d trusted hosts
> > to do things as follows:
> >
> > allow-recursion { trustedhosts; };
> > allow-transfer { trustedhosts; };
> >
> > 'trustedhosts' includes a number of public facing IPs as well as the
> > 192.168.0/24 CIDR
On 4/17/20 7:26 AM, Bob Harold wrote:
>
> On Thu, Apr 16, 2020 at 7:17 PM Tim Daneliuk <mailto:tun...@tundraware.com>> wrote:
>
> We have split horizon setup and enable our internal and trusted hosts
> to do things as follows:
>
>
On Thu, Apr 16, 2020 at 7:17 PM Tim Daneliuk wrote:
> We have split horizon setup and enable our internal and trusted hosts
> to do things as follows:
>
> allow-recursion { trustedhosts; };
> allow-transfer { trustedhosts; };
>
> 'trustedhosts' includes a number
We have split horizon setup and enable our internal and trusted hosts
to do things as follows:
allow-recursion { trustedhosts; };
allow-transfer { trustedhosts; };
'trustedhosts' includes a number of public facing IPs as well as the
192.168.0/24 CIDR block. It also includes the IPs
tion says “configure a forward zone” it is almost always wrong.
>>>
>>> Do the similar for the top of all other private namespaces you are using.
>>>
>>> Mark
>>>
>>>>> On 4 Apr 2020, at 03:06, bind-li...@iano.org wrote:
>&
inbound endpoints. Because they are
>> delegations, the domain controllers set the recursion desired flag to 0 on
>> the queries they send to the endpoints, and we are not getting replies from
>> the endpoints.
>>
>> As a workaround we tried delegating to our linux
rvers are reachable at the IP level.
>> If the solution says “configure a forward zone” it is almost always wrong.
>>
>> Do the similar for the top of all other private namespaces you are using.
>>
>> Mark
>>
>>>> On 4 Apr 2020, at 03:06
ays wrong.
>
> Do the similar for the top of all other private namespaces you are using.
>
> Mark
>
>> On 4 Apr 2020, at 03:06, bind-li...@iano.org wrote:
>>
>> Hi,
>>
>> In summary, my question is whether there is a way to configure a bind
&g
:06, bind-li...@iano.org wrote:
>
> Hi,
>
> In summary, my question is whether there is a way to configure a bind caching
> server to provide recursion in response to iterative queries for records in a
> forward type zone.
>
> The background is that we have:
&
delegations, the domain controllers set the recursion desired flag to 0 on
> the queries they send to the endpoints, and we are not getting replies from
> the endpoints.
>
> As a workaround we tried delegating to our linux bind caching resolvers but
> we ran into the same issue, that
> Because the AD domain controllers already own 10.in-addr.arpa, they
> refuse to allow us to configure conditional forwarding for its
> subdomains. So we delegated the subdomains to the inbound endpoints.
> Because they are delegations, the domain controllers set the recursion
> de
Hi,
In summary, my question is whether there is a way to configure a bind caching
server to provide recursion in response to iterative queries for records in a
forward type zone.
The background is that we have:
- AD domain controllers that are authoritative for all of 10.in-addr.arpa. in
our
Erich Eckner wrote:
>
> I am running a recursive resolver for my local network and was wondering
> whether it is possible (and if so: how) to make it resolve via DNS-over-TLS if
> that's available on the authoritative name servers.
BIND doesn't have any TLS support, and (as you said) it really
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
I am running a recursive resolver for my local network and was wondering
whether it is possible (and if so: how) to make it resolve via
DNS-over-TLS if that's available on the authoritative name servers.
Setting up stunnel like for stub
m> wrote:
> >
> > Hello ALL,
> > I set up a recursion DNS in our college. It works well in ipv4
> > request,but can not resolve ipv6 request. The named.conf file is as follows:
> >
> > acl "trusted"{202.115.253.0/24;202.112.16.0/24;202.112.14.0
nvironment not the server.
> On 19 Mar 2019, at 2:33 pm, celia <66183...@qq.com> wrote:
>
> Hello ALL,
> I set up a recursion DNS in our college. It works well in ipv4
> request,but can not resolve ipv6 request. The named.conf file is as follows:
>
> acl &q
Hello ALL,
I set up a recursion DNS in our college. It works well in ipv4
request,but can not resolve ipv6 request. The named.conf file is as follows:
acl "trusted"{202.115.253.0/24;202.112.16.0/24;202.112.14.0/23;};
acl "ipv6" {2001:da8:6000::/48;};
options{
derstand correctly that you are tweaking dhclient to use your
server before other DNS servers?
[ command 'nslookup 101com.com' ]-------
;; Got recursion not availlable from 7847104.44, trying next server
Server: 192.168.43.1
Address:192.168.43.1#53
Non-
--
Since is my own server, I have it prepend in my dhclient.conf of
my Laptop but if I now querry
[ command 'nslookup 101com.com' ]-------
;; Got recursion not availlable from 7847104.44, trying next server
Server: 192.168.43.1
Address:
In article <mailman.717.1507311295.702.bind-us...@lists.isc.org>,
"Darcy Kevin (FCA)" <kevin.da...@fcagroup.com> wrote:
> It should be noted that answering from cache, e.g. when a server gets an RD=0
> query, or if it doesn't happen to honor recursio
d so forth. RFC 1034, Section 5.3.1,
describes stub resolvers, and RFC 1123, Section 6.1.3.1, briefly describes the
difference between stub resolvers and full-service resolvers.
If a stub resolver gets a referral, because of a misconfiguration, policy-based
denial of recursion by
In article <mailman.714.1507277541.702.bind-us...@lists.isc.org>,
Harshith Mulky <harshith.mu...@outlook.com> wrote:
> What I am not able to understand is, What would happen when resolver does not
> set Recursion Desired bit in the query it sends?
If RD is not set, the se
On Fri, Oct 06, 2017 at 08:11:56AM +, Harshith Mulky wrote:
> What I am not able to understand is, What would happen when resolver
> does not set Recursion Desired bit in the query it sends?
>
> If Recursion is supported on the server, Would the server do the
> Referral Queries
Hello Experts,
I read this from RFC1035 about RD and RA Bits
RD Recursion Desired - this bit may be set in a query and is copied into the
response if recursion supported by this Name Server. If Recursion is rejected
by this Name Server, for example it has been configured as Authoritative
Hi there,
On Sat, 19 Nov 2016, Job wrote:
on Bind 9.10 (latest version of this stable branch), i notice in
some cases a relevant slowdown when resolving (for the first time)
hostname, when named is launched with both ipv4 and ipv6. It use
recursion to fetch for the first time the information
Hello,
on Bind 9.10 (latest version of this stable branch), i notice in some cases a
relevant slowdown when resolving (for the first time) hostname, when named is
launched with both ipv4 and ipv6.
It use recursion to fetch for the first time the information and i have, often,
about 2000/3000ms
of max-recursion-queries 50; )
I haven't personally seen any real world queries go more than 4
levels deep, but I wouldn't be surprised if there are a were domains
out there that do. 7 seemed like a safe upper limit.
Didn't someone post a problem they were having a few days ago because
On Wed, Dec 17, 2014 at 03:32:30AM -0500, Barry Margolin wrote:
Didn't someone post a problem they were having a few days ago because of
a chain of Akamai CNAMEs that exceeded the limit?
Recursion depth is about how many layers deep you have to go to
resolve an NS address. CNAME chains have
?
Recursion depth is about how many layers deep you have to go to
resolve an NS address. CNAME chains have different limits on them.
But each CNAME is in a different domain, and their nameservers were in
yet other domains. So while resolving the CNAME chain, you also have to
perform several levels
On Wed, Dec 17, 2014 at 05:20:09PM -0500, Barry Margolin wrote:
But each CNAME is in a different domain, and their nameservers were in
yet other domains. So while resolving the CNAME chain, you also have to
perform several levels of recursion.
Does the max-recursion-depth limit apply to all
-recursion-queries 50; )
I haven't personally seen any real world queries go more than 4
levels deep, but I wouldn't be surprised if there are a were domains
out there that do. 7 seemed like a safe upper limit.
The default max-recursion-queries value of 50, we got by testing with a
sample of real
Hi,Evan,
Thank you for replying.
I was able to understand,
try setting to test servers.
Thanks.
However,
if the value of the default 7 would be the value that was created
based on the world data ?
( Also for the default value of max-recursion-queries 50; )
I want to know the recommended
On Wed, Dec 17, 2014 at 01:30:35PM +0900, Techs_Maru wrote:
However,
if the value of the default 7 would be the value that was created
based on the world data ?
( Also for the default value of max-recursion-queries 50; )
I haven't personally seen any real world queries go more than 4
levels
Hi, Bind-user folks,
I have a question, about Vulnerability CVE-2014-8500 new bind option
max-recursion-depth,
I do not know this option meaning.
I read ARM Documents
I used Bind Version is 9.9.6-P1.
--
max-recursion-depth Sets the maximum number of levels
On Tue, Dec 16, 2014 at 11:13:17AM +0900, Techs_Maru wrote:
But, max-recursion-depth,
However, it tried but it did not become a Servfail.
Meaning of is is Indirections is described in the document, it means
that when the authority server that does not come directly returns the
IP address
How does the max-recursion-queries counter interact with DNSSEC validation
and RPZ validation? Are the queries for these checks included in the
max-recursion-queries count or are they in a separate queue?
Why I am asking:
I've been running through my test of the new code and getting a few
The new recursion limits (or at least the default values for them) seem
to have some problems. Simple example, if I start named for recursive
service, no forwarders, debugging enabled, and run dig @::1 www.ibm.com a
I get a failure with numerous exceeded max queries log entries for gtld
servers
On Tue, Dec 09, 2014 at 02:45:13PM +, Stuart Henderson wrote:
The new recursion limits (or at least the default values for them) seem
to have some problems. Simple example, if I start named for recursive
service, no forwarders, debugging enabled, and run dig @::1 www.ibm.com a
I get
Evan Hunt e...@isc.org wrote:
However, in this case I think it's because you had an empty cache, and
sending a second query will clear the problem up. In a future release, we
may want to lift the restrictions temporarily while priming.
Yes, I could reproduce it after flushing my cache. Had
running unreleased code, there. Servfail-ttl is a feature slated
for 9.11, but the recursion limits have only been added in the past few
weeks as a patch for the infinite DNS bug, and we're clearly going to have
to modify the SERVFAIL caching feature in light of this new reality. (We
might arrange
the default
servfail-ttl is 10s.
You're running unreleased code, there. Servfail-ttl is a feature slated
for 9.11, but the recursion limits have only been added in the past few
weeks as a patch for the infinite DNS bug, and we're clearly going to have
to modify the SERVFAIL caching feature
On Tue, Dec 09, 2014 at 05:46:36PM +, Stuart Henderson wrote:
It's 5 minutes with 9.10.1-P1 as well.
That's unexpected. I'll see if I can reproduce it.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit
* zones (ihost.com, akam.net, and akadns.org,
in addition to akadns.net and akamaiedge.net). I had to almost
double the maximum recursion queries to 99 to get this to work on
an empty cache. Yikes.
Almost any non-empty cache will dodge the bullet. Preceeding the
lookup of www.ibm.com with dig @::1
...@dotat.at, bind-users@lists.isc.org
bind-users@lists.isc.org
Subject: Re: Problem with BIND 9.10.1-P1 recursion limits
On Tue, Dec 09, 2014 at 05:51:58PM +, Evan Hunt wrote:
That's unexpected. I'll see if I can reproduce it.
Okay, I can.
Part of the problem is the somewhat crazypants DNS
Hi--
On Dec 9, 2014, at 12:04 PM, Mike Hoskins (michoski) micho...@cisco.com wrote:
Wanted to point out that (perhaps sadly) this isn't so crazypants...or at
least not uncommon. The *edge* and *aka* references speak Akamai DNS+CDN.
From my last overview, this has gotten cleaner in the latest
: recursion requested but not available
even if you dig a A-record he is authoritative?
asking the master the same question spots no warning
my understanding is in case of slave/master there
should be no difference in case of normal queries
well, all works fine, but it annoys and i try to
avoid any
On 06.06.14 13:13, Reindl Harald wrote:
why does in case of asking the slave always come a
WARNING: recursion requested but not available
even if you dig a A-record he is authoritative?
because you request recursion and the server does not provide it.
use dig +norecurse not to request
Am 06.06.2014 13:28, schrieb Matus UHLAR - fantomas:
On 06.06.14 13:13, Reindl Harald wrote:
why does in case of asking the slave always come a
WARNING: recursion requested but not available
even if you dig a A-record he is authoritative?
because you request recursion and the server does
On 06/06/14 12:35, Reindl Harald wrote:
Am 06.06.2014 13:28, schrieb Matus UHLAR - fantomas:
On 06.06.14 13:13, Reindl Harald wrote:
why does in case of asking the slave always come a
WARNING: recursion requested but not available
even if you dig a A-record he is authoritative?
because you
Am 06.06.2014 13:40, schrieb Phil Mayers:
On 06/06/14 12:35, Reindl Harald wrote:
Am 06.06.2014 13:28, schrieb Matus UHLAR - fantomas:
On 06.06.14 13:13, Reindl Harald wrote:
why does in case of asking the slave always come a
WARNING: recursion requested but not available
even if you dig
In article mailman.371.1402054553.26362.bind-us...@lists.isc.org,
Reindl Harald h.rei...@thelounge.net wrote:
Am 06.06.2014 13:28, schrieb Matus UHLAR - fantomas:
On 06.06.14 13:13, Reindl Harald wrote:
why does in case of asking the slave always come a
WARNING: recursion requested
On 6/6/2014 7:35 AM, Reindl Harald wrote:
Am 06.06.2014 13:28, schrieb Matus UHLAR - fantomas:
On 06.06.14 13:13, Reindl Harald wrote:
why does in case of asking the slave always come a
WARNING: recursion requested but not available
even if you dig a A-record he is authoritative?
because you
Am 06.06.2014 20:20, schrieb Kevin Darcy:
On 6/6/2014 7:35 AM, Reindl Harald wrote:
Am 06.06.2014 13:28, schrieb Matus UHLAR - fantomas:
On 06.06.14 13:13, Reindl Harald wrote:
why does in case of asking the slave always come a
WARNING: recursion requested but not available
even if you dig
On 25/11/13 22:46, Listas wrote:
On 25-11-2013 15:42, Phil Mayers wrote:
2. Put a proper zone cut (delegation) into your local master,
pointing at your authoritative server
Thanks Phil. Your help has been valuable.
I think this is exactly what I'm doing here:
As Barry pointed out: no.
Hi,
I'm enabling IPv6 dual stack in my network and my Bind authoritative
servers are working perfectly with the ip6.arpa zones.
But my Recursive DNS server cannot resolve the reverse zone records from
my private network. I tried to make a setup similar to what I do for my
private network
On 25/11/13 16:16, Listas wrote:
Hi,
I'm enabling IPv6 dual stack in my network and my Bind authoritative
servers are working perfectly with the ip6.arpa zones.
But my Recursive DNS server cannot resolve the reverse zone records from
my private network. I tried to make a setup similar to what
On 25-11-2013 14:22, Phil Mayers wrote:
No, because you told your recursive it was authoritative and gave it
an empty zone file.
Thank you Phil.
But it is a private network zone. The query cannot go to the DNS root
servers, must be forwarded to the authoritative server for the zone
On 25/11/13 17:31, Listas wrote:
On 25-11-2013 14:22, Phil Mayers wrote:
No, because you told your recursive it was authoritative and gave it
an empty zone file.
Thank you Phil.
But it is a private network zone. The query cannot go to the DNS root
servers, must be forwarded to the
In article mailman.1748.1385400711.20661.bind-us...@lists.isc.org,
Listas lis...@adminlinux.com.br wrote:
On 25-11-2013 14:22, Phil Mayers wrote:
No, because you told your recursive it was authoritative and gave it
an empty zone file.
Thank you Phil.
But it is a private network
On 25-11-2013 15:42, Phil Mayers wrote:
2. Put a proper zone cut (delegation) into your local master,
pointing at your authoritative server
Thanks Phil. Your help has been valuable.
I think this is exactly what I'm doing here:
Recursive Bind server - /etc/bind/db.fd00.f3e2.38a5:
$TTL
In article mailman.1752.1385419606.20661.bind-us...@lists.isc.org,
Listas lis...@adminlinux.com.br wrote:
On 25-11-2013 15:42, Phil Mayers wrote:
2. Put a proper zone cut (delegation) into your local master,
pointing at your authoritative server
Thanks Phil. Your help has been
Hello Stefano,
the standard query path for DNS is
client - caching DNS - authoritative DNS
Your BIND Server is probably on the very right of that picture, the
authoritative (only) server. Such an authoritative only server only
answers with data it is authoritative for (like you described). In
Barry Margolin bar...@alum.mit.edu wrote:
If the server is authoritative for both the CNAME and the target of the
CNAME, no recursion should be necessary -- the target is already in its
memory. Doesn't the server normally fill in the whole CNAME chain in
this case?
Yes - see the additional
Hello all.
I have a closed bind dns server. It answers only to queries related to
zones it is authoritative for (a normal behaviour... right?).
I have dns zones that contain cname that points to hostnames in domains
not managed by that server.
So it won't resolve that names returning the cname to
On 18.11.13 13:57, Chiesa Stefano wrote:
I have a closed bind dns server. It answers only to queries related to
zones it is authoritative for (a normal behaviour... right?).
I have dns zones that contain cname that points to hostnames in domains
not managed by that server.
So it won't resolve
In message
e81ed6071f7e3e44a69bc960c04469250c1a2...@s-mi-mail2.milano.wkitaly.it,
Chiesa Stefano writes:
Hello all.
I have a closed bind dns server. It answers only to queries related to
zones it is authoritative for (a normal behaviour... right?).
I have dns zones that contain cname that
is in a domain managed by you, resolve (do recourse)
Do you know if it is possible?
No.
If the server is authoritative for both the CNAME and the target of the
CNAME, no recursion should be necessary -- the target is already in its
memory. Doesn't the server normally fill in the whole CNAME
Stefano writes:
I'd like to know if there is a way to tell to BIND if the external
resource is in a domain managed by you, resolve (do recourse)
Do you know if it is possible?
No.
If the server is authoritative for both the CNAME and the target of the
CNAME, no recursion should
?
No.
If the server is authoritative for both the CNAME and the target of the
CNAME, no recursion should be necessary -- the target is already in its
memory. Doesn't the server normally fill in the whole CNAME chain in
this case?
The targets of the CNAME records
My external authoritative dns does not allow recursion.
We have vanity names like speaker.gov.
When we add an entry like:
www.speaker.govhttp://www.speaker.gov CNAME
www.house.govhttp://www.house.gov
it fails because of the recursion statement even though the external dns
On Mar 28, 2013, at 7:56 AM, Manson, John wrote:
My external authoritative dns does not allow recursion.
We have vanity names like speaker.gov.
When we add an entry like:
www.speaker.gov CNAMEwww.house.gov
it fails because of the recursion statement even though the external dns
:00)
So the first lookup does not fully resolve due to recursion.
Does this help?
-Original Message-
From: Chris Buxton [mailto:cli...@buxtonfamily.us]
Sent: Thursday, March 28, 2013 11:13 AM
To: Manson, John
Cc: bind-users@lists.isc.org
Subject: Re: Recursion issue
On Mar 28, 2013, at 7
testwww.house.gov IN A 12.13.14.15 900s(00:15:00)
So the first lookup does not fully resolve due to recursion.
Does this help?
Yes it does. It just doesn't all get answered from the one zone. Both of your
public servers, chyron and mercury, contain both zones. A non-recursive query
:
test.gopleader@mercury.house.gov:
test.gopleader.gov. 300 IN CNAME testwww.house.gov.
-Original Message-
From: Chris Buxton [mailto:cli...@buxtonfamily.us]
Sent: Thursday, March 28, 2013 11:49 AM
To: Manson, John
Cc: bind-users@lists.isc.org
Subject: Re: Recursion issue
On Mar 28
I disagree with your statement about recursion.
What stops an authoritative server from doing recursion if you do not have the
recursion statement?
I guess the bind default is recursion yes.
-Original Message-
From: Chris Buxton [mailto:cli...@buxtonfamily.us]
Sent: Thursday, March 28
On 28.03.13 16:05, Manson, John wrote:
I disagree with your statement about recursion.
What stops an authoritative server from doing recursion if you do not have
the recursion statement? I guess the bind default is recursion yes.
if your server does not allow recursion, it will still
On Mar 28, 2013, at 9:05 AM, Manson, John wrote:
I disagree with your statement about recursion.
What stops an authoritative server from doing recursion if you do not have
the recursion statement?
I guess the bind default is recursion yes.
OK, bad choice of words on my part. I did not mean
...@buxtonfamily.us]
Sent: Thursday, March 28, 2013 12:57 PM
To: Manson, John
Cc: bind-users@lists.isc.org
Subject: Re: Recursion issue
On Mar 28, 2013, at 9:05 AM, Manson, John wrote:
I disagree with your statement about recursion.
What stops an authoritative server from doing recursion if you do
On 28.03.13 17:09, Manson, John wrote:
Maybe my understanding of how bind works is faulty.
I thought bind would do the leg work to get an IP.
Especially when it is authoritative for CNAME domain.
Even a dig on mercury gives the same 'no IP' result.
Sorry for the bother.
I got the same result
http://www.digwebinterface.com/? Is one of the internet sites I use.
John Manson
CAO/HIR/NAF Data-Communications | U.S. House of Representatives | Washington,
DC 20515
Desk: 202-226-4244 | TCC: 202-226-6430 |
john.man...@mail.house.govmailto:john.man...@mail.house.gov
I looked at it -- it's
now going to Akamai. The result shown here shows what's called a dangling
CNAME -- your CNAME record, pointing to an outside resource. A resolving name
server (one with recursion enabled) will then follow that to Akamai, giving
this result:
test.gopleader.gov. 300
On Mar 4, 2013, at 10:43 AM, Verne Britton wrote:
I have been testing and testing and either just don't see what I'm doing
wrong, or have a learning block :-)
current thinking is that a open recursion DNS server is bad, so we want to
implement an allow-recursion clause; perhaps even
I have been testing and testing and either just don't see what I'm doing wrong,
or have a learning block :-)
current thinking is that a open recursion DNS server is bad, so we want to
implement an allow-recursion clause; perhaps even make some views so our local
users still recurse while
In article mailman.1592.1362422631.11945.bind-us...@lists.isc.org,
Verne Britton ve...@wvnet.edu wrote:
I have been testing and testing and either just don't see what I'm doing
wrong, or have a learning block :-)
current thinking is that a open recursion DNS server is bad, so we want
- opcode: QUERY, status: REFUSED, id: 23091
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;gmail.com. IN A
So from my side of things, all of your requirements are being met ;-)
Can
block :-)
current thinking is that a open recursion DNS server is bad, so we want to
implement an allow-recursion clause; perhaps even make some views so our
local users still recurse while the general public cannot ...
but I am running into a roadblock with our Google Apps cname
and/or topologically diverse when they're on the Internet) the only
technical fix that comes to mind is to set up some sort of
crypto-authentication of your client's queries (e.g. TSIG or GSS-TSIG)
on the endpoints. You could use that to allow/deny recursion and/or
match views.
Yes
is below. I've commented it out so as to enable my
network to run.
There are thousands of my clients that need recursion from this server.
It is also authoritative for many domains.
There is a semi busy mail server on this same box that uses DNS as well.
I googled this to death with no real
to run.
There are thousands of my clients that need recursion from this server.
It is also authoritative for many domains.
There is a semi busy mail server on this same box that uses DNS as well.
I googled this to death with no real suggestions. I've tried it with
ACL and without
so as to enable my
network to run.
There are thousands of my clients that need recursion from this server.
It is also authoritative for many domains.
There is a semi busy mail server on this same box that uses DNS as well.
I googled this to death with no real suggestions. I've tried it with
ACL
requests. The problem is every time I enable this, the time for DNS
queries goes from 0-1ms to 2000-6000ms or just times out completely.
There are thousands of my clients that need recursion from this server.
It is also authoritative for many domains.
There is a semi busy mail server
to run.
There are thousands of my clients that need recursion from this server.
It is also authoritative for many domains.
There is a semi busy mail server on this same box that uses DNS as well.
I googled this to death with no real suggestions. I've tried it with
ACL and without
Hi ,
Can I disable cache without disabling recursion?
Thanks Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org
On Jul 10, 2012, at 2:37 AM, rams wrote:
Hi ,
Can I disable cache without disabling recursion?
For many of your questions is would be really helpful if you explained *why*
you wanting to do X / what you are trying to accomplish…
For example, forwarding may be what you want here
is an alias for record.client.otherdomain.com.
record.client.otherdomain.com is an alias for otherhost.otherdomain.com.
otherhost.otherdomain.com has address x.x.x.x
To duplicate this exactly on our servers, it appears that I have to enable
recursion but the provider said that they are not doing that. I
Who will be using this in-house DNS server? Your local users? If yes,
then you will need to enable recursion so they can look up outside
resources (google.com, etc.)
If this server will strictly be an authoritative server for your domain,
then it won't need recursion but queries that return
sam.fait...@gmail.com wrote on 03/16/2012 03:09:52 PM:
From: Samantha Steers sam.fait...@gmail.com
To: wbr...@e1b.org,
Date: 03/16/2012 03:09 PM
Subject: Re: external view recursion issue
Thank you for getting back to me.
We have a set up with internal and external views. The internal
I am a relative newbie to running BIND in production. I have recently
set up BIND 9.7 (on CentOS 6.2) as the nameserver for my home network.
I am using Google's public DNS servers (8.8.8.8 and 8.8.4.4 as my
forwarders).
My ISP does not support IPv6, and none of the network interfaces on the
On Fri, Jan 13, 2012 at 11:20:39AM -0600, Ian Pilcher wrote:
I am a relative newbie to running BIND in production. I have recently
set up BIND 9.7 (on CentOS 6.2) as the nameserver for my home network.
I am using Google's public DNS servers (8.8.8.8 and 8.8.4.4 as my
forwarders).
My ISP
On 01/13/2012 11:50 AM, Bill Owens wrote:
I'm not familiar with CentOS, but I would be surprised to hear that any
modern Linux distro didn't have IPv6 enabled by default; you should see at
least link-local addresses on your active interfaces (address family inet6,
beginning with fe80::) I'm
101 - 200 of 304 matches
Mail list logo