I once wrote a perl script for nagios plugin and posted it to the list.
Just to check both master and slave's serial number to see if they are the
same to verify the zone data in every name server is correct.
#!/usr/bin/perl
use strict;
use Net::DNS;
use Getopt::Std;
my %opts;
Ben Croswell writes:
In that case technically you are creating undelegated subdomains for each
router.
The dot is a delimiter and can't be part of a hostname.
I was thinking you are wrong.
Period is somewhat permitted in a hostname.
From RFC 952
A name (Net, Host, Gateway, or
given the domain name of 126.com, and given an A RR in its zone is:
s1.s2.s3 IN A 11.22.33.44
OK when a dns cache query for s1.s2.s3.126.com the first time, it will
follow the logic:
#1, s1.s2.s3.126.com has NS RR in cache? (no)
#2, s2.s3.126.com has NS RR in cache? (no)
#3,
Hi list,
I can't setup a ptr RR for my mailserver's IP.
Here the main ISPs who are owned by this garbage state take expensive price
for setup a reverse record for a public IP. It's about 30 USD each month
for each IP.
But some MTAs does require the peer deliveragent has a PTR RR,like AOL's
listman,
why this user has been always staying here for sending spams?
Regards.
Juan O writes:
Heya,how are you doing recently ? I would like to introduce you a very good
company which i knew.Their website is [www.bestseller-offer.com] .
___
From RFC 1123
One aspect of host name syntax is hereby changed: the
restriction on the first character is relaxed to allow either a
letter or a digit. Host software MUST support this more liberal
syntax.
p...@mail.nsbeta.info writes:
Joseph S D Yao writes:
Joseph S D Yao writes:
Just because we don't need to, doesn't mean that it's a good practtice
not to. And it's so easy to create one on a system where DNS is already
set up.
dig ns . root.hints
I disagree with this.
Few files mean few risk for admin.
How about the case when someone
Barry Margolin writes:
In article mailman.1559.1296265826.555.bind-us...@lists.isc.org,
p...@mail.nsbeta.info wrote:
I googled and found this:
It's on the Internet, so it must be true. :)
* A domain name can be up to 63 characters long plus a dot plus the
characters used to
The book Pro DNS and BIND says:
If the caching server obtains its data directly from an authoritative DNS,
then it too will respond as authoritative. Ohterwise, if the data is
supplied from its cache, the response is nonauthoritative.
So this means even for a cache only server it can answer
At what time the slave executes AXFR and at what time it executes IXFR from
the master?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Chris Thompson writes:
The relevant CHANGES file entry for BIND 9 would seem to be
701. [func] Root hints are now fully optional. Class IN
views use compiled-in hints by default, as
before. Non-IN views with no root hints now
provide
When talk to others, I never describe it clearly for naming bind.
is it bind or Bind or BIND? is bind an abbreviation word?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Mark Andrews writes:
In message 20110127020201.861a52d...@mail.nsbeta.info, p...@mail.nsbeta.info
writes:
When talk to others, I never describe it clearly for naming bind.
is it bind or Bind or BIND? is bind an abbreviation word?
BIND stands for Berkley Internet Name Domain.
The keyname and keyvalue in named.conf, rndc.key and rndc.conf have to be
the same. For me I don't have the rndc.key file,but have the left two.
Surely the keyname/keyvalue in these files should be the same.
Regards.
donovan jeffrey j writes:
Greetings
it has been a while since I have
R Juneja writes:
Hi ,
Please remove my mail ID from the list.
Unsubscribe yourself from here:
https://lists.isc.org/mailman/listinfo/bind-users
___
bind-users mailing list
bind-users@lists.isc.org
Gary Wallis writes:
Do not confuse your forwarding with HTTP rewriting.
One is just about DNS records (CNAME, A or otherwise.) The other happens
on the server side (see Apache rewrite engine docs.)
This is nothing about rewrite, but webserver's virtual host stuff.
Regards.
Casey Deccio writes:
On Sun, Jan 23, 2011 at 10:30 PM, p...@mail.nsbeta.info wrote:
Is there a document for dns bind best practices?
I googled but found nothing valueable.
NIST SP 800-81 Rev. 1:
http://csrc.nist.gov/publications/nistpubs/800-81r1/sp-800-81r1.pdf
Thanks. looks
I'm reading the document Secure DNS Deployment Guide got from the URL a
poster gave in the list.
The document said:
When a user types the URL www.example.com into a Web browser, the browser
program contacts a type of resolver called a stub resolver that then
contacts a local name server
Hello,
From what version of bind we won't include the root hints file in
named.conf? Since the bind server has been including it inherently.
Thanks in advance.
Regards.
___
bind-users mailing list
bind-users@lists.isc.org
Hello,
Given I have 3 views, va,vb and vc, vc is the default (matches any client).
There are three records in va and vc:
s1.example.com. IN A 11.22.33.44
s2.example.com. IN A 22.33.44.55
s3.example.com. IN A 33.44.55.66
But there is a record lost in vb, say it's s2.example.com.
Is there a document for dns bind best practices?
I googled but found nothing valueable.
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Dave Knight writes:
I guess the tool just always assumes that there's probably a www worthy asking about
But how does the site know I have a sub domain test.nsbeta.info and its
name servers? I didn't think that I have got this sub domain be public.
Regards.
Sue Graves writes:
New Features
9.8.0
* BIND now supports a new zone type, static-stub. This allows the
administrator of a recursive nameserver to force queries for a
particular zone to go to IP addresses of the administrator's choosing,
on a per zone basis, both globally or per view. I.e.
Hello,
My named.conf looks as:
--
view view_a {
match-clients {
IP_ADDR_A;
};
zone test.com {
type master;
file test.com.a.db;
};
};
view view_b {
match-clients {
IP_ADDR_B;
};
# doesn't have test.com zone
Mark Andrews writes:
In message 20110121024745.bcd2e2c...@mail.nsbeta.info, p...@mail.nsbeta.info w
rites:
Hello,
My named.conf looks as:
--
view view_a {
match-clients {
IP_ADDR_A;
};
zone test.com {
type master;
file
I'm jsut curious, how does who.is know the dns records in my domain
(nsbeta.info)?
The page shows some of my RRs exactly:
http://who.is/dns/nsbeta.info/
Regards.
___
bind-users mailing list
bind-users@lists.isc.org
I saw lots of this info in bind's log:
Jan 20 05:25:43 ns2 named[6538]: client 69.10.140.146#33135: query (cache)
's2.xxrz.game.yy.com.cdn20.com/A/IN' denied
Jan 20 05:26:47 ns2 named[6538]: client 200.31.4.71#41137: query (cache)
's3.xxrz.game.yy.com.cdn20.com/A/IN' denied
I'm using
Hello gurus,
my rndc related commands in bind master with multi-views run fail,but in
slave it's running correctly.
# rndc status
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not
And, the named version is:
# named -v
BIND 9.6.1-P2
I'm pretty sure the secret in both named.conf and rndc.conf are the same.
Thanks.
p...@mail.nsbeta.info writes:
Hello gurus,
my rndc related commands in bind master with multi-views run fail,but in
slave it's running
RNDC is only allowed from localhost, so the only place these would work
would be from a command shell on the server that is the master. You did
not specify where you were running rndc.
I run it on master.
Here is the -V output:
# rndc -V status
create memory context
create socket
These triggered the release of 9.7.2-P1
when we were rejecting these after tightening the response processing
to treat glue to answer responses as referrals to address the issue
of named return glue records from the parent zones rather than the
actual answers in the child zones.
Sorry I'm not
I wrote a nagios plugin for monitoring the status of master/slave DNS.
Just to check if their serial number is the same. The script shows
below,thanks for all your directions.
#!/usr/bin/perl
use strict;
use Net::DNS;
use Getopt::Std;
my %opts;
getopts('hm:s:z:', \%opts);
if ($opts{'h'}) {
p...@mail.nsbeta.info writes:
I wrote a nagios plugin for monitoring the status of master/slave DNS.
Just to check if their serial number is the same. The script shows
below,thanks for all your directions.
#!/usr/bin/perl
use strict;
use Net::DNS;
use Getopt::Std;
my %opts;
Hello,
I just want to write a script for checking master and slave to make sure
they have been always syncing the data correctly. What's the idea for doing
it?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
Niall O'Reilly writes:
If your zones are properly delegated, and your servers accessible
from the public Internet, then the web-based remote-checking tools
available at www.zonecheck.fr or dnscheck.iis.se are excellent.
Either of these will give you some ideas
Hello,
I'm not sure about, is it true that only the response which has included
the aa in flags can be cached by client DNS Cache?
For example, for my domain, there are two queries below, the result for the
first query won't be cached, but the second will be cached, am I right?
$ dig
Sunil Shetye writes:
Quoting from p...@mail.nsbeta.info's mail on Thu, Dec 30, 2010:
What's the difference between these two flags in the response of
dig?
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
ra : recursion available
The nameserver is ready to ask other
Sunil Shetye writes:
Case 2: Lame Server Reply
===
$ dig +norecurse @a.iana-servers.net. example.org.
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;example.org. IN A
;; ANSWER
What's the difference between these two flags in the response of dig?
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
---
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
Thanks in advance.
Sunil Shetye writes:
Quoting from David Sparro's mail on
39 matches
Mail list logo
