
ip from 192.168.1.1 to 192.168.1.99 belongs to acl1
and ip from 192.168.1.100 to 192.168.1.199 to acl2
acl net1 { 192.168.1.1-99/24 };
acl net1 { 192.168.1.99-199/24 };
what's the correct way? I didn't find nothing :-/
thanks
192.168.1/24 is not a valid netmask
huh?
In linux and BSD I always use 192.168.1/24 (how shortcut of
192.168.1.0/24) and so on...
hint: using /24 everywhere is nonsense
why?
My goal is allow 192.168.1.0/24 (net) and deny 192.168.1.50 (host)
thanks
Pol
Hi all :-)
can someone advice me about a fully howto / handbook to understand ACL?
I need to permit all network 192.168.1/24 and deny 192.168.1.50/24 host:
acl test0 { !192.168.1.50/24; 192.168.1/24;};
thanks for help!
Pol
___
Please visit
Hi all :-)
can someone tell me how to configure (view?) to allow some clients
(192.168.1/24) to see a BIND internal zone and other clients
(192.168.2/24) see REAL zone on internet?
thanks for help!
Pol
___
Please visit
Hi folks :-)
I've a vpn network on 10.10.10.0/24 and BIND on 192.168.1/24.
I'd like add to my zone a domain as:
myvpn1.org. A 10.10.10.1
to my zone file.
10.10.10.1 is a vpn client connected to my server (I can ping it).
What's the correct way to add a remote domain to BIND?
Thanks for
Hello all :-)
is it recommend put a cron script for auto-update root.hind and
named.hint db?
wget --user=ftp --password=ftp ftp://ftp.rs.internic.net/domain/db.cache
-O /etc/bind/db.root
dig +bufsize=1200 +norec NS . @a.root-servers.net > /var/named/named.root
using debian there isn't any
2 zone on same network (192.168.1.0/24)
thanks
1.168.192.in-addr.arpa is on primary zone, if I add second zone I've
this error
you apparently have 1.168.192.in-addr.arpa defined two times
what are you trying to do?
--
Pol
___
Please visit
Hi all
I searching for about add a second zone to BIND but I didn't find how :-/
I've a standard zone: example1 IN SOA with record A 192.168.1.212
this zone works perfectly
I'd like add a second zone to network 192.168.10.0/24, the problem is
that my server has 1NIC and is connect to hardware
hello again!
try running dig +trace and see how fast it runs. It should return
in about same time as BIND does (when it doesn't have anything in cache).
; <<>> DiG 9.10.3-P4-Debian <<>> +trace @192.168.1.212 yahoo.it
; (1 server found)
;; global options: +cmd
. 518367
so simply leave BIND running and see if it's better tomorrow...
hello,
seems better today, but how I realize if bind runs correclty? I mean: if
the speed of it is normal or if there are lags?
Now I tested some domains, almost all are ok but 2 of these are slow...
using @8.8.8.8 with these
just leave bind running for some time.
:-)
with 9.10, leave prefetch on and see...
I've 9.9.5 version on debian stable :-/
thanks
Pol
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users
what happend if you leave it working (without forwarders) for some time?
BIND should cache frequently used data and provide them quickly.
I don't know. I start now testing without forwarders and tonight I see
when you use google forwarder, the main difference is that most of those
data are
Hi all :-)
I've a quad core 2.4Ghz with standard italian DSL
I tested BIND with either forwarder activated and disactivated
forwarders {
8.8.8.8; 8.8.4.4;
};
without forwarder, using dig command, "query time" only on some domains
(I tested italian domains - I
not sure hwat you mean but likely
https://kb.isc.org/article/AA-01315/0/prefetch-performance-in-BIND-9.10.html
exactly what I looking for!
cheers!
Pol
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
how I audit if a query is resolved from my local DNS or by external DNS?
cheers!
Pol
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
In the third case, the A records had expired from the cache (since the TTL on
those records is 300 seconds = 5 minutes), so your resolver needed to fetch a
fresh set from the yahoo.it nameservers -- the NS records of which were most
likely cached from the first lookup -- but it didn't need to
Hi all,
I'm struggling about "query time" :-/
Using bind 9.9.5, I configurated it as caching proxy:
dig yahoo.it @192.168.1.212
[...]
96msec
second time:
dig yahoo.it @192.168.1.212
[...]
1msec
seems it works but: if I waiting (ie 5 minutes) and I re-run same
command, "query time" was
Huh?
are you sure you want to replicate whole server?
Are you sure you know what that means?
mhmh... now I'm not sure :-'
what does entail this?
thanks
Pol
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
Hi all :-)
dig yahoo.it @192.168.1.212
query is 38ms, second query is 1msec
Can I replicate a whole internet primary dns to have on my bind in local
network all domains name updated?
Is 38ms an acceptable results?
thanks for help
Pol
dig yahoo.it @192.168.1.212
; <<>> DiG
28 matches
Mail list logo
