On 01/13/2012 11:20 AM, Ian Pilcher wrote:
My ISP does not support IPv6, and none of the network interfaces on the
server has an IPv6 address (including the loopback interface). Despite
this, BIND appears to be trying to use IPv6 to communicate with other
nameservers.
I finally stumbled on
Good day,
configure /etc/default/bind9 file like:
OPTIONS=-4 -u bind
-4 for IPv4. Bind was confusing between IPv4 and IPv6.
On 13/01/2012 19:20, Ian Pilcher wrote:
I am a relative newbie to running BIND in production. I have recently
set up BIND 9.7 (on CentOS 6.2) as the nameserver for
Hi,
I am running one master server and one slave server with BIND 9.6.1-P3.
The global options section on both servers are identical.
In the options section I have,
allow-recursion { ck_domain; };
forwarders { 216.47.128.11; 216.47.128.12; 216.47.143.90; };
The ck_domain ACL
.
- Kevin
On 1/12/2012 1:15 PM, Adamiec, Lawrence wrote:
Hi,
I am running one master server and one slave server with BIND
9.6.1-P3. The global options section on both servers are identical.
In the options section I have,
allow-recursion { ck_domain; };
forwarders
-users@lists.isc.org
Subject: Re: recursion and forwarding
On 01/12/2012 06:15 PM, Adamiec, Lawrence wrote:
So when does recursion occur, before the query is forwarded or
never? I
thought recursion was supposed to go looking for the answers. If
recursion does not return an answer then does
Dear All,
Is there any way in dig or nslookup utility to see the whole path which a
DNS Server follows for giving me the answer.
For eg:
Suppose I ask what is www.nkn.in from goggle 8.8.8.8 server AND at that time
goggle 8.8.8.8 DNS doesn't have the answer in its cache.
Then it will
On 05/11/2011 19:37, Gaurav Kansal wrote:
Is there any way in dig or nslookup utility to see the whole path which a
DNS Server follows for giving me the answer.
dig +trace www.nkn.in
is pretty close to what you ask.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil.
be looking for in the syslog or daemon.log?
The relevant portion of the named.conf file for the INTERNAL view is below:
forwarders { NS2; NS1; };
forward first;
allow-recursion { 10.0.0.0/8; 192.168.0.0/16; 172.16.0.0/12; };
recursion yes;
// zone: . [hint]
include
{ NS2; NS1; };
forward first;
allow-recursion { 10.0.0.0/8; 192.168.0.0/16; 172.16.0.0/12; };
recursion yes;
// zone: . [hint]
include ...;
The hints DB file is current as of the version of BIND in use (2011060800).
Thanks
?
The relevant portion of the named.conf file for the INTERNAL view is
below:
forwarders { NS2; NS1; };
forward first;
allow-recursion { 10.0.0.0/8; 192.168.0.0/16; 172.16.0.0/12; };
recursion yes;
// zone: . [hint]
include ...;
The hints DB file is current
portion of the named.conf file for the INTERNAL view is
below:
forwarders { NS2; NS1; };
forward first;
allow-recursion { 10.0.0.0/8; 192.168.0.0/16; 172.16.0.0/12; };
recursion yes;
// zone: . [hint]
include ...;
The hints DB file is current as of the version
retries.
Am I missing something in the named.conf file? Is there something
specific I should be looking for in the syslog or daemon.log?
The relevant portion of the named.conf file for the INTERNAL view is
below:
forwarders { NS2; NS1; };
forward first;
allow-recursion
, they all have to be tried
once before the server will fail back to doing its own recursion.
Regards,
Chris Buxton
BlueCat Networks
On Nov 1, 2011, at 8:00 AM, Will Lists wrote:
I did get a chance to dig through the syslogs finally on one of the internal
name servers and I'm seeing a lot
Hello,
I try to make an nslookup from the client. The server dont know the zone and
for this it should do recursion to another DNS-Server
options {
dump-file /var/log/named_dump.db;
notify-source xx.x.xxx.xxx port 53;
notify yes;
listen-on port 53 { xx.x.xxx.xxx
On 16/05/11 11:00, Juergen Dietl wrote:
Hello,
I try to make an nslookup from the client. The server dont know the zone
and for this it should do recursion to another DNS-Server
options {
dump-file /var/log/named_dump.db;
notify-source xx.x.xxx.xxx port 53;
notify yes;
listen-on port 53
Hello Phil,
thanx a lot for your help.
allow-recursion {any;}; .Works now.
allow-query {any;};
did also work.
Is this a new behavior? Because in 9.7.3 I dont have to allow querys.
thanx a lot,
cheers,
Juergen
2011/5/16 Phil Mayers p.may...@imperial.ac.uk
On 16/05/11 11:00, Juergen
Hi,
I have a Bind 9 recursive only server on Window.
Is there any way I could configure Bind to write to the logs exactly
what root server is being queried for a client request?
I enabled query logging and resolver logging but there is no info
about which server is being queried exactly.
Thank
I'm having a query problem and hope I'm at the right mailing list...
I get a recursion not available message intermittently when using
nslookup. The message will appear on the first query, presumably to
un-cached IP/hostname and subsequent queries to the same IP/hostname
will succeed without
a recursion not available message intermittently when using
nslookup.
The short answer is, Yes indeed: that's how DNS works.
A longer answer follows below.
I should mention first that I have no experience using
'nslookup'. I understand that it has a reputation
] On Behalf Of
Kebba Foon
Sent: Tuesday, October 26, 2010 2:27 PM
To: bind-users@lists.isc.org mailto:bind-users@lists.isc.org
Subject: limiting number of recursion/queries per IP address
Dear List,
Is is possible to limit the number of recursion/queries per IP
@lists.isc.org [mailto:
bind-users-bounces+tsnyder bind-users-bounces%2Btsnyder=rim.com@
lists.isc.org] On Behalf Of Kebba Foon
Sent: Tuesday, October 26, 2010 2:27 PM
To: bind-users@lists.isc.org
Subject: limiting number of recursion/queries per IP address
Dear List,
Is is possible to limit
Dear List,
Is is possible to limit the number of recursion/queries per IP address.
there is some kind of virus thats bombarding my dns servers with a lot
of queries, i realize that when ever the total number of recursion
clients reach 1000 dns resolution stop working. i have increase
+tsnyder=rim@lists.isc.org
[mailto:bind-users-bounces+tsnyder=rim@lists.isc.org] On Behalf Of Kebba
Foon
Sent: Tuesday, October 26, 2010 2:27 PM
To: bind-users@lists.isc.org
Subject: limiting number of recursion/queries per IP address
Dear List,
Is is possible to limit the number
-
From: bind-users-bounces+tsnyder=rim@lists.isc.org
[mailto:bind-users-bounces+tsnyder=rim@lists.isc.org] On Behalf Of Kebba
Foon
Sent: Tuesday, October 26, 2010 2:27 PM
To: bind-users@lists.isc.org
Subject: limiting number of recursion/queries per IP address
Dear List
@lists.isc.org
Subject: RE: limiting number of recursion/queries per IP address
On Tue, 2010-10-26 at 15:22 -0400, Todd Snyder wrote:
What version of bind, on what OS?
I use Debian 5.0 with bind 9.6-ESV-R1 but also i thought that the OS
might have some security holes so i try FreeBSD 8.1 with BIND
On Mon, Oct 04, 2010 at 11:30:03AM +0200, Kalman Feher wrote:
probably it was not thought because it's wrong.
This point is getting religious now, IMHO.
Bear in mind that your rationale is based on getting an inaccessible DNS
server to return information that a client has correctly
On 1/10/10 9:15 AM, Joerg Dorchain jo...@dorchain.net wrote:
On Thu, Sep 30, 2010 at 07:13:11PM -0400, Kevin Darcy wrote:
Per-zone recursion control doesn't exist in BIND, because frankly it
doesn't make sense.
I used to think that, too, until I came to my specific problem.
Either
On Fri, Oct 01, 2010 at 11:25:31AM +0200, Kalman Feher wrote:
Yes. To explain my setup further, there is a view based on
src-IPs for some clients, where recursion is turned on.
The rest of the world gets non-recursive answers, e.g. with
authoritative data, or refused.
In case
Yes. To explain my setup further, there is a view based on
src-IPs for some clients, where recursion is turned on.
The rest of the world gets non-recursive answers, e.g. with
authoritative data, or refused.
In case of that specfic forward zone, bind answers in the
non
On Fri, Oct 01, 2010 at 05:39:16PM +0200, Matus UHLAR - fantomas wrote:
On 01.10.10 12:39, Joerg Dorchain wrote:
Well, I could agree agree that wrong means not thought of by
RfC-Designers and bind implementators (yet).
probably it was not thought because it's wrong.
This point is
, but
- this is problem - only if the view with the statement allows
recursion.
For several reasons I do not want to answer all queries for all
domains recursivly, just those for that one zone.
When I turn recursion off, bind answers with a referal to itself
(glue records work ;-), which in this case
Per-zone recursion control doesn't exist in BIND, because frankly it
doesn't make sense.
Either a zone type is meaningless *without* recursion (type forward,
type stub), or recursion is *unnecessary* because the nameserver answers
from authoritative data (type master, type slave).
Put
Hi,
I am having problems with recursion for domains that reside on two
particular nameservers. My BIND9 servers return a SERVFAIL and do not
attempt to recurse to the authoritative nameservers for
ugabookstore.com.
I have verified that my caching servers are not contacting
ugabookstore.com's
Hi,
I have two views, one for a specific range of 8 IP's on the internet and one
view for any inluding internal servers. In my main named.conf I have
allowed recursion to specific hosts, including all of the hosts in both
views (which are specific using ACL's).
I can use recursion on this server
On 7/19/2010 5:12 AM, Zhang Meng wrote:
The question is given that
When I ask the bind server, what's the A record of google.com
http://google.com?
for the ROOT name server, there're several NS record
/.// //60493// //IN// //NS// //g.root-servers.net
http://g.root-servers.net./
/.//
In article mailman.19.1279633805.15649.bind-us...@lists.isc.org,
James Chase chase1...@gmail.com wrote:
Hi,
I have two views, one for a specific range of 8 IP's on the internet and one
view for any inluding internal servers. In my main named.conf I have
allowed recursion to specific hosts
The question is given that
When I ask the bind server, what's the A record of google.com?
for the ROOT name server, there're several NS record
*.** **60493** **IN** **NS** **g.root-servers.net.*
*.** **60493** **IN** **NS** **b.root-servers.net.*
*.** **60493** **IN** **NS**
Thanks for your information.
But what does unknown servers mean? Where does the list come from?
On Tue, Jul 20, 2010 at 7:08 AM, Chris Buxton chris.p.bux...@gmail.comwrote:
It uses the RTT algorithm to select the fastest server from the list,
using random, low values for unknown servers.
Recursive queries start with the root name servers. That list is built
in to almost(I am reluctant to say all) all versions of bind and is
availible for download from ftp.rs.internic.net.
An unknown server is one that 1) does not answer queries or 2) has not
been asked yet by this bind server.
Yes, of course. I've made that mistake before, in fact.
Use a custom root zone, as I believe you originally mentioned, with
delegations to just the zones that should be reachable.
Or else set up secure proxies and disallow all DNS resolution (an
empty root zone).
Chris Buxton
BlueCat Networks
Close. I mean a properly-configured instance of squid, or a SOCKS
proxy, or whatever other non-DNS, application level proxy you want to
provide. Just configure your kiosks to use them. Then the kiosks
themselves don't need DNS resolution at all.
Chris Buxton
BlueCat Networks
On 5/12/10, Brian
On Mon, May 10, 2010 at 11:54:57AM -0700, Chris Buxton wrote:
One strategy would be to set up a view that matches recursive queries
only. Set allow-query to none at the view, then set it any (or
whatever) in each zone of type forward or stub.
Thank you Chris.
Unfortunately, allow-query is
Hello,
I am trying to configure a bind9 view to allow recursion just for certain
domains. (This is bind-9.2.4-16.EL4 under RHEL4).
In fact, it doesn't even have to be real recursion, just forwarding to an
upstream recursive nameserver. The point is that the clients are only
authorised to look
Recursion is enabled/allowed at the view level, not the zone level.
One strategy would be to set up a view that matches recursive queries
only. Set allow-query to none at the view, then set it any (or
whatever) in each zone of type forward or stub.
Or if you want to use your root zone idea, make
Hi,
I'm just writing to confirm that I have the correct understanding of
the relationship between delegation and recursion.
A bit of background: I'm responsible for an Internet-facing server
that has the following requirements. It should support recursion for
known (DMZ) clients and it should
Angela Perez wrote:
Hi,
I'm just writing to confirm that I have the correct understanding of
the relationship between delegation and recursion.
A bit of background: I'm responsible for an Internet-facing server
that has the following requirements. It should support recursion for
known (DMZ
Hi Kevin,
I followed your advice and I explicitly added:
recursion yes;
allow-recursion { custnets; };
I'm using MRTG for interface bandwidth monitoring and Smokeping for time
response on queries and all look the same as before. So, so far so good!
Thank you!
Julian
- Original
If there is no option recursion yes (or no); specified in named.conf, is the
server still recursive?
Is recursion activated by default if option recursion (yes|no) is missing in
named.conf?
Thank you,
Julian
___
bind-users mailing list
bind-users
On 3/10/2010 11:37 AM, ic.nssip wrote:
If there is no option recursion yes (or no); specified in
named.conf, is the server still recursive?
Is recursion activated by default if option recursion (yes|no) is
missing in named.conf?
Yes, recursion is activated by default, but who
ic.nssip wrote:
If there is no option recursion yes (or no); specified in named.conf,
is the server still recursive?
Is recursion activated by default if option recursion (yes|no) is
missing in named.conf?
In modern BIND, allow-recursion defaults to:
{ localhost; localnets
Modern being?
-Original Message-
From: bind-users-bounces+jlightner=water@lists.isc.org
[mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf
Of Alan Clegg
Sent: Wednesday, March 10, 2010 2:25 PM
To: bind-users@lists.isc.org
Subject: Re: recursion
ic.nssip wrote
Lightner, Jeff wrote:
Modern being?
According to CHANGES file:
--- 9.5.0a6 released ---
2206. [security] allow-query-cache and allow-recursion now
cross inherit from each other.
If allow-query-cache is not set in named.conf then
allow
Lightner, Jeff wrote:
Modern being?
Actually
In the 9.4 CHANGES file I find:
--- 9.4.0a4 released ---
[...]
2006. [security]Allow-query-cache and allow-recursion now default
to the builtin acls localnets and localhost
I've got the idea!
So even I have no statement recursion yes, the server is still recursive
as time I dont specify recursion no;
It is going to make no difference if I'll add recursion yes; on options.
Is localnets a term I really need to use?
Currently I'm using an ACL defined for acl
On 3/10/2010 4:45 PM, ic.nssip wrote:
I've got the idea!
So even I have no statement recursion yes, the server is still
recursive as time I dont specify recursion no;
It is going to make no difference if I'll add recursion yes; on
options.
No difference.
Is localnets a term I really need
Thanks very much to everyone who replied and explained this set
of problems in such detail to me. It's now clear as day and of
course you are correct. You have made my day. :-)
As for allow-query instead of allow-recursion - I see what
you mean, the stub resolvers seem to react differently
* All other systems can only resolve names from our zones
The untrusted systems do not need to resolve external names since everything
is done via HTTP and SOCKS proxies.
We tried to do this by setting a forwarder and only enabling recursion for
an ACL that contains the trusted systems
from our zones _and_ external names
* All other systems can only resolve names from our zones
However when we use a pac file or automatic proxy detection, the browsers
continually try to resolve the URL, receive refused (recursion not
available),
the browser apparently needs to resolve the IP
An: bind-users@lists.isc.org
Betreff: Re: Disabling recursion causes browser hangs on clients with auto
proxy config
On 25.01.10 17:14, Frank Stanek wrote:
we want to set up a DNS server (bind-9.4.3-P3) for the internal LAN only.
However for security reasons we need to only allow a few trusted
Frank Stanek wrote:
I'm sorry but I don't quite understand what you mean. Could you
please elaborate this on the basis of this excerpt from our pac
file?
function FindProxyForURL(url, host)
{
var proxy1 = PROXY 192.168.240.29:8080;
var proxy2 = PROXY 172.16.1.30:8080;
if (
complications
2) any form of access control which involves turning off recursion for
particular clients is iffy, since stub resolvers don't react
consistently to unexpected lookup results such as referrals. It is
generally better to give a definitive REFUSED response, in order to make
one's intent clear
On Mon, Jan 25, 2010 at 07:12:50PM +0100, Frank Stanek wrote:
Thank you for your reply.
the browser apparently needs to resolve the IP before itdesides whether to
use proxy or not. It may be a problem of the .pac file.
I have also suspected the pac file some time ago. We have tried
to
On Jan 8 2010, Rick Dicaire wrote:
Hi folks, whats the difference between recursion no; and
allow-recursion {none;};
Not a great deal, but recursion no; changes the default for
empty-zones-enable to no, while allow-recursion {none;};
doesn't do that. (Probably there are other niggling things
Hi folks, whats the difference between recursion no; and
allow-recursion {none;};
Thanks
--
aRDy Music and Rick Dicaire present:
http://www.ardynet.com
http://www.ardynet.com:9000/ardymusic.ogg.m3u
___
bind-users mailing list
bind-users@lists.isc.org
I found answer for my feature request - simple C proxer:
http://www.wolfermann.org/dnsproxy.html
It can forward queries to auth or recursion server. Based on client IPs.
FreeBSD port /usr/ports/dns/dnsproxy/
___
bind-users mailing list
bind-users
On Wed, Dec 2, 2009 at 9:43 AM, Dmitry Rybin kirg...@corbina.net wrote:
I found answer for my feature request - simple C proxer:
http://www.wolfermann.org/dnsproxy.html
It can forward queries to auth or recursion server. Based on client IPs.
What if one of your access customers is running
Dmitry Rybin wrote:
I found answer for my feature request - simple C proxer:
http://www.wolfermann.org/dnsproxy.html
It can forward queries to auth or recursion server. Based on client IPs.
So, what does a dnsproxy approach accomplish, that can't be achieved
with less processes, and less
At Mon, 02 Nov 2009 18:24:54 +0300,
Dmitry Rybin kirg...@corbina.net wrote:
Kevin Darcy wrote:
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
___
So, you don't cache locally, you forward to another daemon
Kevin Darcy wrote:
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
___
So, you don't cache locally, you forward to another daemon that (in the
best case) answers from *its* cache.
How have you improved performance
Matus UHLAR - fantomas wrote:
Bind answer authoritative for all clients, and forward (if allowed)
recursive queries to recursive server.
why shouldn't it cache those responses?
Bind cache is slow. It allocate a lot of memory and make high CPU usage.
Dmitry Rybin wrote:
Kevin Darcy wrote:
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
___
So, you don't cache locally, you forward to another daemon that (in
the best case) answers from *its* cache.
How have you
Barry Margolin wrote:
In article mailman.834.1256928257.14796.bind-us...@lists.isc.org,
Kevin Darcy k...@chrysler.com wrote:
Chris Thompson wrote:
On Oct 30 2009, Michael Hare wrote:
For those of us that are still running auth and recursive on the same
IP, I believe the
Niall O'Reilly wrote:
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
I don't see the point
In article mailman.834.1256928257.14796.bind-us...@lists.isc.org,
Kevin Darcy k...@chrysler.com wrote:
Chris Thompson wrote:
On Oct 30 2009, Michael Hare wrote:
For those of us that are still running auth and recursive on the same
IP, I believe the benefit would be to deploy a best
Well, except then you need to update all of your delegations. That can
not only be an administrative hassle, but can also get very expensive,
especially if you have hundreds of them in ccTLDs, where you have to pay
your in-country agent a fee for every registry change. It's quite a
racket.
Hello everybody!
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind
Dmitry Rybin wrote:
Hello everybody!
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
I don't
Niall O'Reilly wrote:
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
I don't see the point
Dmitry Rybin wrote:
Niall O'Reilly wrote:
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind. :(
I don't see
Dmitry Rybin wrote:
Hello everybody!
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion queries,
that bind
address.
In the surface, I too find this to be an interesting idea.
-Michael
Kevin Darcy wrote:
Dmitry Rybin wrote:
Niall O'Reilly wrote:
I think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon
think, that be useful make this feature in bind:
Add option to disable internal recursion cache, and forward all
recursive queries to another daemon.
Daemon as unbound, pdns-recursor - much faster in recursion
queries, that bind. :(
I don't see the point.
If you need some code, other than BIND
On Oct 30 2009, Michael Hare wrote:
For those of us that are still running auth and recursive on the same
IP, I believe the benefit would be to deploy a best practices recursive
only nameserver on a different machine/IP address without getting, in my
case, possibly hundreds of thousands of
In message 4aeb00d0.8030...@doit.wisc.edu, Michael Hare writes:
For those of us that are still running auth and recursive on the same
IP, I believe the benefit would be to deploy a best practices recursive
only nameserver on a different machine/IP address without getting, in my
case,
guess no.
It's RD (recursion desired) flag and my question is if any nameserver is
known by sending queries with this flag set.
I don't care if they do recursion themselves, but if anyone asks this server
with RD flag set, the answer will be venemous.
--
Matus UHLAR - fantomas, uh...@fantomas.sk
In article mailman.674.1254859742.14796.bind-us...@lists.isc.org,
Matus UHLAR - fantomas uh...@fantomas.sk wrote:
It's RD (recursion desired) flag and my question is if any nameserver is
known by sending queries with this flag set.
I don't care if they do recursion themselves, but if anyone
Once upon a time, Matus UHLAR - fantomas uh...@fantomas.sk said:
I don't care if they do recursion themselves, but if anyone asks this server
with RD flag set, the answer will be venemous.
You should realize that anybody trying to debug possible DNS issues
might issue queries directly to your
Matus UHLAR - fantomas wrote:
Hello,
I have moved authoritative server to new IP address. I have changed the DNS
name pointing to it so the NS would point to the new IP.
Now I looked at the traffic and it seems that there are ~4 of 1000 recursive
requests sent to it.
Are there any
On Sep 21 2009, Matus UHLAR - fantomas wrote:
I have moved authoritative server to new IP address. I have changed the DNS
name pointing to it so the NS would point to the new IP.
Now I looked at the traffic and it seems that there are ~4 of 1000 recursive
requests sent to it.
And do you know
etirado@orange-ftgroup.com wrote:
Hello,
Is this possible to disable recursion for all incoming queries except
for those listed in zone statement with a forwarder.
I know that no forwarding is allowed if we disable recursion.
Something like this ( but this doesn't work I know
Hello,
Is this possible to disable recursion for all incoming queries except
for those listed in zone statement with a forwarder.
I know that no forwarding is allowed if we disable recursion.
Something like this ( but this doesn't work I know ):
I can't match people so I can't create a view
to disable recursion for all incoming queries except
for those listed in zone statement with a forwarder.
I know that no forwarding is allowed if we disable recursion.
Something like this ( but this doesn't work I know ):
I can't match people so I can't create a view.
options {
allow
On Jan 20, 2009, at 9:25 AM, etirado@orange-ftgroup.com etirado@orange-ftgroup.com
wrote:
Hello,
Is this possible to disable recursion for all incoming queries except
for those listed in zone statement with a forwarder.
I know that no forwarding is allowed if we disable recursion
Is there a option for use in named.conf to force recursion ?
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of anand.ba...@gmail.com
Sent: Monday, January 12, 2009 5:02 PM
To: comp-protocols-dns-b...@isc.org
Subject: Re: Any options in named.conf to force recursion?
I know that by default recursion is yes
In article gkgeld$1ur...@sf1.isc.org, anand.ba...@gmail.com wrote:
I know that by default recursion is yes (recursion yes; ). I would
like to know if it is possible to enforce recursion for all the DNS
queries going out of the host on which the named is configured.
Do you mean that when
Gregory Hicks escreveu:
Greetings:
Seeing in my named.log entries for too many timeouts resolving
'some-domain-not-seen-before'... makes me wonder if my server is an
open recursive server.
Where is the test please for open recursion so I can check?
http://dns.measurement-factory.com
server.
Where is the test please for open recursion so I can check?
http://dns.measurement-factory.com/cgi-bin/openresolvercheck.pl
Thanks! But I tried that about 6 hours earlier today. It said address
64.139.55.108 had status untested. It also said that if I wanted my
address retested, make
Date: Mon, 15 Dec 2008 11:52:01 +0100
From: Peter Dambier pe...@peter-dambier.de
To: bind-users@lists.isc.org
Subject: Re: Where is the open recursion test?
X-FuHaFi: 0.62
just try
dig -t any peter-dambier.de @your-server
If it tells you something about denic it is not recursive
recursive server.
Where is the test please for open recursion so I can check?
http://dns.measurement-factory.com/cgi-bin/openresolvercheck.pl
Thanks! But I tried that about 6 hours earlier today. It said address
64.139.55.108 had status untested. It also said that if I wanted my
address retested
201 - 300 of 304 matches
Mail list logo