On 18 March 2015 at 07:23, Heamnath J hea...@gmail.com wrote:
Hi their i need an new ideas for securing the bind dns server for centos 6.6
Securing which part? the CentOS system or the BIND DNS name server
software/configuration?
Have you read... Secure Domain Name System (DNS) Deployment Guide
On 18.03.2015 11:56, Matus UHLAR - fantomas wrote:
On 18.03.15 11:48, Constantin Stefanov wrote:
But in fact the configuration with only one writable file referenced
several times is suported now. If I write:
view view1 {
zone aaa.exampe.org {
masters {IP;};
On 18.03.2015 13:22, Matus UHLAR - fantomas wrote:
On 18.03.15 12:05, Constantin Stefanov wrote:
I can't. It stopped working after upgrade to 9.10, but worked before
with 9.6. And the question is how to keep the config as simple as it was
before upgrade.
I mean, the in-view definitions...
On 18.03.15 11:48, Constantin Stefanov wrote:
But in fact the configuration with only one writable file referenced
several times is suported now. If I write:
view view1 {
zone aaa.exampe.org {
masters {IP;};
file slave/aaa.exmaple.org;
};
};
view
On 18.03.2015 13:02, Matus UHLAR - fantomas wrote:
On 18.03.15 11:48, Constantin Stefanov wrote:
then both views will refernce ther same writable file, won't they? Or am
I missing something about in-view directive?
On 18.03.2015 11:56, Matus UHLAR - fantomas wrote:
maybe you could put all
On 18.03.15 14:18, Heamnath J wrote:
How to change centos server as real time cloud server ?..
please be more specific.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
I see why it may lead to problems.
But in fact the configuration with only one writable file referenced
several times is suported now. If I write:
view view1 {
zone aaa.exampe.org {
masters {IP;};
file slave/aaa.exmaple.org;
};
};
view view2 {
How to change centos server as real time cloud server ?..
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
On 18.03.15 11:48, Constantin Stefanov wrote:
then both views will refernce ther same writable file, won't they? Or am
I missing something about in-view directive?
On 18.03.2015 11:56, Matus UHLAR - fantomas wrote:
maybe you could put all those zone definitions into one file and include it
On 18.03.2015 13:02, Matus UHLAR - fantomas wrote:
On 18.03.15 11:48, Constantin Stefanov wrote:
then both views will refernce ther same writable file, won't they? Or am
I missing something about in-view directive?
On 18.03.2015 11:56, Matus UHLAR - fantomas wrote:
maybe you could put all
On 18.03.2015 16:12, Lightner, Jeff wrote:
It isn't really that hard to maintain two separate zone files for
each domain. We've been doing it for years.
It isn't. But maintaining one file is easier. And having to maintain two
after five years everything worked fine with one is annoying.
It
It isn't really that hard to maintain two separate zone files for each domain.
We've been doing it for years.
It isn't really clear why you're using views if all your zone files are the
same as you seem to imply. Here we do views specifically because for some
domains the zone files DO need
If you can't arrange for the source address of the nsupdate to fall within the
match-clients of the view, you can always put a TSIG key in the match-clients
for the view, and then sign the update with that key.
-
On 18 March 2015 at 13:30, Konstantin Stefanov cs...@parallel.ru wrote:
It isn't. But maintaining one file is easier. And having to maintain two
after five years everything worked fine with one is annoying.
This highlights the need for a test environment, don't apply untested
updates to
On 18.03.2015 16:55, Steven Carr wrote:
On 18 March 2015 at 13:30, Konstantin Stefanov cs...@parallel.ru wrote:
It isn't. But maintaining one file is easier. And having to maintain two
after five years everything worked fine with one is annoying.
This highlights the need for a test
On 18.03.2015 17:41, /dev/rob0 wrote:
On Wed, Mar 18, 2015 at 11:48:40AM +0300, Constantin Stefanov wrote:
I see why it may lead to problems.
But in fact the configuration with only one writable file
referenced several times is suported now. If I write:
view view1 {
zone
On Wed, Mar 18, 2015 at 11:48:40AM +0300, Constantin Stefanov wrote:
I see why it may lead to problems.
But in fact the configuration with only one writable file
referenced several times is suported now. If I write:
view view1 {
zone aaa.exampe.org {
masters {IP;};
On 18.03.2015 17:18, Matus UHLAR - fantomas wrote:
rOn 18.03.15 17:10, Konstantin Stefanov wrote:
The issue is that named started to detect it since, if I'm not mistaken,
9.7. It happened because such config was leading to bugs, but instead of
fixing the bugs, the whole feature was prohibited.
Finally our secondary's server BIND is working
but not the ping/traceroute tools.
Unless one server is up, ping/traceroute does not work on the secondary DNS.
What do I need to find this issue?
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
God,Queen and
rOn 18.03.15 17:10, Konstantin Stefanov wrote:
The issue is that named started to detect it since, if I'm not mistaken,
9.7. It happened because such config was leading to bugs, but instead of
fixing the bugs, the whole feature was prohibited.
those bugs _were_ fixed: the in-view statement and
In article mailman.1803.1426696022.26362.bind-us...@lists.isc.org,
Jukka Pakkanen jukka.pakka...@qnet.fi wrote:
Are you using IP addresses or domain names when testing? If it works with =
IP address, but not with names, the sec. DNS server is lacking proper DNS s=
ervices itself.
Both name and
On 18.03.2015 18:37, Reindl Harald wrote:
Am 18.03.2015 um 16:31 schrieb Konstantin Stefanov:
I wrote earlier and may repeat again. The feature for me is not using
the same file, the feature is having a clear and maitainable config. In
this case it means to have only one description for a
Are you using IP addresses or domain names when testing? If it works with IP
address, but not with names, the sec. DNS server is lacking proper DNS services
itself.
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of The
Am 18.03.2015 um 16:31 schrieb Konstantin Stefanov:
I wrote earlier and may repeat again. The feature for me is not using
the same file, the feature is having a clear and maitainable config. In
this case it means to have only one description for a zone.
did you ever consider provisioning your
Hi their i need an new ideas for securing the bind dns server for centos 6.6
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
25 matches
Mail list logo