fddi writes:
Hello,
I would like to configure a multi-master configuration wirh 2 hosts and I
have been thinking to mysql as a backend.
Is there any official or semi-official support in bind for using mysql as
backend ?
Any kind of documentation on this ?
Try google with "bind dlz".
enabl
I once wrote a perl script for nagios plugin and posted it to the list.
Just to check both master and slave's serial number to see if they are the
same to verify the zone data in every name server is correct.
#!/usr/bin/perl
use strict;
use Net::DNS;
use Getopt::Std;
my %opts;
getopts('hm:s
Hi list,
I can't setup a ptr RR for my mailserver's IP.
Here the main ISPs who are owned by this garbage state take expensive price
for setup a reverse record for a public IP. It's about 30 USD each month
for each IP.
But some MTAs does require the peer deliveragent has a PTR RR,like AOL's
em
given the domain name of "126.com", and given an A RR in its zone is:
s1.s2.s3 IN A 11.22.33.44
OK when a dns cache query for s1.s2.s3.126.com the first time, it will
follow the logic:
#1, s1.s2.s3.126.com has NS RR in cache? (no)
#2, s2.s3.126.com has NS RR in cache? (no)
#3, s3.126.c
Ben Croswell writes:
In that case technically you are creating undelegated subdomains for each
router.
The dot is a delimiter and can't be part of a hostname.
I was thinking you are wrong.
Period is somewhat permitted in a hostname.
From RFC 952
A "name" (Net, Host, Gateway, or Do
From RFC 1123
One aspect of host name syntax is hereby changed: the
restriction on the first character is relaxed to allow either a
letter or a digit. Host software MUST support this more liberal
syntax.
p...@mail.nsbeta.info writes:
Joseph S D Yao writes:
listman,
why this user has been always staying here for sending spams?
Regards.
Juan O writes:
Heya,how are you doing recently ? I would like to introduce you a very good
company which i knew.Their website is [www.bestseller-offer.com] .
___
Joseph S D Yao writes:
The labels must follow the rules for ARPANET host names. They must
start with a letter, end with a letter or digit, and have as interior
characters only letters, digits, and hyphen. There are also some
restrictions on the length. Labels must be 63 characters or less.
Mark Andrews writes:
Remember domain names are not the same things as hostnames. Hostnames
are limited to letter digit hyphen (LDH). Other domain names are not
limited and things last SRV records deliberately use labels that are
not legal in hostnames to prevent collisions of the two namespace
The book "Pro DNS and BIND" says:
If the caching server obtains its data directly from an authoritative DNS,
then it too will respond as authoritative. Ohterwise, if the data is
supplied from its cache, the response is nonauthoritative.
So this means even for a cache only server it can answer
Barry Margolin writes:
In article ,
p...@mail.nsbeta.info wrote:
I googled and found this:
It's on the Internet, so it must be true. :)
* A domain name can be up to 63 characters long plus a dot plus the
characters used to identify the top-level domain (i.e "com", "info", "biz",
I googled and found this:
* A domain name can be up to 63 characters long plus a dot plus the
characters used to identify the top-level domain (i.e "com", "info", "biz",
etc.
* Valid characters in a domain name include letters, numbers and
hyphens "-". The domain name must start and end
Joseph S D Yao writes:
Just because we don't need to, doesn't mean that it's a good practtice
not to. And it's so easy to create one on a system where DNS is already
set up.
dig ns . > root.hints
I disagree with this.
Few files mean few risk for admin.
How about the case when someone
Mark Andrews writes:
The master will return a AXFR style IXFR whenever it doesn't have the requested
axfr stream.
Do you mean whenever it doesn't have the requested IXFR stream?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https:/
At what time the slave executes AXFR and at what time it executes IXFR from
the master?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
R Juneja writes:
Hi ,
Please remove my mail ID from the list.
Unsubscribe yourself from here:
https://lists.isc.org/mailman/listinfo/bind-users
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-use
The keyname and keyvalue in named.conf, rndc.key and rndc.conf have to be
the same. For me I don't have the rndc.key file,but have the left two.
Surely the keyname/keyvalue in these files should be the same.
Regards.
donovan jeffrey j writes:
Greetings
it has been a while since I have wor
Mark Andrews writes:
In message <20110127020201.861a52d...@mail.nsbeta.info>, p...@mail.nsbeta.info
writes:
When talk to others, I never describe it clearly for naming bind.
is it "bind" or "Bind" or "BIND"? is bind an abbreviation word?
BIND stands for Berkley Internet Name Domai
When talk to others, I never describe it clearly for naming bind.
is it "bind" or "Bind" or "BIND"? is bind an abbreviation word?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Chris Thompson writes:
The relevant CHANGES file entry for BIND 9 would seem to be
701. [func] Root hints are now fully optional. Class IN
views use compiled-in hints by default, as
before. Non-IN views with no root hints now
provide authoritative
Hello,
From what version of bind we won't include the root hints file in
named.conf? Since the bind server has been including it inherently.
Thanks in advance.
Regards.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/m
I'm reading the document "Secure DNS Deployment Guide" got from the URL a
poster gave in the list.
The document said:
When a user types the URL www.example.com into a Web browser, the browser
program contacts a type of resolver called a stub resolver that then
contacts a local name server
Casey Deccio writes:
On Sun, Jan 23, 2011 at 10:30 PM, wrote:
Is there a document for dns & bind best practices?
I googled but found nothing valueable.
NIST SP 800-81 Rev. 1:
http://csrc.nist.gov/publications/nistpubs/800-81r1/sp-800-81r1.pdf
Thanks. looks great, will learn from it.
Gary Wallis writes:
Do not confuse your "forwarding" with HTTP rewriting.
One is just about DNS records (CNAME, A or otherwise.) The other happens
on the server side (see Apache rewrite engine docs.)
This is nothing about rewrite, but webserver's virtual host stuff.
Regards.
___
Hello,
Given I have 3 views, va,vb and vc, vc is the default (matches any client).
There are three records in va and vc:
s1.example.com. IN A 11.22.33.44
s2.example.com. IN A 22.33.44.55
s3.example.com. IN A 33.44.55.66
But there is a record lost in vb, say it's s2.example.com.
I
Is there a document for dns & bind best practices?
I googled but found nothing valueable.
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Sue Graves writes:
New Features
9.8.0
* BIND now supports a new zone type, static-stub. This allows the
administrator of a recursive nameserver to force queries for a
particular zone to go to IP addresses of the administrator's choosing,
on a per zone basis, both globally or per view. I.e. i
Dave Knight writes:
I guess the tool just always assumes that there's probably a www worthy asking about
But how does the site know I have a sub domain test.nsbeta.info and its
name servers? I didn't think that I have got this sub domain be public.
Regards.
___
I'm jsut curious, how does "who.is" know the dns records in my domain
(nsbeta.info)?
The page shows some of my RRs exactly:
http://who.is/dns/nsbeta.info/
Regards.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailma
Mark Andrews writes:
In message <20110121030937.da19e2c...@mail.nsbeta.info>, p...@mail.nsbeta.info w
rites:
In fact I want to the clients that match view_b to fall into the default
view, say it's view_c.
You need view_b to have a copy of view_c's zone. See the archives for
how to do th
Mark Andrews writes:
In message <20110121024745.bcd2e2c...@mail.nsbeta.info>, p...@mail.nsbeta.info w
rites:
Hello,
My named.conf looks as:
--
view "view_a" {
match-clients {
IP_ADDR_A;
};
zone "test.com" {
type master;
Hello,
My named.conf looks as:
--
view "view_a" {
match-clients {
IP_ADDR_A;
};
zone "test.com" {
type master;
file "test.com.a.db";
};
};
view "view_b" {
match-clients {
IP_ADDR_B;
};
# doesn't have test.com z
I saw lots of this info in bind's log:
Jan 20 05:25:43 ns2 named[6538]: client 69.10.140.146#33135: query (cache)
's2.xxrz.game.yy.com.cdn20.com/A/IN' denied
Jan 20 05:26:47 ns2 named[6538]: client 200.31.4.71#41137: query (cache)
's3.xxrz.game.yy.com.cdn20.com/A/IN' denied
I'm using bind-
My zone is game.yy.com, and there are so many "auth queries rejected" in
named.stats which was generated by "rndc stats". Could you show me some way
to debug it? Thanks.
[game.yy.com]
671834 auth queries rejected
3003 recursive queries rejected
685192 q
You haven't provided enough information for us to know. Have you
bothered checking logs?
Nothing special in logs from what I checked.
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-user
Hi,
I saw this piece from named.stats:
[XXX.com]
812922 auth queries rejected
116 recursive queries rejected
4 transfer requests rejected
80 update requests rejected
922732 queries resulted in successful answer
Hi,
How to query for a A or CNAME record with TSIG key?
I want to test the different rrdate for a domain name in different views.
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
I don't know what's the problem.
Just copied the config files to another host and run bind master on it,
everything works fine, including the zone transfer for multi-views.
Thanks.
p...@mail.nsbeta.info writes:
And, the named version is:
# named -v
BIND 9.6.1-P2
I'm pretty sure t
ju wusuo writes:
run queryperf on the same server and got a not bad number at around 60,000 qps,
however, the cpu and memory are far from used up, what else could be the
limiting factors for getting higher qps numbers?
rebuild bind and enable the threads?
__
RNDC is only allowed from localhost, so the only place these would work
would be from a command shell on the server that is the master. You did
not specify where you were running rndc.
Hello,
I'm running it in master.
Here is the -V output:
# rndc -V status
create memory context
create
RNDC is only allowed from localhost, so the only place these would work
would be from a command shell on the server that is the master. You did
not specify where you were running rndc.
I run it on master.
Here is the -V output:
# rndc -V status
create memory context
create socket manage
And, the named version is:
# named -v
BIND 9.6.1-P2
I'm pretty sure the secret in both named.conf and rndc.conf are the same.
Thanks.
p...@mail.nsbeta.info writes:
Hello gurus,
my rndc related commands in bind master with multi-views run fail,but in
slave it's running correctly.
Hello gurus,
my rndc related commands in bind master with multi-views run fail,but in
slave it's running correctly.
# rndc status
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorize
Hello,
My bind servers are hosting with many zones, and many views.
Due to the complication, I won't run the master/slave with TSIG keys for
replication.
I want to run nsupdate to all servers separately for the records update.
Is this a good idea? Thanks
Regards.
_
These triggered the release of 9.7.2-P1
when we were rejecting these after tightening the response processing
to treat glue to answer responses as referrals to address the issue
of named return glue records from the parent zones rather than the
actual answers in the child zones.
Sorry I'm not
p...@mail.nsbeta.info writes:
I wrote a nagios plugin for monitoring the status of master/slave DNS.
Just to check if their serial number is the same. The script shows
below,thanks for all your directions.
#!/usr/bin/perl
use strict;
use Net::DNS;
use Getopt::Std;
my %opts;
getopts('hm:
I wrote a nagios plugin for monitoring the status of master/slave DNS.
Just to check if their serial number is the same. The script shows
below,thanks for all your directions.
#!/usr/bin/perl
use strict;
use Net::DNS;
use Getopt::Std;
my %opts;
getopts('hm:s:z:', \%opts);
if ($opts{'h'}) {
Niall O'Reilly writes:
If your zones are properly delegated, and your servers accessible
from the public Internet, then the web-based remote-checking tools
available at www.zonecheck.fr or dnscheck.iis.se are excellent.
Either of these will give you some ideas a
Hello,
I just want to write a script for checking master and slave to make sure
they have been always syncing the data correctly. What's the idea for doing
it?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mai
Phil Mayers writes:
Delegation nameservers above differ from nameservers in-zone below
147.95.81.in-addr.arpa. 86400 IN NS ns2.callingcloud.net.
147.95.81.in-addr.arpa. 86400 IN NS ns1.callingcloud.net.
;; Received 96 bytes from 207.218.247.135#53(ns1.theplanet.com)
Hello,
I'm not sure about, is it true that only the response which has included
the "aa" in flags can be cached by client DNS Cache?
For example, for my domain, there are two queries below, the result for the
first query won't be cached, but the second will be cached, am I right?
$ dig mail
Hello,
When adding a statement of something like:
allow-update { 127.0.0.1; };
to the zone configuration, this zone will become a dynamic zone, is it?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/li
Alan Clegg writes:
If it were me and I had no other choice than to use views, I'd get into
the system and re-wire everything using BIND 9.7.2 and write a set of
scripts that used "rndc addzone" and "rndc delzone" to control the
master and all of the slaves, configure TSIG keys to manage zone
Two bind servers, one master, one slave.
There are three views at each.
The config is shown below.
But why the first two veiws can get transfered, the third can't be transfer?
Thanks in advance.
-
master:
options {
directory "/usr/local/named/var/named";
};
Not a how-to, but it is covered in the BIND FAQ on the ISC website..
http://www.isc.org/software/bind/faq
Then look at the entry for:
My slave server for both an internal and an external view has both
views transferred from the same master view - how to resolve?
Thanks.
If I
Alan Clegg writes:
Done carefully (which will be the case in all circumstances), doing zone
transfers within views of many zones is no more "likely to get broken"
than doing it with external mechanisms.
So going with bind's zone-transfer is there a howto document for this
purpose?
Thank
Jack Tavares writes:
If you wished to sync zone files in this manner, with dynamic zones, you would
need
to freeze the zones on the sending side, which forces a write of the data that is in the journal file to the zone file,
freeze the zones on the receiving side
then copy the files over
Ben Croswell writes:
It seems like you
are making the process more complex, instead of just letting BIND do it's
job.
No. because I have many zones, and each zone has some views.
So the standard zone-transfer will most likely get broken due to the
complexity.
Thanks.
__
Torinthiel writes:
If you know which zone has changed, than you can do "rndc reload zonename".
If you don't, than "rndc reload" reloads all zones.
You could also try "rndc reconfig", but I think it will only load new zonesm
the ones just added in configuration, not never wersions of old zone
Anand Buddhdev writes:
On 31/12/2010 05:33, p...@mail.nsbeta.info wrote:
Hi,
Is it a right way to run rsync for bind's zone files replication?
If we have dozons of zones, each zone has more than one view, under this
case setup the master/slave with standard zone-traff is the hard way IMO.
Than
Hi,
Is it a right way to run rsync for bind's zone files replication?
If we have dozons of zones, each zone has more than one view, under this
case setup the master/slave with standard zone-traff is the hard way IMO.
Thanks.
___
bind-users mailing
Because the 2nd response also included Authority Section, the additional
data are the addresses of the authoritative servers.
Thanks.
But why the second has an "AUTHORITY SECTION" included? but the first
doesn't?
Regards.
___
bind-users maili
Because it's contrary to itself.
You've specified norecurse, which means that if nameserver believes it has
authorative data it should return it, if it doesn't it should return a
referral (and no answer beside it).
But the server returns answer (which means it believes it has authorative
da
$ dig www.cnn.com @202.96.128.166
; <<>> DiG 9.4.2-P2 <<>> www.cnn.com @202.96.128.166
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65353
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.cnn.com.
Sunil Shetye writes:
Case 2: Lame Server Reply
===
$ dig +norecurse @a.iana-servers.net. example.org.
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;example.org. IN A
;; ANSWER SE
Sunil Shetye writes:
Quoting from p...@mail.nsbeta.info's mail on Thu, Dec 30, 2010:
What's the difference between these two flags in the response of
dig?
< ;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
ra : recursion available
The nameserver is ready to ask other n
What's the difference between these two flags in the response of dig?
< ;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
---
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
Thanks in advance.
Sunil Shetye writes:
Quoting from David Sparro's mail on T
Hello,
May I ask this question to the list?
Currently one of our domains has been getting more than 100 million DNS
query traffic each day. The domain is hosting on the registration
provider. If we run the DNS by ourselves with Bind, can two Bind hosts
handle this size of query traffic? Wh
68 matches
Mail list logo