try to perform the
dynamic update to the closest instance of the anycast / (pseudo) MName
server.
Aside: Years ago, BIND secondaries would happily forward such dynamic
updates the real primary MName server.
Further aside: The last time I looked, MS-DNS ADI zones would forge the
local
@mail.mil
james.j.decaro3@mail.smil.mil
-Original Message-
From: Michał Kępień
Sent: Monday, May 9, 2022 7:53 AM
To: DeCaro, James John (Jim) CIV DISA FE (USA)
Cc: bind-users@lists.isc.org; Mcallister, Reginald CTR DISA FE (USA)
Subject: Re: [URL Verdict: Neutral][Non-DoD Source] Re
with
> the proxy traffic that this same gateway was generating and found a
> solution by using TPROXY feature of the squid proxy, which exposes the real
> internal client IP address at the WAN traffic which can later be NATed.
>
> Thanx for any ideas,
> Alex
> --
> Visit
ad some sort of personal
> significance (and wasn't privacy invasive).
>
> I've always wondered if there was a real-world use case.
Displaying traceroute results on an actual geographical map?
But I guess that didn't ever really catch on.
Regards,
- Håvard
--
Visit https://lists.is
be
AppArmor stupids for some people which are really hard to diagnose).
Is there a way to put all the keymgr logging into a different debug stream?
Ideally, I think I need it emailed to me daily :-)
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds
shfs/tramp.
For that reason, I have them g+w, group bind, and my login is in the
"bind" group, and my user id can rndc reload.
2) I've historically had a perl script that updated the SERIAL in place,
based upon MMDDLL, where XX was Hour*4 + minutes/15.
And LL was always
On 7/05/2022 1:38 am, Maurà cio Penteado via bind-users wrote:
I added the A-record "ns1 IN A 172.17.0.1" to my zone-file as
suggested and it seems that the order fixed the issue.
Now my Bind9 clients are getting ip 192.168.0.10 favorably.
Hi Mauricio.
I don't think anyone
statistics for 172.17.0.1: Packets: Sent = 4, Received = 4, Lost = 0
(0% loss),
= (Em sexta-feira, 6 de maio de 2022 14:38:37 GMT+1, MaurÃcio Penteado via
bind-users escreveu:
Hi folks,
Thank you for the reply.
I added the A-record "ns1 IN A 172.17.0.1" to my
:44:50 GMT+1, Nick Tait via bind-users
escreveu:
On 6/05/2022 7:51 am, Grant Taylor via bind-users wrote:
On my Bind9 server, I have the following zone-files:
forward.example.lan.db:
ns1 IN A 192.168.0.10
ns1 IN fe80::f21f:afff:fe5d:be90
On 6/05/2022 7:51 am, Grant Taylor via bind-users wrote:
On my Bind9 server, I have the following zone-files:
forward.example.lan.db:
ns1 IN A 192.168.0.10
ns1 IN fe80::f21f:afff:fe5d:be90
I don't see the 2nd, Docker (?), address; 172.17.0.1, in the zone
On 5/5/22 1:35 PM, Maurà cio Penteado via bind-users wrote:
Hi folks,
Hi,
Thank you for the reply.
:-)
Unfortunately, I did not understand how I am supposed to add multiple
A-records for the same name to the zone-file to fix this issue.
Based on your first message, you already have
, advise.
Em quinta-feira, 5 de maio de 2022 17:26:24 GMT+1, Grant Taylor via
bind-users escreveu:
On 5/5/22 9:01 AM, Reindl Harald wrote:
> by not add multiple A-records for the same name to the zone-file
> BIND don't know about docker on it's own
Another option would be to le
/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On 5/5/22 9:01 AM, Reindl Harald wrote:
by not add multiple A-records for the same name to the zone-file
BIND don't know about docker on it's own
Another option would be to leverage BIND's ability to sort A records
based on configured preference (in the config file, not the zone file)
based
Summary
Docker0 interface is being resolved and DNS Clients cannot deal with the
address.
BIND version used
BIND 9.18.1-1ubuntu1-Ubuntu (Stable Release)
Steps to reproduce
On a fresh Ubuntu 22.04 Server install and set Bind9 up. After that install
docker.
What is the current behavior
:
> Hello,
>
> If we see this on our DNS server logs (BIND 9.11):
>
> 04-May-2022 12:55:37.675 edns-disabled: info: success resolving '
> sour.woinsta.com/A' (in 'woinsta.com'?) after disabling EDNS
>
> - are we correct to say that with BIND 9.16, that query wil always f
I tried this utility and got the following message: gnutls-cli: command not
found...
Thank you
V/R
Jim DeCaro
-Original Message-
From: Ondřej Surý
Sent: Thursday, April 28, 2022 5:15 PM
Cc: DeCaro, James John (Jim) CIV DISA FE (USA) ;
bind-users@lists.isc.org; Mcallister, Reginald
d.org
* start date: Nov 30 00:00:00 2021 GMT
* expire date: May 11 19:03:32 2022 GMT
* common name: download.copr.fedorainfracloud.org
* issuer: CN=DoD WCF Signing CA 2,OU=WCF PKI,OU=DoD,O=U.S. Government,C=US
> GET /results/isc/bind/epel-7-x86_64/repodata/repomd.xml HTTP/1.1
>
On 2/05/2022 8:13 pm, Reindl Harald wrote:
you want 127.0.0.1 act as your resolver no matter what
Well, not always... If your local BIND service isn't a recursive
resolver
irrelevant in context of this topic and worth exactly the same as
saying "if you don't use bind at all" and
ional Airport"
with more at https://jpmens.net/2020/10/04/airports-of-the-world/
-JP
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.o
On 1/05/2022 9:13 pm, Reindl Harald wrote:
Am 01.05.22 um 06:38 schrieb Nick Tait via bind-users:
I'm not 100% sure, but I wonder if disabling systemd-resolved may
create issues if, for example, you are using netplan with
systemd-networkd as the renderer? E.g. Will it still be possible
lease give an example to explain what
this is trying to say?
Thanks,
Nick.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more i
Please do
not feel obligated to reply outside your normal working hours.
On 22. 4. 2022, at 17:20, Randy Bush wrote:
sudo systemctl disable systemd-resolved.service
sudo service systemd-resolved stop
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this li
(Jim) CIV DISA FE (USA)
Cc: bind-users@lists.isc.org; Mcallister, Reginald CTR DISA FE (USA)
Subject: [URL Verdict: Neutral][Non-DoD Source] Re: Attempting to configure an
ISC BIND repository on Red Hat Linux 7.9
All active links contained in this email were disabled. Please verify the
Modified the repo file to mimic the repo data provided from the isc web site
verbatim:
[copr:copr.fedorainfracloud.org:isc:bind]
name=Copr repo for bind owned by isc
baseurl=https://download.copr.fedorainfracloud.org/results/isc/bind/epel-7-$basearch/
type=rpm-md
skip_if_unavailable=True
]
name=Corp repo for bind owned by isc
baseurl=https://download.copr.fedorainfracloud.org/results/isc/bind/epel-7-x86_64/
skip_if_unavailable=True
gpgcheck=0
enabled=1
enabled_metadata=1
type=rpm-md
---same result.
V/R
Jim DeCaro
DISA
Systems Administrator
Windows and Unix/Linux Server Operations
# yum-config-manager --add-repo
https://download.copr.fedorainfracloud.org/results/isc/bind/epel-7-$basearch/
--Results in the file:
/etc/yum.repos.d/download.copr.fedorainfracloud.org_results_isc_bind_epel-7-_.repo
Content of the repo file
james.j.decaro3@mail.mil
james.j.decaro3@mail.smil.mil
-Original Message-
From: Anand Buddhdev
Sent: Thursday, April 28, 2022 11:06 AM
To: DeCaro, James John (Jim) CIV DISA FE (USA) ;
bind-users@lists.isc.org
Cc: Mcallister, Reginald CTR DISA FE (USA)
Subject: [URL Verdict: Neutral
Dnf is not available. Therefore using yum
Linux Red Hat 7.9 virtual machine on VMware, has internet connectivity
Set up local repository in
/etc/yum.repos.d/download.copr.fedorainfracloud.org_results_isc_bind_epel-8-_.repo:
[copr:copr.fedorainfracloud.org:isc:bind]
name=Copr repo for bind
I am working on shutting down a site which has an isc-bind server that is
master for a domain and subnet which will exist elsewhere once the site is
closed. The few remaining systems don't warrant such a server. My goal is to
merge what remains of the domain/subnet into an existing server
[cid:f96c691b-14fb-43c3-81bb-27c0801dd170]
From: Ondřej Surý
Sent: Monday, April 25, 2022 10:37 AM
To: King, Harold Clyde (Hal)
Cc: bind-users
Subject: Re: getting answers from DNS queries
> I asked this last week, but I didn't an answer.
Probably because I still don’t k
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:00350bec-9764-4740-8d61-e8bec49334bc]
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds
f39b
God will not fix the vessel which insists it isn't broken. -unknown Beware
https://mindspring.com
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
https://www.five-ten-sg.com/mapper/bind contains links to the source
rpm, and build instructions. This .src.rpm contains a .tar.gz file with
the ARM documentation, so the rpm rebuild process does not need sphinx-
build and associated dependencies
That's not in my version of bind-9.16.23.
Thanks anyway!
--
Hal King - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:d0cf86b5-1da2-47ba
...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:fe5c07f5-ef0a-4dd8-a8d0-f22481933b6b]
--
Visit https://lists.isc.org/mailman/listinfo/bind-users
]
From: Larry Rosenman
Sent: Wednesday, April 20, 2022 9:56 AM
To: King, Harold Clyde (Hal)
Cc: bind-users
Subject: Re: Reading secondary PTR files
You don't often get email from l...@lerctr.org. Learn why this is
important<http://aka.ms/LearnAboutSenderIdentificat
King - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:36fbaf98-8bc3-4d0b-8a9a-8eeade380eaa]
--
Visit https://lists.isc.org/mailman/listinfo/bind
Good points, thanks.
-Original Message-
From: Reindl Harald
To: bind-users@lists.isc.org
Sent: Mon, Apr 18, 2022 12:41 am
Subject: Re: Bind and systemd-resolved
Am 18.04.22 um 07:26 schrieb Leroy Tennison via bind-users:
> When I attempt “dig -t AXFR office.example.com
Thanks, had looked at 'man dig' but had assumed (oops) that only the items
listed under the various OPTIONS headings were available in .digrc. Glad to
learn that @ can also be used (confirmed with testing).
-Original Message-
From: Ondřej Surý
To: Leroy Tennison
Cc: bind-users
When I attempt “dig -t AXFR office.example.com -k Kexample_dns.+157+18424.key”
on the DNS server (Bind 9.11) sudoed to root I get:
;; Couldn't verify signature: expected a TSIG or SIG(0); Transfer failed.
This is an Ubuntu 18.04 system and /etc/systemd/resolved.conf has DNS=127.0.0.1
since
for
that (although everybody expects security to be for free)
regards
Klaus
> -Ursprüngliche Nachricht-
> Von: bind-users Im Auftrag von Andrew
> P.
> Gesendet: Donnerstag, 14. April 2022 14:23
> An: bind-users@lists.isc.org
> Betreff: Why did my DNS bill go up?
>
> Gr
ms.
--
Dave
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.i
> On Apr 13, 2022, at 12:00 AM, Grant Taylor via bind-users
> wrote:
>
> This Message Is From an External Sender
> This message came from outside your organization.
> On 4/12/22 7:18 PM, Duchscher, Dave J via bind-users wrote:
> > We are dropping this configurat
sehr sehr sehr langer Text 50"
"das ist ein langer, sehr sehr sehr langer Text 50" "das ist ein langer, sehr
sehr sehr langer Text300"
URIIN URI 10 1 "ftp://ftp1.example.com/public;
WKS IN WKS 1.1.1.1 TCP ( smtp discard rpc )
Von: bind-users
On 4/12/22 7:18 PM, Duchscher, Dave J via bind-users wrote:
We are dropping this configuration and looking at doing something else.
I'm sorry to hear that.
We have had intermittent issues with Slack, Microsoft, and a growing
list of domains. Even have one that consistently fails.
Are you
issues
with Slack, Microsoft, and a growing list of domains. Even have one that
consistently fails. I am just posting this as a caution to others that
you may have problems with DNSSEC validation in this configuration.
--
Dave
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe fr
away from the signed file (O've been using ALG 13 for a couple of years.
--
"Are you pondering what I'm pondering?"
"Yes, Brain, I think so, but do nuts go with pudding?"
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC f
com/>
Twitter: @ekgermann
Telegram || Signal || Skype || Phone +1 {dash} 419 {dash} 513 {dash} 0712
GPG Fingerprint: 89ED 36B3 515A 211B 6390 60A9 E30D 9B9B 3EBF F1A1
> On Apr 10, 2022, at 4:40 AM, @lbutlr wrote:
>
> I have an several domains setup in bind, all with
your signatures expire. Do you have set some
kind of reminder to remind you?
I would try DNSSEC guide [1] with bind 9.16 or more recent. It
provides a policy inside named. It depends on what version do
you have. Even 9.11 can maintain signatures [2] and resign them
RAM to 1 0 0 - .
Regards,
Danilo
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing lis
Hello,
I implemented DNSSEC for my personal domain a good while ago with an
older Bind and back then, I used RSASHA1-NSEC3-SHA1 algorithm, which by
now is not recommended... So I'm going to change the algorithm, probably
to ECDSAP256SHA256, which should also be NSEC3 capable.
Since my
ecursion { any; };
allow-query-cache { any; };
dnssec-validation auto;
};
--
Dave
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/con
On 3/25/22 09:37, The Doctor via bind-users wrote:
On Fri, Mar 25, 2022 at 11:49:54AM +0100, Borja Marcos wrote:
Following up on this subject, looks like there were substantial changes to the
build process for 9.18.1? The port maintainers
seem to be having a hard time with it.
You got
essed up and so are some libraries
and man pages.
> Cheers,
>
>
>
>
>
> Borja.
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
> this list
>
> ISC funds the development of this software with paid support subscriptions.
On 3/24/22 4:34 PM, Carl Byington via bind-users wrote:
Yes, the disconnect was my brain. I will try to plug that back in.
;-)
We've all had those days. Most of us will have them again.
How do you do that in /etc/hosts?
It's been a while, so I'm relying on memory, a.k.a. lossy media
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thu, 2022-03-24 at 16:13 -0600, Grant Taylor via bind-users wrote:
> But there seems to be a disconnect.
> I was talking about adding a domain that is outbound.example.com. and
> put the A / records in that domain's apex.
On 3/24/22 3:50 PM, Carl Byington via bind-users wrote:
In general, the domain exists with a bunch of existing names - www,
mail, etc. We just need to add one more (outbound) and tie it to the
ip address of their outbound mail server. I don't want to take over
their entire domain.
Fair
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thu, 2022-03-24 at 12:16 -0600, Grant Taylor via bind-users wrote:
> What advantage does RPZ have in this case over just hosting the
> domain(s) locally?
In general, the domain exists with a bunch of existing names - www,
mail, etc. We jus
On 3/24/22 10:02 AM, Carl Byington via bind-users wrote:
I think so.
Agreed.
Presumably to create those domains locally. Of course the rest of
the world won't see them.
1.0.0.127.in-addr.arpaPTR outbound.example.com.
outbound.example.com A 127.0.0.1
What advantage does
ybEBmaXZl
LXRlbi1zZy5jb20ACgkQL6j7milTFsEu8ACfWgB0gXmrfZrsLrZ2+3b/K+PYgDkA
n18rhjSH1nRnxXepbbttXLr03FZS
=mTOI
-END PGP SIGNATURE-
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.or
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org
?
servfail or a missing ad-bit?
Daniel
On 18.03.22 15:25, lejeczek via bind-users wrote:
Hi guys
how to troubleshoot that?
...
18-Mar-2022 14:17:41.725 warning: EVP_VerifyFinal failed
(verify failure)
18-Mar-2022 14:17:41.725 info: error:0398:digital
envelope routines::invalid digest:crypto/evp
:
no valid signature found
...
I'd imagine must some up-the-chain servers doing something
there - my local 'bind' does not point/use any specific
forwarders.
many thanks, L.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development
Reindi, thanks for the explanation, I do manually edit the zones because we
don’t make many DNS changes these days and I usually do named-checkzone but I
missed that this time, although I did reload that problematic zone with rndc
reload and saw no errors. I do have bind restarting once a week
Neverminded, I was able to traceback my steps and realize a fat fingered a
DNS entry in one of the zones, added two periods to an authoritative zone’
s DNS record, causing bind to fail to start. The concerning issue was there
was no error on the logs at all, making it hard to figure out the issue
Hi, I realize this is related to Centos, but all the sudden chroot bind
failed to start up with any meaningful errors.
Anyone know what might be the issue here? I have no clues on that the issue
is.
Paul
Job for named-chroot.service failed because the control process exited with
error code
https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org
clients are sending these queries
and go on a hunt. Perhaps the clients are misconfigured, or just being
'playful'!
Some useful reading might be these articles and others in the KB.
https://kb.isc.org/docs/bind-best-practices-authoritative
https://kb.isc.org/docs/bind-best-practices-recursive
and
nitum, unless you tell it otherwise.
> There is an implicit hierarchy as to how queries are dealt with. It arises
> because BIND can be both recursive AND authoritative simultaneously, so
> there has to be some way to choose how to go about responding to incoming
> queries. Using dynamic
On 3/1/22 5:35 AM, Matus UHLAR - fantomas wrote:
you are right, forwarding queries requires recursion.
Thank you for the confirmation Matus. :-)
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
--
Visit https://lists.isc.org/mailman/listinfo/bind-users
recursion setting comes into play.
If I'm mistaken, please correct me.
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid
Thanks Ondrej….will check on that.
From: Ondřej Surý
Sent: Thursday, February 24, 2022 1:29 PM
To: Bhangui, Sandeep - BLS CTR
Cc: bind-users@lists.isc.org
Subject: Re: Errors loading Named ( 9.16.26) on RHEL 7.9
CAUTION: This email originated from outside of BLS. DO NOT click links or open
.
Thanks
Sandeep
Feb 24 11:28:08 cpdnsquar01v named[72797]: starting BIND 9.16.26 (Extended
Support Version)
Feb 24 11:28:08 cpdnsquar01v named[72797]: running on Linux x86_64
3.10.0-1160.53.1.el7.x86_64 #1 SMP Thu Dec 16 10:19:28 UTC 2021
Feb 24 11:28:08 cpdnsquar01v named[72797]: built
| PO Box: 15224,
Doha – Qatar
E-mail: a.ba...@salaminternational.com| Website:
www.salaminternational.com<http://www.salaminternational.com/>
From: Felipe Agnelli Barbosa
Sent: Tuesday, February 22, 2022 8:46 PM
To: Andrew Baker
Cc: bind-users@lists.isc.org
Subject: Re: Recent upgrade
Cou
I've just upgraded the first of my redundant slave DNS servers from Debian
10.11 (bind 9.11) to Debian 11.2 (bind 9.16). Upgrade seemed to go smoothly but
I'm now seeing the below in the bind logs
22-Feb-2022 14:54:59.745 lame-servers: info: timed out resolving
'ns4.he.net//IN': 1.1.1.1#53
We're running it on a few different Debian servers with a mix of BIND as
well as Apache and nginx (among others). Aside from this following
problem and solution, we've had no issues:
https://support.sophos.com/support/s/article/KB-34610?language=en_US
-Jon
On 2022-02-18 3:32 p.m., Bruce
We getting a centralized IT push to install the university’s sophos product on
all servers, including linux:
https://docs.sophos.com/central/Customer/help/en-us/central/Customer/concepts/SPLCommandLineOptions.html
We have three systems running bind: a primary and two secondaries; all
I know, but that's routine if the build system is any good.
On 2022-02-17 18:42, Danny Mayer wrote:
You have to run the debug-enabled code as a service otherwise you will
get nowhere. It's complicated and it's time consuming to set up right.
Danny
On 2/17/22 12:30 PM, Jakob Bohm via bind
On 2022-02-17 18:01, Reindl Harald wrote:
Am 17.02.22 um 17:36 schrieb Jakob Bohm via bind-users:
This is truly tragic, and quite counterproductive action by ISC.
no, it's just stop wasting time for things not really used in the real
production world
Messing about with docker virtualization
ate -- it would certainly make harder
the reverse engineering of software from Microsoft and others who build on top
of Windows.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Cont
the wildcard is forwarding anything towards the the IP ( example , "cc.bb."
> which is not a vaild subdomain). How can I limit that so it will only
> forwards ( bb.aa.example.com) and drops any invalid subdomains (
> cc.bb.aa.example.com ).
>
> Note: aa, bb, and cc being any
and requires expertise with extremely high learning curve.
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do
not feel obligated to reply outside your normal working hours.
On 17. 2. 2022, at 15:08, Jakob Bohm via bind-users
wrote:
On 2022-02-12
image version of
BIND9 and run that on your Windows box.
Danny
On 2/17/22 7:42 AM, Jakob Bohm via bind-users wrote:
Fortunately (or unfortunately), the existing port of the 9.16.x bind
code to Windows is built with Microsoft tools (MSVC2019) and contains
its own handling of differences between
, Jakob Bohm via bind-users wrote:
Fortunately (or unfortunately), the existing port of the 9.16.x bind
code to Windows is built with Microsoft tools (MSVC2019) and contains
its own handling of differences between Windows and Unix.
If a maintainer stepped up to maintain the source for a port, I could
be in a constant race to keep up. It's not worth the
effort. I have recommended that you use the docker image version of
BIND9 and run that on your Windows box.
Danny
On 2/17/22 7:42 AM, Jakob Bohm via bind-users wrote:
Fortunately (or unfortunately), the existing port of the 9.16.x bind
code
On 2022-02-12 01:06, Richard T.A. Neal wrote:
I run BIND on Windows as well but I've been unable to upgrade to 9.16.25 - I get an error
stating "Error Validating Account. Unable to install service using this
account.". So I'm presently running 9.16.21.
What are the last
ontain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for mor
Fortunately (or unfortunately), the existing port of the 9.16.x bind
code to Windows is built with Microsoft tools (MSVC2019) and contains
its own handling of differences between Windows and Unix.
If a maintainer stepped up to maintain the source for a port, I could
compile it locally for our
.
The reverse zones are delegated to us but they aren't signed.
--
73,
Ged.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information
Tower, 3rd Floor | PO Box: 15224,
Doha – Qatar
E-mail: a.ba...@salaminternational.com| Website: www.salaminternational.com
-Original Message-
From: bind-users On Behalf Of Mark Tinka
Sent: Wednesday, February 16, 2022 6:53 PM
To: bind-users@lists.isc.org
Subject: Re: ipv6
On 2/16/22 9:24 AM, G.W. Haywood via bind-users wrote:
FWIW I've been using DNSSEC with HE slaves since October 2017. I'm
happy to report that I've never had any problem with the service.
Please clarify if you are talking about DNSSEC for your own zone that
they are doing secondary transfers
et support IPv6, then a tunnel broker
like HE (and others) are workable.
FWIW I've been using DNSSEC with HE slaves since October 2017. I'm
happy to report that I've never had any problem with the service.
--
73,
Ged.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
On 2/16/22 7:35 AM, Mark Tinka wrote:
I was assuming Linux has something similar, where in userland, you have
the option to install which train of BIND you want, regardless of OS
version.
Most of the -- what I'll call -- binary distributions of Linux tend to
have a fairly small range of any
> HE has a lot of IPv6 educational materials (not bind-specific) that are quite
> good.
I wasn't aware, but this looks worthy and I'm going to do it:
https://ipv6.he.net/certification/
Also to the OP here's another +1 that Debian 10 bind version does IPv6 just
fine, and +1 upgrade it
of significant
changes! There are a couple of things reference all this that I'm unsure about
and am hoping you can educate me on.
Firstly, we are running bind 9.11 on Debian 10 hosts.
* Is it worth use upgrading to Debian 11 to get the newer version of bind?
* Are there any issues/bugs/holes
16. 2. 2022, at 8:32, Sun Guonian via bind-users
> wrote:
>
> Hi,
>
> I notice that Deckard project can be used to test
> knot/knot-resolver/unbound/pdns except BIND.
> And I try to write the configuration and template files for named, but it
> didn't work.
&g
Regards,SUN Guonian
P.S.Deckard's homepage on github.com is https://github.com/CZ-NIC/deckard
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact
On 2/15/22 1:07 AM, Bjørn Mork wrote:
You'll normally get a few update queries to the SOA MNAME if you
leave the real master there.
This was going through my mind as I read the thread.
Aside: BIND secondaries can be configured to forward such updates to
the hidden primary.
Whether you
Thanks for the quick response and confirmation Ondřej
You have helped take my paranoia levels down at least one notch!
Andy Baker
From: Ondřej Surý
Sent: Tuesday, February 15, 2022 10:12 AM
To: Andrew Baker
Cc: bind-users@lists.isc.org
Subject: Re: Setup a hidden master
Hi,
do both
601 - 700 of 1745 matches
Mail list logo
