to
prevent the world from querying it in addition to the public zones that
are allowed to be queried by the world.
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC
. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more
Are you an open recursor? If the answer is no, you should not face any
amplifications attacks.
If you are an open recursor, the best solution is to restrict which IP
addresses are allowed to access your recursor.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
; Recursive queries to a pair of matching bind 9.16 servers on openbsd 7.0
> are timing out unexpectedly for only two names: "www.edison.tn.gov" and "
> www.tn.gov". Both bind instances are otherwise working fine, and have
> been for some time.
>
> The query re
> > On 24. 3. 2023, at 14:36, Klaus Darilion via bind-users us...@lists.isc.org> wrote:
> >
> > Is there some rate liming in Bind?
>
> https://bind9.readthedocs.io/en/stable/reference.html#namedconf-
> statement-notify-rate
For the records: Increasing the n
>
> https://bind9.readthedocs.io/en/stable/reference.html#namedconf-statement-notify-rate
Will that feature throttle Notifys or stop them completely for some minutes?
Thanks
Klaus
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC
few seconds in such a setup:
customer --> incoming-bind --> distribution-bind --> public facing secondaries
Once a day, the distribution server stops sending NOTIFYs for some minutes (the
incoming is working fine), while still processing incoming NOTIFY and fetching
the zones. See logs
Petr,
Thanks for sharing that tidbit of info. Off the top of your head do you know
if that can be disabled?
John
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Petr
Menšík
Sent: Friday, March 24, 2023 8:32 AM
To: bind-users@lists.isc.org
Hi.
Thanks for the reply. Very useful information!
Kind regards
David Carvalho
From: Jiaming Zhang
Sent: 24 March 2023 12:33
To: David Carvalho ; 'Petr Menšík' ;
bind-users@lists.isc.org
Subject: Re: dnssec-keygen not available in Bind9.16-utils package?
Hello David,
I have
Brilliant!
Thank you so much!
Regards
David
From: Petr Menšík
Sent: 24 March 2023 11:05
To: David Carvalho ; bind-users@lists.isc.org
Subject: Re: dnssec-keygen not available in Bind9.16-utils package?
I have tried it on fresh RHEL 8.7.0, which should be similar to what you get
Thank you so much for your help.
Unfortunately it seems bind-utils 9.11 and 9.16 can not co-exist (at least in
Oracle Linux 8). I had problems with dependencies and didn’t force anything
until having more information.
Thanks once again!
Regards
David Carvalho
From: bind-users On Behalf
> sri.biopyrenees.net A 3.4.5.6
>
>
>
> Is it normal ? Is there a way to have the good answer on my SrvB ?
>
>
>
> With tcpdump, I see the same behavior with a record that works and with
> the record that doesn’t work…
>
>
>
> Thanks f
?
Thanks.
Os melhores cumprimentos
David Alexandre M. de Carvalho
═══
Especialista de Informática
Departamento de Informática
Universidade da Beira Interior
-Original Message-
From: bind-users On Behalf Of Jan-Piet Mens
Sent: 20 March 2023 18:12
To: bind-users@lists.isc.org
Hello, good morning.
I'm trying to setup DNNSEC and I've been using Bind9.16 packages available
in Oracle Linux 8. Somehow there are also "Bind" packages, which default to
9.11 version. Being a new installation I went for 9.16. The problem now is
that dnssec-keygen seems to be only
I've only done a
key rollover a couple of time in that period.But this setup has been working
fine for me the whole time.Nick.
Original message From: Matthijs Mekking
Date: 18/03/23 3:43 AM (GMT+12:00) To: bind-users@lists.isc.org Subject: Re:
KASP: sharing policy and keys
Hi,
(please do not start a discussion on the usefulness of views. I'm not in favor
of views, but sometimes I have to work with them).
I have a client that runs a split horizon (internal / external view of the same
domain namespace) setup with BIND 9 on Linux.
Both the internal and external
Hi,
Have you checked the syntax?
try this:
$INCLUDE "/var/named/zones/masters/rpz.local.data";
Regards,
Sachchidanand
From: tcpnag...@gmail.com
To: m3...@m3047.net
Cc: bind-users@lists.isc.org
Sent: Friday, March 17, 2023 9:18:32 AM
Subject: Re: BIND 9.16.30 - $IN
Keep in mind that SHA1 may not have been included by choice.
If gpo.gov is using Infoblox there is a, what I like to call, Infoblox-ism in
play regarding DNSSEC where even if you choose RSA256 or RSA512 or whatever it
will create a SHA1.
John
-Original Message-
From: bind-users
Hi Serg.
Can you post the output of "named -V" please?
You're looking for "--disable-linux-caps", which you don't want.
I'm not sure how (if) BIND interacts with AnyIP, but it should pick up new
interfaces as they are added, *if* it is built with the necessary
capabilities ena
of [::] - due to usage of firewall I am able to block
connections to the 53/udp and 53/tcp which are not coming to specific IP
addresses or ranges, I do not need such filtering functionality within bind
itself.
Anyway, the better option is to allow bind to a so known "non-local" IP
cause named to actually listen there.
-Original Message-
From: bind-users On Behalf Of Serg via
bind-users
Sent: Sunday, March 12, 2023 10:55 AM
To: bind-users@lists.isc.org
Subject: Bind listener to an IPv6 from AnyIP subnet
Hello, I am trying to bind named listener to an IPv6 from
I have reloaded the configuration as well as restarted the bind9. The
simpliest workaround I see - bind IPv6 explicitly to the interface using
command "ip address add 2001:db8::1 dev eth0" and then I am able to use
2001:db8::1 for the named. But I would like to take advantage of us
Hello, I am trying to bind named listener to an IPv6 from prefix which
is assigned to a system via AnyIP kernel feature - basically, it is done
by the following command: sudo ip -6 route add local 2001:db8::/32 dev lo.
To be able to use IPv6 from AnyIP prefix the following sysctl must
I've always simply considered it faster than the alternative. In this
case, before the secondary would naturally get to it's refresh / retry
timer.
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
--
Visit https://lists.isc.org/mailman/listinfo/bind-
Description: S/MIME Cryptographic Signature
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind
Hi Paul,
Thank you for explaining.
On 3/10/23 12:21 AM, Paul Stead wrote:
Imagine that 1.1.1.1 has lost network connectivity recently. A notify
comes from 2.2.2.2 - if I understand correctly Bind will try 1.1.1.1
first, time out and then try 2.2.2.2 - even though we know given the
situation
file and not actually zone contents.
What am I failing to understand?
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software
> -Ursprüngliche Nachricht-
> Von: bind-users Im Auftrag von Mark
> Andrews
> Gesendet: Donnerstag, 9. März 2023 21:04
> An: Jan-Piet Mens
> Cc: bind-users@lists.isc.org
> Betreff: Re: Correlation between NOTIFY-Source and AXFR-Source
>
> Named just uses the
Hello!
I always was quite sure that Bind will request XFR from the Primary that sent
the NOTIFY.
config:
masters {
X.X.X.4;
X.X.X.20;
};
Bind Version 9.11.5.P4+dfsg-5.1+deb10u8
But I just saw this in the logs that the first NOTIFY is received from .20, but
AXFR
berman
Sent: Sunday, March 5, 2023 9:47 PM
To: bind-users@lists.isc.org
Subject: Something other than port 53 is blocking the LAN based BIND9 Servers
Hi, I am new here, but have been using BIND since 1994.
I am confused by the issue herein and maybe someone has an idea of at least
what group I
> -Ursprüngliche Nachricht-
> Von: bind-users Im Auftrag von Bob
> Harold
> Gesendet: Freitag, 24. Februar 2023 19:26
> An: bind-users
> Betreff: DNS DDoS protection
>
> Before answering this question, can you tell me the proper place where I
> should be ask
I would like to hear the latest configurations for BIND to help with DDoS.
--
Hal King - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid
-key.movie.edu: tsig verify failure
(BADKEY)
I'd take packet captures of both cases and compare them, see what the
differences are.
Hope that helps.
Greg
On Tue, 21 Feb 2023 at 16:06, Patrik.Graser--- via bind-users <
bind-users@lists.isc.org> wrote:
> Hi all
>
>
>
> Due to circumstan
Hi all
Due to circumstances beyond my control a remote partner needs to use a 9.9.9
version of bind and we are required to use HMAC-MD5 for zone transfers. There
is no (big) security concern since the networks are isolated and not exposed to
the larger Internet.
When the secondary requests
Yes it does. I guess all name servers offer a command to force a transfer of
the zone without checking the serial. The ones I use support that:
Bind: rndc retransfer
NSD: nsd-control force_transfer
PowerDNS: pdns_control retrieve
Knot: knotc zone-retransfer
regards
Klaus
On 17/02/2023 16:06, Bob McDonald wrote:
I'm implementing a caching resolver under FreeBSD 13.1 running on a
RaspberryPI. Bind 9.18.11
My named.conf is below. My question is do these look like workable
options? I include logging and a statistics channel in my preliminary
implementations
update add ns1.example.com 3600 IN A 10.0.0.1
update add ns1.example.com 3600 IN 2001::1
send
%
You can do similar with TSIG by giving the key the same name as the machine but
you also need to add key clauses for all the TSIG keys to named.conf.
On 14 Feb 2023, at 07:55, André Steden via bin
st max-cache-size to allow BIND to use as
> much RAM as you can afford. That way you minimise the frequency of cache
> cleaning, which is an overhead.
Yep. And in the process I learned a bit about tuning
bind, so it's all good.
Thanks for the help!
-Jan
--
Visit https://lists.isc.org/mai
Point taken. Unique does not necessarily mean non-existent and *something*
will end up in cache. So restricting your max-cache-size would seem to be
the thing for you. If it were my server, I would monitor just how much RAM
is getting used in total and adjust max-cache-size to allow BIND to use
Greg Choules wrote:
> Since the queries are unique the responses should be NXDOMAIN
Well, _some_ of them will be NXDOMAIN, many others
will be NOERROR or NODATA etc., no? But yes, they all
ended up contributing to the cache growing, and it
seems that 90% of physical memory all in use by b
lt) called "named_dump.db" in named's working
directory. Grep for NXDOMAIN in that file.
Cheers, Greg
On Tue, 14 Feb 2023 at 15:29, Jan Schaumann via bind-users <
bind-users@lists.isc.org> wrote:
> Jan Schaumann via bind-users wrote:
> > Greg Choules wrote:
>
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
https://www.five-ten-sg.com/mapper/bind contains links to the source
rpm, and build instructions. This .src.rpm contains a .tar.gz file with
the ARM documentation, so the rpm rebuild process does not need sphinx-
build and associated dependencies
On 14/02/23 05:39, adrien sipasseuth wrote:
"You configure parental agents and named will check which DS’s are
published. Named won’t complete the
roll until it knows the new DS is published."
=> what is parental agent ? i don't find this term in Bind
documentation. From what
with 'severity debug'), I don't see this line in the
logs now. Not sure why that would be.
That number seems right. I guess for the overall
system load, that default value was too high, and my
setting it (to 2GB, in this case) seems to have
resolved the problem for me.
-Jan
--
Visit http
Jan Schaumann via bind-users wrote:
> Greg Choules wrote:
> > - Are you stuck on 9.16.30 for some reason? If not, grab the latest 9.18
> > package. It will be less memory hungry generally and contain fixes for
> > recent issues.
>
> Yeah, will give that a try.
Upg
TSIG by giving the key the same name as the machine but
you also need to add key clauses for all the TSIG keys to named.conf.
On 14 Feb 2023, at 07:55, André Steden via bind-users
wrote:
But i don't want to specify all possible hostnames in the update-policy
settings .
there are more
:
grant key-name name host1.example.de. A;
You will be aware that the type list can take multiple space-separated
values.
-JP
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions
, Danilo Godec via bind-users wrote:
Hello,
in the near future I will have to change NS records for one of my
domains, as DNS servers currently use an old domain (not mine), that
will be phased out. DNS servers will actually remain the same, only
the domain name will change.
So, basically
/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind
What must i specify in the update-policy option for the example.de domain?
Regards, André
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org
ed into a bit more than a few! I hope some of that helps a bit.
It does, in that it gives me plenty to do to better
nail down the problem. :-)
Thanks - if I come up with anything, I'll report back.
-Jan
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
"John W. Blue via bind-users" wrote:
> At the risk of stating the obvious .. have you tried 9.16.37 or 9.18.11?
I haven't yet, but will give that a try.
Thanks!
-Jan
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds th
Hi Jan.
There could be SO many things going on here. I have a few questions:
- Do you mean 200 QPS or 200,000 QPS? I was wondering if a "k" had missed
the print. If it's really 200, this box (not necessarily just BIND) sounds
very ill. 200 QPS is background noise and (depending wh
At the risk of stating the obvious .. have you tried 9.16.37 or 9.18.11?
While I am usually down for an off in the weeds hardcore root cause analysis of
problem is nice to get a quick win with a different version.
John
-Original Message-
From: bind-users [mailto:bind-users-boun
Hi,
I have a local caching resolver running bind 9.16.30
on NetBSD/amd64 9.3.
I'm currently hitting it on localhost with
approximately 200 qps, and it reliably gets killed
after approximately 3 hours with "out of swap"
messages in dmesg.
The system in question is a Xen VPS with 6 GB R
omatically, and
instead create a recurring reminder for yourself to initiate the KSK
roll-over manually? That way you'd never get caught out with a KSK
roll-over happening when you weren't prepared for it?
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
On Fri, Feb 3, 2023 at 4:32 AM Greg Choules via bind-users
wrote:
>> From a quick look in Wireshark at what my own server (9.18.8) is doing, this
>> looks like Akamai not responding correctly to a BIND QNAME minimisation
>> query. Here's one response, from 95.101.36.192 fo
machines continue to use the public address, but the
packets don't actually get routed out to the Internet.
Nick.
On 7/02/23 19:45, Matthias Fechner wrote:
Hi Darren, Hi Nick,
at first thanks a lot for your answer.
I see that I have not explained my use-case detailed enough.
I have bind
. Let me know
if you need more info about how to set this up?
Nick.
On 6/02/23 01:08, Darren Ankney wrote:
Matthias,
This is what I did to force my resolver bind instance to lookup my
internal domain directly on my authoritative bind instance without
asking any other servers (would have fail
Hi Sandeep.
>From a quick look in Wireshark at what my own server (9.18.8) is doing,
this looks like Akamai not responding correctly to a BIND QNAME
minimisation query. Here's one response, from 95.101.36.192 for example, of
many similar ones showing an issue. The response code should
Hi
We are running ISC DNS Bind Version 9.18.10 ( will soon be moving to 9.18.11)
on our Linux Servers.
DNS resolution in general seems to work just fine as expected.
It seems we have intermittent issues resolving "labor.upload.akamai.com" and
then some scripts fail. I
why isc introduced the filter yeas ago - in theory there is no reason to
> block nor A. But blocking A depending on the existence of makes no
> sense at all.
> (as bind at moment is doing)
I’ve found one edge case where blocking records fixes something in order
to
quot;rndc dnssec -checkds published
example.com" the KSK stays in DSState rumoured. I've got the following
messages in the log:
keymgr: checkds DS for key example.com/RSASHA256/12345
seen published at Mon Jan 30 10:58:16 2023
zone example.com/IN (signed): reconfiguring zone keys
I have Bind 9.1
ard Eidnes via bind-users <
bind-users@lists.isc.org> wrote:
> > Named-checkzone and named-compilezone are the same executable.
> > Named-checkzone looks up remote records to more completely
> > detect configuration errors. See the man page for details.
>
> Thanks for t
ds,
- Håvard
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://
Hi,
by default, the files written by BIND when acting as a slave is
not in "text" format, but is some binary file format, I beleive
what is referred to as "raw" format.
Once in a while it's desireable to be able to see the contents of
the slave zone file as plain text.
>> I recently made an upgrade of BIND to version 9.18.11 on our
>> resolver cluster, following the recent announcement. Shortly
>> thereafter I received reports that the validation that lookups of
>> "known entries" in our quite small RPZ feed (it's around
Hi,
Looks like stork agent doesn't work in a named chroot environment.
On one of my systems, it complains about non-existing config file:
stork-agent[129190]: time="2023-01-27 04:47:07" level="warning"
msg="cannot parse BIND 9 config file /etc/named.conf: exit sta
?
>
> --
> --
> Do things because you should, not just because you can.
>
> John Thurston907-465-8591john.thurs...@alaska.gov
> Department of Administration
> State of Alaska
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>
Hi,
I recently made an upgrade of BIND to version 9.18.11 on our
resolver cluster, following the recent announcement. Shortly
thereafter I received reports that the validation that lookups of
"known entries" in our quite small RPZ feed (it's around 1MB
on-disk) no longer succeeds a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
https://www.five-ten-sg.com/mapper/bind contains links to the source
rpm, and build instructions. This .src.rpm contains a .tar.gz file with
the ARM documentation, so the rpm rebuild process does not need sphinx-
build and associated dependencies
It helps a lot!!
I think I understand now.
Have a great day!
Regards
David
From: Greg Choules
Sent: 25 January 2023 10:34
To: David Carvalho
Cc: bind-users@lists.isc.org
Subject: Re: recursion yes/no?
Hi David.
With "minimal-responses", usually I would set it to "n
hing with it anyway) Authority or
Additional data. So a hybrid server is a bit stuck between those two
settings.
However, from 9.16 BIND now has extra choices (as Evan pointed out). To
answer your follow up question I would stick with "no-auth-recursive" as
this is exactly the scenario it is de
t
Sent: 24 January 2023 20:12
To: David Carvalho
Cc: bind-users@lists.isc.org
Subject: Re: recursion yes/no?
On Tue, Jan 24, 2023 at 04:48:34PM -, David Carvalho via bind-users wrote:
> Hello.
>
> I hope someone could help to understand the following.
>
> I have "my.
understand, there is no downside in maintaining this setting, right?
Thank you!
Kind regards.
David
From: Greg Choules
Sent: 24 January 2023 18:12
To: David Carvalho
Cc: bind-users@lists.isc.org
Subject: Re: recursion yes/no?
Hi David.
"recursion yes;" tells named t
t;?
- Do Akamai have any knobs you can tweak (I believe they have a customer
web portal for viewing/changing settings?) that would make them behave like
an RFC compliant DNS server?
Cheers, Greg
On Tue, 24 Jan 2023 at 21:17, John Thurston
wrote:
> My "resolvers" running BIND 9.18.1
ers make queries out
to other places? If so, recursion must be enabled.
Secondly, do you have "minimal-responses" configured on either/both
servers? If so, what is it set to? There were changes in 9.16 so maybe
these explain your observations.
Cheers, Greg
On Tue, 24 Jan 2023 at 16:49,
y differ in IPs and "master/slave" setting.
My questions:
Should I use recursion on both? (Bear in mind that I also want them to
provide chache to clients)
Why do I need "dig +norec" to get the exact output on my slave server?
Kind regards
David
--
Visit https://li
ample 2 in https://kb.isc.org/docs/aa-00626, i think that
this will work, i.e. there will be a `secondary/bar.foo.signed` from
which i can extract the DS needed by the parent zone, the server will
send notifies etc.
randy--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
t
> The consistency checks are not new. The message indicates that
> the IXFR contained a delete request for a record that doesn't
> exist or an add for a record that exists. Named recovers be
> performing an AXFR of the zone.
Interesting.
BIND 9.16.36 does not produce this log
Hi,
I tried using BIND 9.18.10 as a downstream name server of an
OpenDNSSEC 2.1.8 installation, but after sorting out the ACL
issues on the OpenDNSSEC side, zone transfers failed with
messages such as these:
Jan 21 17:15:34 new-ns named[22056]: transfer of '4.38.158.in-addr.arpa/IN'
from 158.38
opa.eu) is different to the NS RRSET in
the parent (eu)
2) One of the servers - 2001:978:2:1::93:2 - may have trouble with UDP
queries over v6. Having said that, from where I am I can make UDP queries
over v6 to it, both from dig and from my local BIND. However, it does
report a BADCOOKIE on the first attemp
Hi Bruce,
Kindly Check the actual root cause for this "SERVFAIL" error from the following
log messages of your system.
/var/log/messages
With Regards.
K.Sanjai Gandhi.
- Original Message -
From: "Bruce Duncan"
To: bind-users@lists.isc.org
Sent: Wednesday, January
Pirawat.
> -- Forwarded message --
> From: E R
> To: bind-users@lists.isc.org
> Cc:
> Bcc:
> Date: Tue, 17 Jan 2023 17:28:57 -0600
> Subject: DNSSEC With Primary Hidden - Clarifying Question from
> Documentation
> I am planning on implementing the
what many people do, or not, doesn't translate to a
requirement.
In my opinion, this is the best way to do things, and the in-place signing is
just a total pain.
Your opinions, such as they are, are independent of the OP's question.
I've got an ancient version of BIND managing all of the DNSS
Hi.
It was not oracle linux 9.16 but Bind 9.16.
The problem seemed to be about broken dnssec validation, that's why commenting
those entries solved.
For now I'm not using dnssec, I will have to read about key rotation. If that
is still a very manual process, I'll have to be quite confident
keys-directory "/var/named/dynamic";
and everything worked. Still don't understand exactly why, I will continue
to investigate, but any feedback is welcome.
Thanks
Regards
David
-----Original Message-
From: bind-users On Behalf Of David
Carvalho via bind-users
Sent: 13 January 2023
quot;, tcpdump shows it trying to connect to top
level IPs
And I keep getting SERVFAIL.
Regards.
David
-Original Message-
From: Marco
Sent: 13 January 2023 11:33
To: bind-users@lists.isc.org
Cc: David Carvalho
Subject: Re: Can not query localhost
Am 13.01.2023 schrieb David Carv
Hi.
I’m migrating an old bind from Oracle Linux 6 to Oracle linux 9.16.
The first thing I noticed was that there were 2 bind versions available in this
new distro. I went for the newest.
It is “named-chroot” and a “slave” configuration for my domain. The files are
already being transferred
On 12/01/2023 18:20, King, Harold Clyde (Hal) via bind-users wrote:
I need to find some answers like queries per second. Any fast ideas folks?
--
Hal King - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike
Hi,
Please help in configuring "allow-transfer" (Please see the trail mail) if any
solution is available in BIND. I am using bind 9.18.10
Regards,
Sachcidanand
From: "Sachchidanand Upadhyay"
To: bind-users@lists.isc.org
Sent: Monday, January 9, 2023 2:35:34 PM
not worth worrying about.
Cheers, Greg
On Fri, 13 Jan 2023 at 06:19, Jesus Cea wrote:
> On 13/1/23 7:12, Greg Choules via bind-users wrote:
> > Hi Jesus.
> > No. Zone Transfer always uses TCP. Is it really that much of an overhead
> > for you?
>
> Not now, but
_/_/_/_/_/ _/_/ _/_/
> "El amor es poner tu felicidad en la felicidad de otro" - Leibniz
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions
:
> I’ve turned on query logging, then grepped for the count of lines logged
> in a particular second.
>
>
>
> Worked well enough for the job at the time.
>
>
>
> J
>
>
>
> *De: *bind-users em nome de "King,
> Harold Clyde (Hal) via bind-users"
-048bab50a21f]
From: Howard, Christopher
Sent: Thursday, January 12, 2023 1:42 PM
To: bind-users@lists.isc.org ; King, Harold Clyde
(Hal)
Subject: Re: I need to find statistics on a running server.
You can use "rndc stats" to have bind dump a file
]
From: Jeff Sumner
Sent: Thursday, January 12, 2023 1:22 PM
To: King, Harold Clyde (Hal) ; bind-users
Subject: Re: I need to find statistics on a running server.
You don't often get email from kc4...@gmail.com. Learn why this is
important<https://aka
[cid:ddc53916-50a2-4e86-8dac-18eabfd73205]
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind
Hi there,
On Mon, 9 Jan 2023, Michael Muller wrote:
Thanks for responding to my question. Again, if there's a better place
to ask this question, I can go there. ...
Taking this off list.
--
73,
Ged.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ntague WebWorks
20 River Street, Greenfield, MA
413-320-5336
http://MontagueWebWorks.com
Powered by ROCKETFUSION
On 1/7/2023 6:24 PM, G.W. Haywood via bind-users wrote:
Hi there,
On Sat, 7 Jan 2023, Michael Muller wrote:
This is my first time posting here, and I'm not sure if it's the
right
Hi,
I want to configure "allow-transfer" statement for "XoT" secondaries as well as
"non-XoT" secondaries for a single zone.
Please help in configuring the same.
Regards,
Sachchidanand
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscr
301 - 400 of 1745 matches
Mail list logo
