On 6/15/21 11:54 PM, G.W. Haywood via bind-users wrote:
Hi there,
On Wed, 16 Jun 2021, ToddAndMargo wrote:
Re: My FC33->FC34 bind-chroot upgrade notes
I hope this is the last time I have to revise this!
...
Unfortunately perhaps not.
:'(
...
# means root
$ means user
...
Someti
Hi there,
On Wed, 16 Jun 2021, ToddAndMargo wrote:
Re: My FC33->FC34 bind-chroot upgrade notes
I hope this is the last time I have to revise this!
...
Unfortunately perhaps not.
...
# means root
$ means user
...
Sometimes, in your configuration file extracts, you use '#' mean
On 6/15/21 6:59 PM, ToddAndMargo via bind-users wrote:
On 6/15/21 12:51 PM, ToddAndMargo via bind-users wrote:
On 6/14/21 10:02 PM, ToddAndMargo via bind-users wrote:
Hi All,
Thank you all for the enormous help in me getting bind-chroot
working after upgrading to Fedora 34. Here are my notes
On 6/15/21 12:51 PM, ToddAndMargo via bind-users wrote:
On 6/14/21 10:02 PM, ToddAndMargo via bind-users wrote:
Hi All,
Thank you all for the enormous help in me getting bind-chroot
working after upgrading to Fedora 34. Here are my notes.
Hope this helps someone else.
-T
Here are my
On 6/14/21 10:02 PM, ToddAndMargo via bind-users wrote:
Hi All,
Thank you all for the enormous help in me getting bind-chroot
working after upgrading to Fedora 34. Here are my notes.
Hope this helps someone else.
-T
Well, if at first you don't succeed, revise! See
changes
On 15-06-2021 07:46, ToddAndMargo via bind-users wrote:
On 6/14/21 9:30 PM, Jim Popovitch via bind-users wrote:
On Tue, 2021-06-15 at 14:27 +1000, Mark Andrews wrote:
https://downloads.isc.org/isc/bind9/9.16.16/doc/arm/Bv9ARM.pdf
The modern-day RTFM :-)
-Jim P.
"Just G
On 6/14/21 9:30 PM, Jim Popovitch via bind-users wrote:
On Tue, 2021-06-15 at 14:27 +1000, Mark Andrews wrote:
https://downloads.isc.org/isc/bind9/9.16.16/doc/arm/Bv9ARM.pdf
The modern-day RTFM :-)
-Jim P.
"Just Google it." The new RTFM. Chuckle!
And ' 'managed-keys' is
Hi All,
Thank you all for the enormous help in me getting bind-chroot
working after upgrading to Fedora 34. Here are my notes.
Hope this helps someone else.
-T
Broken bind-chroot repair after upgrading to Fedora 34:
# means root
$ means user
1) temporary workaround so you can surf
On Tue, 2021-06-15 at 14:27 +1000, Mark Andrews wrote:
> https://downloads.isc.org/isc/bind9/9.16.16/doc/arm/Bv9ARM.pdf
The modern-day RTFM :-)
-Jim P.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this l
Hi All,
Fedora 34
bind 9.16
The Duck is failing me.
Placing
include "/etc/named.root.key";
in my bind.conf, give me the following error:
# named-checkconf -l -t /var/named/chroot /etc/named.conf
/etc/named.root.key:1: option 'managed-keys' is deprecated
What do I use in its pl
bind doesn’t support @ signs for the email contact. It would be
root.rn6.xyz.local
Line 15, missing the class (IN)?
DeadStick IN A 192.168.255.156
>
> INTXT"310702541c5622d0e6001136bd71a6578b"
---
Eric Germann
ekgermann {a
On 6/13/21 12:13 AM, ToddAndMargo via bind-users wrote:
On 6/12/21 11:47 PM, ToddAndMargo via bind-users wrote:
Oh but no errors and it still does not work!
# host 8.8.8.8
Host 8.8.8.8.in-addr.arpa not found: 2(SERVFAIL)
# host 8.8.8.8 8.8.4.4
Using domain server:
Name: 8.8.4.4
Address
On 6/12/21 11:47 PM, ToddAndMargo via bind-users wrote:
Oh but no errors and it still does not work!
# host 8.8.8.8
Host 8.8.8.8.in-addr.arpa not found: 2(SERVFAIL)
# host 8.8.8.8 8.8.4.4
Using domain server:
Name: 8.8.4.4
Address: 8.8.4.4#53
Aliases: 8.8.8.8.in-addr.arpa domain name pointer
Tears!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind
On 6/12/21 5:30 PM, ToddAndMargo via bind-users wrote:
Hi All,
I just upgraded from Fedora 33 to Fedora 34.
Bind was updated from 9.11 to 9.16 in Fedora 34.
It completely broke my Fedora 33 configuration.
Would someone please point me to the directions
as to how to migrate from 9.11 to 9.16
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-
On 6/12/21 8:30 PM, ToddAndMargo via bind-users wrote:
# named-checkzone -t /var/named/chroot/var/named/slaves abc.local
abc.hosts.rev
abc.hosts.rev:3: ignoring out-of-zone data (255.168.192.in-addr.arpa)
abc.hosts.rev:14: ignoring out-of-zone data
abc.hosts(10.255.168.192.in-addr.arpa
said the
zone name you used was xyz without the .local.
I posted the error I have see so far. Please give me a list of other
error reporting options.
Please note that everything worked perfectly under Fedora 33 and bind 9,11.
Now that I have the .local, things improved for abc.hosts,
# named
On 6/12/21 5:30 PM, ToddAndMargo via bind-users wrote:
Hi All,
I just upgraded from Fedora 33 to Fedora 34.
Bind was updated from 9.11 to 9.16 in Fedora 34.
It completely broke my Fedora 33 configuration.
Would someone please point me to the directions
as to how to migrate from 9.11 to 9.16
Hi All,
I just upgraded from Fedora 33 to Fedora 34.
Bind was updated from 9.11 to 9.16 in Fedora 34.
It completely broke my Fedora 33 configuration.
Would someone please point me to the directions
as to how to migrate from 9.11 to 9.16?
Many thanks,
-T
On 12.06.2021 14:24, Richard T.A. Neal wrote:
Mainsh – I haven’t done any experimenting with DOT, but there’s a
guide for configuring DOH at the following page. It requires BIND
9.17.10 or higher (DOH isn’t being backported to BIND 9.16):
https://www.isc.org/blogs/doh-talkdns/
Walter – I’m
,
root of the issue.
Do you have the book "DNS and BIND"? Old, but still very relevant.
...
If you need any additional information let me know.
There might be loads of it, but for now I think probably your best bet
is to do some reading. The Web client (browser) needs to request its
On 12.06.2021 04:52, Manish Rane wrote:
Hi Team,
I am using BIND 9.11.3-1ubuntu1.12-Ubuntu version for my BIND and
planning to use ISC PPA and use 9.16.16.
So my queries are
1. Is DOH/DOT officially supported now?
2. And how do I DOH forwarding in my BIND configuration?
DOH/DOT is dead
net for more information.
>
> If you need any additional information let me know.
>
> Thank you for your help!!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software w
So I redone my windows bind setup on a new system and this bug may never
get fixed but I wanted to post the oddness of this bug.
Bind on New PC as servers 127.0.0.1 for dns on that system
cmdns.dev.dns-oarc.net reports fine except for IPv6 test OK
I then have two PC's as clients to this DNS
:
Evan Hunt wrote:
My understanding is BIND will still run fine under WSL; it's only the native
Visual Studio builds that we're removing.
For people who want to run named on windows, WSL seems like the best way to go.
Sadly no. To quote myself from an earlier email on this topic:
There are two
ortable (by Adobe).
P.S. I am not a fan of Windows, but it is widespread, and many people even use
it for Internet servers.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development
: 89ED 36B3 515A 211B 6390 60A9 E30D 9B9B 3EBF F1A1
signature.asc
Description: Message signed with OpenPGP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software
Call me naive, but I’m trying to figure out what the corner case is to use BIND
on Windows.
For an internal network Windows Server already has a name server that
integrates with AD and everything else needed to run a Windows network.
Support for DDNS is a lot easier, it has tons of SRV
Well its clearly not working so it needs to change just like DDNS is
free but you can paid for a subscription thats easy to do or SSL is free
for 90days but you have the option to pay easily for a year but that
might not work for bind for windows so it needs to be a subscription to
run
On 04/06/2021 6:05 pm, John Thurston wrote:
On 6/4/2021 8:48 AM, Peter via bind-users wrote:
When people find out2024 is the year bind is no longer supported for
windows people aregoing to be upset this all seems to be done quietly
nothing posted on the the isc.org site about this just how
When people find out2024 is the year bind is no longer supported for
windows people aregoing to be upset this all seems to be done quietly
nothing posted on the the isc.org site about this just how many people
depend on bind for windows will be shocking
, and I haven't used root.hints for years.
The hints section (zone ".") in my named.conf is just commented out.
https://kb.isc.org/docs/aa-01309
HTH
--
73,
Ged.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscr
On 6/3/21 7:05 PM, Peter via bind-users wrote:
Guess not even a subscription will not happen too.
I'm having to try and do Bind on ubuntu and it just will not let me
edit files like named.conf unless you do some vodoo that I don't
understand and even updating the bind like how? Windows
On 6/3/21 2:17 PM, Reindl Harald wrote:
Am 03.06.21 um 20:12 schrieb Danny Mayer via bind-users:
I don't speak for ISC but it's important to understand that support
of an operating system costs money and unless a company or
organization is willing to step up with money it cannot
Guess not even a subscription will not happen too.
I'm having to try and do Bind on ubuntu and it just will not let me edit
files like named.conf unless you do some vodoo that I don't understand
and even updating the bind like how? Windows no problem you want to edit
a file no problem can't
Maybe they could release a bind for windows ever year with limited
support? But I guess bind will still work long after its not supported
which is the only good thing.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
the effort was made.
FWIW.
Danny
On 6/3/21 4:03 AM, Richard T.A. Neal wrote:
Thanks Vicky and Ondrej for providing clarity. I'll be sad to see it when this
happens but as I said in my original post I don't underestimate the sheer
amount of effort required to maintain BIND for Windows going
Well that sucks no more bind for windows...:(
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https
the secondary authoritative and as a
result was not notifying for dynamic changes.
Thank you very much,
Brian
-Original Message-
From: Mark Andrews
Sent: Tuesday, June 1, 2021 9:24 PM
To: Cuttler, Brian R (HEALTH)
Cc: bind-users@lists.isc.org
Subject: Re: configure notify for ixfer
Inside the zone statement of the primary add:
also-notify { ipofsecondary };
This will make transfer in microseconds.
Let me know if it works for you.
Dan
On Jun 1, 2021, at 7:24 PM, Mark Andrews wrote:
On 2 Jun 2021, at 01:18, Cuttler, Brian R (HEALTH) via bind-users
wrote:
My dns
primary/secondary BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 on Centos 7.9.
Goal is to have dynamic entries replicated on the secondary within a few
minutes if not a few seconds.
>From what I'm reading I should be sending a notify from the primary to the
>secondary when a dynamic zone is u
On 30/05/2021 17:24, Richard T.A. Neal wrote:
DNS over HTTPS support appears to be steadily increasing and it looks
like the next version of Windows 10, Windows 10 21H2, will including
support for DoH at the operating system level.
�
I spent a little time this weekend setting-up BIND
On 30 May 2021, at 12:23, Grant Taylor via bind-users
wrote:
> On 5/30/21 9:24 AM, Richard T.A. Neal wrote:
>> I spent a little time this weekend setting-up BIND 9.17.13 on Ubuntu 21.04
>> and configuring the system as a recursive resolver offering DNS over HTTPS
>>
On 5/30/21 9:24 AM, Richard T.A. Neal wrote:
I spent a little time this weekend setting-up BIND 9.17.13 on Ubuntu
21.04 and configuring the system as a recursive resolver offering DNS
over HTTPS using a LetsEncrypt certificate.
Nice work.
Is there any interest in me writing this up as a web
sit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.or
Hi there,
On Wed, 26 May 2021, He/Him wrote:
we merged a change that substantially reduces a contention between threads
and improves the recursive performance ...
We are currently running 9.11.26, and 9.11 has always built with no issues.
Debian 9.13 (Stretch).
$ aunpack bind-9.16.17
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
https://www.five-ten-sg.com/mapper/bind contains links to the source
rpm, and build instructions. This .src.rpm contains a .tar.gz file with
the ARM documentation, so the rpm rebuild process does not need sphinx-
build and associated dependencies
On 5/23/21 9:27 AM, Ondřej Surý wrote:
Nope, that’s how you enter email to SOA with dot in user part as
the first dot gets converted to @.
#TodayIlearned
I agree with Ondřej. I think it's the missing $ in front of ORIGIN.
Remember the $ lines are directives to BIND and not zone data
If you can have BIND log directly to a file, couldn't you use a FIFO
(prwxrwxrwx) or Unix domain socket (srwxrwxrwx) and avoid the disk I/O by
sending the log data directly to the forwarder? (E.g., Pulse Audio listens on a
socket for audio data from an application, and sends it in real-time
Nevertheless I think there is a bug. IIR the previous default was 100% (switch
to AXFR if IXFR would be grater than AXFR) and we also saw plenty of AXFR
although the IXFR difference was very small and far away from 100%
regards
Klaus
> -Ursprüngliche Nachricht-
> Von: bind-use
On 5/20/21 8:43 AM, Anand Buddhdev wrote:
> On 20/05/2021 15:30, Tim Daneliuk via bind-users wrote:
>
> Hi Tim,
>
>> Recently - and for no obvious reason - the on-prem instance stops resolving
>> properly. The fix is to stop it, clear out the slave files, and restart.
&g
Running bind 9.16.15 on FreeBSD 11.4-STABLE.
Master is out on a cloud server at Digital Ocean. Slave is on-premise.
All on-prem LANs point to the slave instance.
Running split horizon to keep nosey parkers out of our local DNS assignments.
Recently - and for no obvious reason - the on-prem
before using them in production; just because something works for me
doesn't mean it will satisfy you. :)
Good luck,
-JP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds
ving the software.
I feel strongly that I should chime in with my experiences of trying
to use Git/Web interfaces to report issues. Not, I hasten to add,
issues with BIND - I don't recall ever trying to use ISC's GitLab and
I'd have no particular issues with creating an account except that I'd
Hello again,
On Sun, 16 May 2021, I wrote:
... If you can't agree their numbers then
you're some information ...
Having screen troubles. The word 'missing' is missing.
--
73,
Ged.
___
Please visit https://lists.isc.org/mailman/listinfo/bind
are they?
Some long TTL?
Just shootin' the fish, I don't know nearly as much about this stuff
at the guys already helping you.
--
73,
Ged.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds
NS
uz5w6sb91zt99b73bznfkvtd0j1snxby06gg4hr0p8uum27n0hf6cd.free.ns.buddyns.com.
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do
not feel obligated to reply outside your normal working hours.
On 16. 5. 2021, at 8:45, Dan Egli via bind-users
wrote:
Upgrade to WHAT? You said it was fixed in 9
Upgrade to WHAT? You said it was fixed in 9.11.25, but isn't that a lot
OLDER than 9.16.15, which is what I'm running?
jupiter ~ # named -v
BIND 9.16.15 (Stable Release)
jupiter ~ # dig -v
DiG 9.16.15
On 5/16/2021 12:06 AM, Mark Andrews wrote:
On 16 May 2021, at 10:17, Dan Egli via bind
-signing using
dnssec-keygen. The new dnssec-policy feature can do automatic key
management for you.
Tony.
So, I updated the settings. Now I have keyfiles generated by bind, as
well as a binary .zone.signed in addition to the plain text .zone which
has no DNSSEC information at all in it. I ran
nny
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
ht
On 5/10/21 5:11 AM, Ondřej Surý wrote:
On 10. 5. 2021, at 10:29, Richard T.A. Neal wrote:
At this time I don't therefore believe that running BIND via WSL or WSL2 on
Windows Server is a viable reliable solution.
Thanks for the analysis.
The alternative is as I outlined in the first email
Test Server
OpenPGP_0x11B7451DF2015959.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds
Actually, it's in keeping with the *original* definition of hacking!
On Sun, 9 May 2021 23:55:13 -0600
@lbutlr wrote:
> On 06 May 2021, at 09:57, Dennis Clarke via bind-users
> wrote:
> > I do NOT trust a build result where I had to go hacking into all the
> > Mak
On 5/10/21 01:55, @lbutlr wrote:
> On 06 May 2021, at 09:57, Dennis Clarke via bind-users
> wrote:
>> I do NOT trust a build result where I had to go hacking into all the
>> Makefiles just to get it to build. You install without doing testing?
>
> That's a very strang
Hello Dan.
Does your registrar have the ability via a UI to place a DS record in the .name
zone?
And if so, have you done that already?
John
Sent from Nine<http://www.9folders.com/>
From: Dan Egli
Sent: Monday, May 10, 2021 12:20 AM
To: bind
Hi Peter ..
How do you know your DNSSEC is working to begin with?
Here is a URL that I prefer to use that will help answer that question:
https://dnsviz.net/
What you are looking for is your to zone to be “secure”.
Since you are an experienced BIND admin .. any clues to be found in the logs
On 09/05/2021 13:44, Xavier Humbert via bind-users wrote:
On 09/05/2021 12:32, Xavier Humbert via bind-users wrote:
Hi,
My DNS system if perfectly working :
[xavier@numenor ~]$ dig dns.google.com
; <<>> DiG 9.16.15 <<>> dns.google.com
;; global options: +cmd
;;
On 09/05/2021 12:32, Xavier Humbert via bind-users wrote:
Hi,
My DNS system if perfectly working :
[xavier@numenor ~]$ dig dns.google.com
; <<>> DiG 9.16.15 <<>> dns.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status
enPGP_0x90B78A89BCC49C10.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with pa
On 5/8/21 14:13, Evan Hunt wrote:
> On Thu, May 06, 2021 at 11:57:58AM -0400, Dennis Clarke via bind-users wrote:
>> I do NOT trust a build result where I had to go hacking into all the
>> Makefiles just to get it to build. You install without doing testing?
>
> I think Ondr
On 5/7/21 16:00, Ondřej Surý wrote:
> No, the tests run fine on BSDs, there are no gnuisms.
>
> Solaris just isn’t on our supported platform list
Oh thats right .. you guys dropped it.
Still a whack of legacy boxes out there running but I guess
not ISC Bind in the very very very ne
How can I run those
tests as separate items manually ?
--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC f
l[#]] [-n # [-x]] [-s size] [cmd [args ...]]
R:allow-query:PASS
So I guess there are hard coded gnuisms in there?
Dennis
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this
8
bge2:14: flags=2000801 mtu 1500 index 4
inet6 fd92:7065:b8e:ff::2/128
bge2:15: flags=2000801 mtu 1500 index 4
inet6 fe80::203:baff:fe13:3c25/10
dude@nix$
dude@nix$ ./runall.sh -n
+ SYSTEMTESTTOP=.
+ . ./conf.sh
++ TOP=/opt/bw/build/bind-9.11.31_sunos5.10_sparcv9.005
++ DEFAULT_
version 9.11.31. I was successful at
installing a number of updated versions of BIND along the way up to and
including 9.16.12 on the Solaris platform without the gssapi link problem. I
am only interested in installing non-development (production) stable versions.
Is there anything else I can
I very carefully created an airgap test system for this process and did
setup all the required network interfaces. However all tests fail
terribly due to some weird python requirement ?
airgap$ ./runall.sh -n
+ SYSTEMTESTTOP=.
+ . ./conf.sh
++ TOP=/opt/bw/build/bind
Hello,
I have what is probably a very rudimentary question, but I am stuck.
I am attempting to upgrade BIND on a Solaris 11.4 x86 virtual platform. I have
installed BIND successfully up to version 9.16.12 using ./configure
--enable-full-report --with-gssapi=krb5-config --sysconfdir=/etc
d running `make check` is enough.
>
I do NOT trust a build result where I had to go hacking into all the
Makefiles just to get it to build. You install without doing testing?
Dennis
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
On 5/6/21 10:50, Tony Finch wrote:
> Dennis Clarke via bind-users wrote:
>>
>> Hey there. I looked in the README and I dont see an INSTALL file at all
>> so I have to assume that the testing docs exist somewhere.
>
> Have a look at
>
> https://gitlab.isc.org/i
://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo
192.33.14.30, a.gtld-servers.net. A
> 192.5.6.30, m.gtld-servers.net. 2001:501:b1f9::30(490) (ttl 63, id
> 11754, len 518)
> - - -
> ---
> PGP-Key: CDE74120 ☀ computing @ chaos claudius
>
> ___
> Please visit https://lists.i
ompile completes.
I will dig a bit and see where things went wrong after 9.11.26.
--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsub
This has kept me spinning in a few hours since yesterday. So I gave a
try at configure and compile of bind-9.11.31 on ye Fujitsu/Oracle SPARC
Solaris 10 boxen and I see :
.
.
.
/opt/developerstudio12.6/bin/cc -mt
-I/opt/bw/build/bind-9.11.31_sunos5.10_sparcv9.003 -I../..
-I/opt/bw/build/bind
On Tue, May 4, 2021 at 8:42 AM Roee Mayerowicz wrote:
> Do you know of a way to ask multiple DNS queries in a recursive bind server
> at the same packet\request?
> Using DoH might work? How? Is there a plugin which does that?
The short answer is no, but it might not be answering the
mechanism in bind9 where the server
> chooses different records to resolve for each request, but is there a way
> to assign weights so that the server resolves with different probabilities?
>
> All I could find about the topic was this old mail from the archive:
> https://lists.isc.
Hi,
I need some help setting up a recursive nameserver for my internal
network using BIND 9. The recursive name server is not resolving any
domains.
I am running the BIND 9 package from the ppa:isc/bind repo.
BIND Version Number: 9.16.15
OS: Ubuntu 18.04 LTS
This is the named.conf.options
On 4/27/21 10:24 AM, Kevin A. McGrail wrote:
Agreed on the OT and good subject change.
:-)
For me, I wouldn't bind DNS to the eth0, just another attack surface
hence I would use local loopback.
I think the main reason to bind to eth0 / LAN is for when there are
multiple (mail) servers
BIND-Users on topic content first:
#1 bind for a local caching DNS query server
I absolutely agree.
and change resolve.conf to 127.0.0.1 for the best RBL performance.
How much effective performance difference does the loopback interface
(lo) vs the local LAN interface (eth0) make
On 4/26/21 2:45 PM, bamberg2000 via bind-users wrote:
Hi!
Hi,
BIND 9.11.5, I forward the request ("forward zone" or global "forward
first") to another server and I get NXDOMAIN. Is it possible to process
NXDOMAIN other than "redirect zone"? I just want to
Hi!
BIND 9.11.5, I forward the request ("forward zone" or global "forward first")
to another server and I get NXDOMAIN. Is it possible to process NXDOMAIN other
than "redirect zone"? I just want to repeat the request
Since "" is a subzone inside of the example.com zone the answer is yes, it
can be delegated.
John
Sent from Nine<http://www.9folders.com/>
From: Karol Nowicki via bind-users
Sent: Monday, April 26, 2021 10:24 AM
To: bind-users@lists.isc.o
Hi
Its possible to delegate tld domain example.com to 1.1.1.1 name server and
.example.com to 2.2.2.2 name server ?
Wysłane z Yahoo Mail do iPhone
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ndently of the zone files.
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https
ppear to be confused about what the various tools do, so here's a
> summary:
>
> 1. ssh is used to log into a remote server, get a shell, and run
> operating system commands.
>
> 2. rndc is for controlling a running BIND server. It can be used to
> check the status of BIND, relo
pipeline runner to my remote BIND staging server and update
> the zone files on there with my newly updated zone file.
> I initially thought about using ssh from the runner to the remote BIND
> server but this may not be the most secure way of connecting.
> So my question is: Is it possib
On Wednesday, 14 April 2021 15:00:38 CDT Bob Harold wrote:
> Does anyone have an automated KSK roll process, that checks for the DS
> record at the parent, that they can share?
>
> As far as I can tell, the automated signing in BIND will roll the KSK if I
> set the timing in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wed, 2021-04-14 at 12:58 -0400, Paul Kosinski via bind-users wrote:
> Interesting, although we host different domains, in and from different
> geographic areas, we got the same queries as yours on the same day,
> with some at about the
5 GMT 92.204.191.45#2927 (sl): query: sl IN ANY +E(0)
> 13-Apr-2021 07:04:33.993 GMT 92.204.191.45#2927 (sl): query: sl IN ANY +E(0)
> 13-Apr-2021 07:04:34.047 GMT 92.204.191.45#2927 (sl): query: sl IN ANY +E(0)
___
Please visit https://lists.isc
901 - 1000 of 1747 matches
Mail list logo