In message <1505734269.2518.70.ca...@biplane.com.au>, Karl Auer writes:
> On Mon, 2017-09-18 at 19:45 +1000, Mark Andrews wrote:
> > In message <1505723565.2518.54.ca...@biplane.com.au>, Karl Auer
> > writes:
> > > 2: Can the Replacement field be empty? It lo
to reduce
UDP response sizes to fit into a single ethernet frame. It just
hides the problem cause by bad firewall configuration.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
t Ranges
> >
> > use-v4-udp-ports { range 32768 65535; };
> >
> > use-v6-udp-ports { range 32768 65535; };
> >
> > recursive-clients 15000;
> >
> > server-id none;
> >
> > version none;
> >
> > interface-int
B
>
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrew
Because it isn't all about udp size. Sending a OPT signals that the client
supports EDNS. Also if you want DNSSEC you send the do with EDNS.
--
Mark Andrews
> On 17 Sep 2017, at 16:10, Harshith Mulky <harshith.mu...@outlook.com> wrote:
>
> Am 15.09.2017 um 09:37 schrieb
On 14/09/2017 16:55, Tony Finch wrote:
> Mark Elkins <m...@posix.co.za> wrote:
>
>> With BIND version 9.12 coming out - I'm wondering if I've missed any
>> announcements on some form of Automatic (DNS)Key Management?
>> Something that will create and retire keys ac
with BIND? That is, using the latest features of BIND. I'd
assume that to be something along the lines of
https://kb.isc.org/article/AA-00711/205/In-line-Signing-With-NSEC3-in-BIND-9.9-A-Walk-through.html
but newer.
--
Mark James ELKINS - Posix Systems - (South) Africa
m...@posix.co.za Tel
Please read the error message *carefully*.
ns1.mail.lab.example.com.lab.example.com != ns1.mail.lab.example.com.
You are missing a terminating period on the MX record.
Mark
In message <pn1pr01mb038124567f7a52d927b9d1f181...@pn1pr01mb0381.indprd01.prod.
OUTLOOK.COM>, Harshith Mulky
Sep 11 10:09:10 AEST 2017
;; MSG SIZE rcvd: 811
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
I suspect that you are forwarding your queries and that your forwarder is
returning out-of-date addresses.
In message
,
Alberto Colosi writes:
> I haven't seen as from a while I have no servers to admin
>
> as I
Use server clauses. Most specific wins.
server ::/0 { bogus yes; }; // all of IPv6
server 2001:DB8::/48 { bogus no; }; // site
server {
bogus ;
edns ;
edns-udp-size ;
edns-version ;
keys ;
max-udp-size ;
veral years now so if you have trouble reaching websites I think
a upgrade of the OS on the phone is in order.
As for the VPN it could be the server side that isn't configured to
supply you with IPv6.
Mark
> Thanks!
--
Mark Andrews, ISC
1 Seymour St
could be the problem.
> --
> http://rob0.nodns4.us/
> Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
&
is insecure. The negative
answers will come from the parent zone.
>Best regards,
>Niall O'Reilly
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing
In message <93595848.2099571.1503336849...@mail.yahoo.com>, U Zee writes:
> Thanks Mark,
> So mysteriously the problem is now gone and I have no idea how, I know
> that I didn't change anything.
> While investigating, I tried looking but didn't get anything in packet
> cap
l subsequent log messages
related to the same query.)
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-use
gular linux client but the
> output was similar except that it didn't include the CNAME line.
Well the next stage is to trace what happens when the recursive
server looks for cs47.can.lnvcdn.net, the target of the CNAME.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE:
; and response together into a stream.
>
> Thoughts?
Apply Occam's razor.
The packet in wireshark is not the packet DiG displayed.
> John
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
server 199.252/16 { send-cookie false; };
Unknown EDNS options are supposed to be ignored.
Mark
> --
> Hal King - h...@utk.edu
> Systems Administrator
> Office of Information Technology
> Shared Systems Services
>
> The University of Tennessee
> 103C5 Kingston Pike Bu
s feature was a significant effort, sponsored by an OEM user of BIND. As
part of the agreement with the sponsor, we agreed to embargo the feature from
the open source until 2018.
Victoria Risk
Internet Systems Consortium
vi...@isc.org
--
Mark Andrews, ISC
1 Seymour St., Dundas Valle
In message <alpine.deb.2.11.1706281050330.31...@grey.csi.cam.ac.uk>, Tony Finch
writes:
> Mark Andrews <ma...@isc.org> wrote:
> >
> > See https://tools.ietf.org/html/rfc6763 for details of how it is
> > designed to work. Section 11 shows how to go from IP addre
you should need to do beyound rebooting the
devices to get them to register themselves. Hopefully I haven't
left anything out or got something wrong as I am yet to do this
in real life.
Mark
In message <fd2d7867-c934-de08-9e4b-90a0d07f8...@csub.edu>, "Michael W. Fleming
"
xx.com.
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.o
org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark James ELKINS - Posix Systems - (South) Africa
m...@posix.co.za Tel
Apple's compilers when build BIND in testing. These
are available free from Apple though need to be explicitly installed.
Mark
In message <e246e405-d260-4098-8d7e-7eb1d5c7f...@stonejongleux.com>, Larry
Stone writes:
> Im also running OS X 10.12.5 so decided to see if I can replicat
In message <22408832-7b45-c1dc-870d-c16fb8cb9...@gmail.com>, Sachin Garg writes:
>
> On Thursday 15 June 2017 01:06 PM, wbr...@e1b.org wrote:
> > Mark Andrews wrote on 06/15/2017 12:02:37 AM:
> >
> >> Other ISP's should try to match Google's level of I
In message <offe8a6ac9.f6535ea0-on85258140.005dd50f-85258140.005df...@e1b.org>,
wbr...@e1b.org writes:
> Mark Andrews wrote on 06/15/2017 12:02:37 AM:
>
> > Other ISP's should try to match Google's level of IPv6 commitment.
>
> I'll be they would if they had Google's l
nly the machines are dual stacked and are
returning answers over IPv6 in certain countries. You can almost,
but not quite be IPv6-only when communicating with Google. Internally
Google is mostly IPv6-only.
Other ISP's should try to match Google's level of IPv6 commitment.
Mark
--
Mark Andrews, ISC
1 Sey
gt; same response detail as dig -t A ; dig -t ; and dig -t MX).
% dig +short isc.org a isc.org isc.org mx
149.20.64.69
2001:4f8:0:2::69
20 mx.ams1.isc.org.
10 mx.pao1.isc.org.
%
> On the other remarks, inline.
>
> On 14-Jun-17 21:09, Mark Andrews wrote:
> > In message &l
just routed around them to get IPv6 at home.
If you have a piece of computing equipement bought in the last 10
years that doesn't suppport IPv6 today it is because the manufacture
is a ludite, not because IPv6 doesn't work.
Mark
> On Wed, 14 Jun 2017 22:10:25 +1000
> Mark
RSIG-Refresh-in-BIND-9-8-2-tp3946p3948.html
> Sent from the Bind-Users forum mailing list archive at Nabble.com.
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users m
CTION:
;isc.org. IN
;; ANSWER SECTION:
isc.org.6 IN 2001:4f8:0:2::69
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jun 14 22:09:26 AEST 2017
;; MSG SIZE rcvd: 92
%
--
Mark Andrews, ISC
1 Seymour St., Dundas
In message
l
> consistency
> check.
>
> Tony.
> --
> f.anthony.n.finch <d...@dotat.at <mailto:d...@dotat.at>>
> http://dotat.at/ - I xn--zr8h punycode
> Fitzroy: Southwesterly, veering northwesterly, 6 to gale 8,
> decreasing
.com. SOA ns.example.com. hostmaster.example.com. 0 0 0 0 0
example.com. NS ns
ns.example.com. A 1.1.1.1
sub1.example.com. A 1.2.3.4
sub2.example.com. A 1.2.3.8
$ORIGIN doesn't mean start of a zone though every zone has a implict
$ORIGIN set when it is being loaded.
> Thanks,
> Bernard
--
Mark
he reverse resolution queries.
No.
> Thank you!
> F
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://li
And the way to contact the developers is to log a bug report.
Email bind9-b...@isc.org or click on the Contact link on the ISC
site which takes you to https://www.isc.org/contact-me/ and select
"BIND Bug Report" at "What can we help you with?".
Both end up in the bug tra
s "why does this lookup fail". If a "server"
has no address records then it isn't a server so why is it listed
in the NS records for the zone? Almost all of the time there are
no records at all so the glue A records get wiped out by the NXDOMAIN
response to the lookup and y
In message <1496134856349-3886.p...@n4.nabble.com>, Harshith Mulky writes:
> Hello Mark,
>
> Yes the client is retrying the query over TCP.
>
> But initially I am getting no Answers
> The ANSWER is as below
>
> ;; ->>HEADER<<- opcode: QUERY, status
uot; "SIP+D2U" ""
> _sip._udp.pcr21381.dflt.vzb.com.
> pcr21381.dflt.vzb.com. 300 IN NAPTR 11 37 "u" "SIP+D2U" ""
> _sip._udp.pcr21381.dflt.vzb.com.
> pcr21381.dflt.vzb.com. 300 IN NAPTR 11 39 "u" "SIP+D2U" ""
> _sip._udp.pcr21381.df
domain-name and should be used to lookup either A, , or
A6 records for that domain. The "U" flag means that the output of
the Rule is a URI [15].
Named examines the Flags field to determine what additional data to add.
"S" -> SRV records
"A" -> A a
and
see if the problem goes away. If that doesn't work. Try to report
the bug to the router manufacture. If you can't do that return the
router requesting a full refund as it is not fit for purpose.
Suppliers and manufactures need to get some pushback on broken products.
Mark
in message
es of the records it
uses do not clash with the syntax of valid hostnames. DKIM does
no use A, or MX records at these names. This is also why SRV
uses records with underscore prefixes.
Mark
> Get Outlook for iOS<https://aka.ms/o0ukef>
>
>
>
> On Mon, May 22, 2017
ot; with "Owner
Name" / "Record Name" / "Domain Name" in the documentation referenced
below. Host name has a specific meaning and the documentation
referenced there is just plain wrong in its use of "Host Name".
Mark
> From: bind-users <bind-user
ink
> that help me.
>
> Reference:
> https://technet.microsoft.com/en-us/library/mt695945(v=exchg.150).aspx
>
> Thanks in advance!
Post the actual error messages or the actual zone content. Your suppositions
are incorrect.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, A
ly.
This will let everyone in the world find the CNAME records. This
should be done even if you are just doing it for your recursive
clients.
If you don't want A to mappings to happen then turn off the
DNS64 mapping for everyone on the server.
dns64 2001:67c:2b0:db32:0:1::/9
nbosschie...@gmail.com
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
M
In message <3cc295c2-1717-3af3-362a-66c708256...@htt-consult.com>, Robert Mosko
witz writes:
>
>
> On 05/10/2017 05:41 PM, Mark Andrews wrote:
> > In message <c51ed4ea-2ce2-e7d4-8fec-f59c91708...@htt-consult.com>, Robert M
> osko
> > witz writes:
> &g
bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman
https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 47
In message <20170420.140824.1617725721724411930...@uninett.no>, Havard Eidnes
writes:
> > Upgrade.
>
> :) So 9.9.10 should have a fix for this?
As did 9.9.9-P8 last week.
> (Its release had passed under my radar.)
>
> Regards,
>
> - H=E5vard
--
Mark A
visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscri=
> be from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 47
hem
and new genuine random values should only be a instruction code away.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/ma
. Most of the problem have been
with applications installed on XP machines and running as Administrator
not the OS itself.
IE is a application as far as I am concerned.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742
Ref : bind-9.9.7-P2
Can I use the RPZ mechanism on a forward only nameserver too ,without
abonding the forward only setup ?
M.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
On 08/04/2017 07:56, Dave Warren wrote:
Why wouldn't you just use the ICANN's authorized zone transfer servers?
http://www.dns.icann.org/services/axfr/
This is what I've now done. Thanks for all of the replies (on and off list)!
--
Mark Knight
Mobile: +44 7753 250584. http
]: transfer of 'arpa/IN' from
192.5.5.241#53: Transfer status: REFUSED
I cannot find any announcement that this is now disallowed, any ideas
what's changed or how I should do this?
Thanks, Mark
--
Mark Knight
Mobile: +44 7753 250584. http://www.knigma.org/
Email: ma...@knigma
In message
-oOo-
If you were to run IPv6, a number of errors would disappear, otherwise
force BIND not to do any IPv6. Adding IPv6 though would be preferable. ;-)
Don't think though that any of this is causing your problem. You could
always upgrade your version of BIND. On my Gentoo Laptop, I'm run
'configure --with-dlopen=no' and apply this patch from 9.11.1 or fix how
OpenSSL is being built.
commit de6469b663b55aacd19bdcdd925ce381f0c4b4df
Author: Mark Andrews <ma...@isc.org>
Date: Thu Oct 27 15:37:26 2016 +1100
4493. [bug] bin/tests/system/dyndb/driver/Makef
l no longer
> be branded under Chemring Technology Solutions. Email addresses of Roke
> staff have therefore been changed
> from firstname.surn...@chemringts.com to firstname.surna...@roke.co.uk â
> please use this updated format
> with immediate effect.
>
> _
t is what you are trying to do and that is how
the DNS is designed to work.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/ma
master.
>
> Thanks again,
>
> Mathew Eis
> Northern Arizona University
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mai
OpenSSL 1.1 support is in the upcoming maintenance releases which
are available on the ISC web site <https://www.isc.org/downloads/>
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@i
TL).
* Deconfigure the old servers for the zone.
This really is independent of DNSSEC. Many people don't do this
correctly. They don't ensure new and old servers serve the same
content during the change over or add the necessary wait periods.
Mark
--
Mark Andrews, ISC
1 S
d-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please v
>
> Will ED25519 and ED448 be supported by BIND anytime soon? That means
> including these algorithms in dnssec-keygen and the dnssec validator.
We will look at this when the crypto providers we use support
these curves.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 21
urn off the old servers. You will still
have zone maintanence traffic between the old servers. If the
traffic doesn't stop you will have to track down the static
configurations and update them.
Mark
> We haven't assigned IPv6 addresses yet.
>
> We'd like advice about any issues or
Different platforms have different structure contents.
lib/isc/unix/socket.c (has nevents)
lib/isc/win32/socket.c (doesn't have nevents)
Mark
In message <sg2pr06mb0457cf8de40943dc1bcde069a4...@sg2pr06mb0457.apcprd06.prod.
outlook.com>, Yao HEALTH writes:
> Hello,
>
&
zone. This changed the behaviour
of ENTs from NODATA to NXDOMAIN. Versions of named which supported
this specification of DNSSEC return NXDOMAIN rather than NODATA for
ENT.
It took a while to get the IETF working group to update to specification
to restore ENT.
--
Mark Andrews, ISC
1 Seymour
A 209.132.245.131
> ns2.site4now.net. 172800 IN A 23.89.199.119
> ns3.site4now.net. 172800 IN A 208.118.63.170
>
> ;; Query time: 5 msec
> ;; SERVER: 192.33.14.30#53(192.33.14.30)
> ;; WHEN: Mon
nd regards
>
> Abdul Khader
>
>
> --
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists
IN A 192.168.78.20
> router IN A 192.168.78.20
> server IN A 192.168.78.20
> address-bookIN A 192.168.78.20
> fortune-cookie IN A 192.168.78.20
> torrent IN A 192.168.78.20
> test
code FORMERR returned.
badversion - expected EDNS version not found.
timeout - lookup timed out.
To retrieve this report in the future:
https://ednscomp.isc.org/ednscomp/f60adf3942
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE
8-Feb-2017 15:56:27.109 client @0x7fc1c503e800 127.0.0.1#63454 (.): view
external: query: . IN SOA -E(0)DV (127.0.0.1) [ECS 127.0.0.0/8/0]
Or from a stub resolver.
08-Feb-2017 16:02:22.971 client @0x7fc1c490dc00 127.0.0.1#61028
(sprocket.isc.org): view secure: query: sprocket.isc.org IN A +
RD, signed, EDNS, TCP, DO, CD, local
address
9.11.0: client, qname, qclass, qtype, RD, signed, EDNS + version, TCP, DO, CD,
cookies, local address
9.12.0: client, qname, qclass, qtype, RD, signed, EDNS + version, TCP, DO, CD,
cookies, local address, ecs
That's basically 5 changes in 17 years.
M
In message <4b0243b1-1c89-023b-f3f3-7279216d5...@thelounge.net>, Reindl Harald
writes:
>
>
> Am 07.02.2017 um 22:11 schrieb Mark Andrews:
> > In message <3836f038-c480-9970-fd53-a5c87ad36...@thelounge.net>, Reindl Har
> ald wr
> > ites:
> >>> Bre
In message <3836f038-c480-9970-fd53-a5c87ad36...@thelounge.net>, Reindl Harald
wr
ites:
>
>
> Am 07.02.2017 um 18:13 schrieb Chuck Anderson:
> > On Tue, Feb 07, 2017 at 11:59:39AM +1100, Mark Andrews wrote:
> >> I really don't want to add new automatic work a
rvers not answering would EDNS or EDNS + DNS COOKIE would require
operator intervention.
Mark
> Daniel
>
> [1]
> https://ftp.isc.org/isc/bind9/cur/9.11/doc/arm/Bv9ARM.ch06.html#server_statement_grammar
> ___
> Please visit https://l
In message <1aeb1e7d-f2e2-dd1e-baf2-96729656f...@thelounge.net>, Reindl Harald
writes:
>
>
> Am 04.02.2017 um 22:30 schrieb Mark Andrews:
> > It has been suggested many times that there should be a record which
> > says which server(s) serve a zone for H
re not included in the initial response. It
doesn't matter to them that recursive servers could be make to
always complete the address chain in the additional section for
either of these solutions. There is nothing preventing recursive
server vendors from doing this.
Mark
> Thanks.
>
>
> On 02/0
y management in automatic mode and named needs
to periodically check if you have created new keys or changed the
timers of existing keys or removed a old key.
Mark
> --
> Best regards
>
> Sten Carlsen
>
> No improvements come from shouting:
>
>"MALE BOVINE MANU
eturning the
? All you get is a reminder to fix your network / application
/ OS if a failure takes a long time to be reported.
Mark
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
rs@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
+opcode is primarially there to be able to test servers ablilty to handle
unknown
opcodes.
There is no ability to add a RR to the request.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PH
d)
;; QUESTION SECTION:
;87.233.202.162.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
233.202.162.in-addr.arpa. 3583 IN SOA ns1.swbell.net.
postmaster.swbell.net. 2016061700 10800 900 604800 3600
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jan 21 10:3
ITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;sync-na.dyn.itg.com. IN A
>
> ;; ANSWER SECTION:
> sync-na.dyn.itg.com. 30 IN A65.172.71.41
>
> ;; Query time: 201 msec
> ;; SERVER: x.x.x.x #53 (x.x.x.x)
> ;; W
lookups.
zone "233.202.162.in-addr.arpa" {
type slave;
masters { 151.164.1.1; };
file "233.202.162.in-addr.arpa";
};
Mark
In message <20170120162146.ga14...@fantomas.sk>, Matus UHLAR - fantomas writes:
> On 20.01.17 09:57, Ron Wingfield wrote:
quot;master;" ) { print zone }' |
sed -e 's/^"//' -e 's/"$//' |
dig axfr -f - |
awk -v VSERVER=${VSERVER} '$4 == "CNAME" && $5 == VSERVER { print $1 }'
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET
stats-version":"1.2",
"boot-time":"2016-12-30T04:42:08.871Z",
"config-time":"2016-12-30T04:42:08.936Z",
"current-time":"2017-01-05T22:29:11.384Z",
"version":"9.11.0"
}
Mark
--
Mark Andrews, ISC
1
server ::/0 { bogus yes; };
Adjust for actual reachable topology.
Note the real fix for this is to get IPv6 connectivity to the
world. Trying to run with disconnected IPv6 island is only
asking for pain.
--
Mark Andrews, ISC
1 Seymour St., Dundas
ords (giving them change
control of the contents) and have you slave them on your recursive
servers possibly using TSIG to get the correct instance from them.
They can supply you with example.com with the SRV records present
or one of the above zones. You clients see will see
s get NOERROR no data.
Garbage In Garbage Out.
Planet Domain / Netregistry need to fix up this stuff up.
Mark
> On Thu, Dec 29, 2016 at 10:23 PM, MURTARI, JOHN <jm5...@att.com> wrote:
>
> > Eric,
> > Thanks for the complete example below, bu
In message
ost; };
> acl wan_queries { key WAN-key; !key LAN-key; !192.168.0.0/16;
> !10.233.0.0/24; };
Add "any;" to the end of the acl otherwise everyone gets REFUSED. The default
at the end of the acl is "!any;".
acl wan_queries { key WAN-key; !key LAN-key; !192.168.0.0/16;
an/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PH
RFC6891
Codes
ok - test passed.
subnet - EDNS Client Subnet supported [RFC7871].
nosoa - SOA record not found when expected.
echoed - EDNS option echoed back.
formerr - rcode FORMERR returned.
badversion - expected EDNS version not found.
To retrieve this report in the future:
https://ednscomp.isc.org/e
In message <24234.1481320...@vindemiatrix.encs.concordia.ca>, Anne Bennett
writes:
>
> Mark Andrews <ma...@isc.org> answers "Vladimir-M. Obelic" <vobe...@gbit6.net>:
>
> > Use 'zone "zonename" { in-view "namename"; };' and have all
amed transfer the zones between views. If
you are supposed to be authoritative for a zone then it needs to
be configured in all appropriate views. Remember to keep the file
names seperate.
Mark
In message
<ca+m0wj_oiq9rmtyb9kcg9cxdmickbow9qnehh4e1u-qm-ss...@mail.gmail.com>,
"Vladimir-
https://github.com/farsightsec/fstrm.git
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users
ilman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742
601 - 700 of 2289 matches
Mail list logo