Ray Bellis wrote:
>
> The main thing you may wish to consider is whether you ever wish to
> DNSSEC sign your reverse zones.
>
> If you do, the zone cut on the parent name servers (which is where the
> DS records would be) must match the zone cut on your own servers, which
> would contain the DNSKE
On 30/11/2017 22:13, Reineman, Rick wrote:
> The subject is a little off, I have a Class B network masked down to
> a bunch of Class C networks.
>
> I am replacing an old DNS service where they configured it as one
> might expect with one reverse mapping file per network. So we
The subject is a little off, I have a Class B network masked down to a bunch of
Class C networks.
I am replacing an old DNS service where they configured it as one might expect
with one reverse mapping file per network. So we have many of these files.
I don't see any reason why I can
N A 192.58.128.30
> k.root-servers.net. 518400 IN A 193.0.14.129
> l.root-servers.net. 518400 IN A 199.7.83.42
> m.root-servers.net. 518400 IN A 202.12.27.33
> a.root-servers.net. 518400 IN 2001:503:ba3e::2:30
>
30
b.root-servers.net. 518400 IN 2001:500:200::b
c.root-servers.net. 518400 IN 2001:500:2::c
d.root-servers.net. 518400 IN 2001:500:2d::d
e.root-servers.net. 518400 IN 2001:500:a8::e
f.root-servers.net. 518400 IN
e, the convention is that
the old address is kept in service for some time after the change, so
there's plenty of time for clients to catch up with no impact. For B
root, the plan is at least 6 months.
(https://b.root-servers.org/news/2017/06/01/new-ipv6.html)
There does seem to be an issue
-SERVERS.NET.
B.ROOT-SERVERS.NET. 360 A 192.228.79.201
B.ROOT-SERVERS.NET. 360 2001:500:200::b
I wouldn’t expect a problem with my hints file.
Thanks,
Stefan
> On 10 Sep 2017, at 00:30, Mark Andrews wrote:
>
>
> I suspect that you are forwarding your
On Sun, 10 Sep 2017, Mark Andrews wrote:
I suspect that you are forwarding your queries and that your forwarder is
returning out-of-date addresses.
No forwarding here.
Jay Ford, Network Engineering Group, Information Te
t; From: bind-users on behalf of Suzanne Wo=
> olf
> Sent: Saturday, September 9, 2017 8:11 PM
> To: Stefan Sticht
> Cc: bind-users@lists.isc.org
> Subject: Re: checkhints: view =93internal=94: b.root-servers.net/ (2001=
> :500:200::b) extra record in hints
>
>
> On
re is right address.
From: bind-users on behalf of Suzanne Woolf
Sent: Saturday, September 9, 2017 8:11 PM
To: Stefan Sticht
Cc: bind-users@lists.isc.org
Subject: Re: checkhints: view “internal”: b.root-servers.net/
(2001:500:200::b) extra record in hints
> On Sep 9, 2017, at 12:43 PM, Stefan Sticht wrote:
>
> Hi,
>
> since a couple of weeks i repeatedly see this in all my nameserver logs:
>
> Sep 8 12:12:56 ns-01 named[17926]: checkhints: view “internal”:
> b.root-servers.net/ (2001:500:200::b) extra record in hi
On Sat, 9 Sep 2017, Stefan Sticht wrote:
since a couple of weeks i repeatedly see this in all my nameserver logs:
Sep 8 12:12:56 ns-01 named[17926]: checkhints: view “internal”:
b.root-servers.net/ (2001:500:200::b) extra record in hints
Sep 8 12:13:03 ns-01 named[17926]: checkhints
rk Architect and Admin / Engineer
ITC Senior Specialist
From: bind-users on behalf of Stefan Sticht
Sent: Saturday, September 9, 2017 6:43 PM
To: bind-users@lists.isc.org
Subject: checkhints: view “internal”: b.root-servers.net/ (2001:500:200::b)
extra record
Hi,
since a couple of weeks i repeatedly see this in all my nameserver logs:
Sep 8 12:12:56 ns-01 named[17926]: checkhints: view “internal”:
b.root-servers.net/ (2001:500:200::b) extra record in hints
Sep 8 12:13:03 ns-01 named[17926]: checkhints: view “internal”:
b.root-servers.net
If someone would kindly explain what this error message means, I would
appreciate it. I'm running BIND 9.6.2-P1 and I get quite a few of these:
28-Mar-2010 21:02:27.467 dnssec: warning: client 200.160.7.134#6363: view
external: expected covering NSEC3, got an exact match
Thank you,
Nate Itkin
> did file timestamp change after the change?
yes they where also changed.
I figured out my problem. i had another config line in my zone config
that was wrong. my college was something testing too... :)
allow-update { key DHCP_UPDATER; };
thx for your help.
kind regards,
Stefan
__
> > yes, it's possible. However that would be a HUGE zone and if you made any
> > mistake, the whole zone would not be accepted and updated. Those are reasons
> > you better should split it into /24 alias C-class zones.
>
> ok. the zones are generated from a script so it should be OK.
>
> > "rndc
> yes, it's possible. However that would be a HUGE zone and if you made any
> mistake, the whole zone would not be accepted and updated. Those are reasons
> you better should split it into /24 alias C-class zones.
ok. the zones are generated from a script so it should be OK.
> "rndc reload 64.10.
On 17.09.09 14:20, stefan novak wrote:
> is it possible to make a Class B net with one zone file?
> I've configured it like this.
[...]
> zone "64.10.in-addr.arpa" {
[...]
> 1.1 IN PTR dialin00bru1..at.
> 1.2 IN PTR dialin00bru2..at.
> 2.1
Hello,
is it possible to make a Class B net with one zone file?
I've configured it like this.
// reverse domains for cable modems
zone "64.10.in-addr.arpa" {
type master;
file "10.64.rev";
};
; Reverse Domain 10.64
@IN SOA ns01.xx
Vincent Rivellino wrote:
> Shouldn't using dig fail from the slave?
>
> For example:
>
> [...@stuey ~]$ dig -t AXFR domain.tld @ns1.someserver
>
> ; <<>> DiG 9.5.1-P1 <<>> -t AXFR domain.tld @ns1.someserver
> ;; global options: printcmd
> ; Transfer failed.
It all depends on what you do with t
Shouldn't using dig fail from the slave?
For example:
[...@stuey ~]$ dig -t AXFR domain.tld @ns1.someserver
; <<>> DiG 9.5.1-P1 <<>> -t AXFR domain.tld @ns1.someserver
;; global options: printcmd
; Transfer failed.
On Thu, January 22, 2009 08:58, Mark A. Moore wrote:
> I have setup and conf
Mark A. Moore wrote:
> I have setup and configured TSIG on our Bind 9. DNS servers. How can you
> verify/test that it is working correctly?
Check your logging:
xfer.log:20-Jan-2009 20:06:24.677 xfer-out: info: client
149.20.XX.XX#60073: transfer of '154.XX.XX.in-addr.arpa/IN': AXFR-style
IXFR sta
I have setup and configured TSIG on our Bind 9. DNS servers. How can you
verify/test that it is working correctly?
Thanks in advance for any assistance provided.
Mark
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman
24 matches
Mail list logo