Forgive me if this has been asked before -
I'm trying to set up bind to have A records for a zone, but forward
requests for that zone to another known server if lookups fail.
For example, on my server, I would create a record for the zone
example.com:
server IN A 10.0.1.1
But I also
Mark Andrews writes:
>
> In message <49a755bf.9030...@chrysler.com>, Kevin Darcy writes:
> > Matus UHLAR - fantomas wrote:
> > >> Mark Andrews wrote:
> > >>
> > >>> When does it stop? What will be the next character you
> > >>> "just have to have"? At the moment you have 1
In message <49a755bf.9030...@chrysler.com>, Kevin Darcy writes:
> Matus UHLAR - fantomas wrote:
> >> Mark Andrews wrote:
> >>
> >>> When does it stop? What will be the next character you
> >>> "just have to have"? At the moment you have 1 inter label
> >>> seperator and 1 intra label
Matus UHLAR - fantomas wrote:
Mark Andrews wrote:
When does it stop? What will be the next character you
"just have to have"? At the moment you have 1 inter label
seperator and 1 intra label seperator. That should be
enough for anyone.
On 25.02.09
I find a more direct approach is to just use the tools.ietf.org site
when looking up RFCs. It is is less authoritative, but pretty trustworthy.
For example, browing to http://tools.ietf.org/html/rfc1034 will show at
the page top all the RFCs which update RFC 1034. If the RFC was
obsoleted by ano
Hello,
I need to change the primary DNS server which manage hundreds of domains.
I've setup the new machine so that it has the correct named
configuration for each domains (script generated).
I plan to change the IP behind the ns0.mydomain.com so that it
points to the new machine.
As I
I have been talked with getting named with DLZ support on Red Hat 5.2
Enterprise. I have never worked on Red Hat or with RPM, can someone
point me to the rpm I need? Any other basic pointers?
I was thinking to just build it out myself, but if there is a
confident stable rpm, I might as we
In message , "Mike
Bernhardt" writes:
> Another wrinkle: RFC 1035 states "The labels must follow the rules for
> ARPANET host names. They must start with a letter, end with a letter or
> digit, and have as interior characters only letters, digits, and hyphen.
> There are also some restrictions o
Try creating a zone file _xmpp_client._tcp.example.com and put the SRV record
in there. Treat the host as an entire domain.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
Hello,
I'm trying to configure BIND to add some records to a domain that I
don't control, so that anybody who uses my nameserver will have the
additional records. Specifically, I'm trying to add xmpp SRV records
so our jabber infrastructure that uses our nameserver can contact a
handful
For Solaris9 kernal tunables, this may help:
http://docs.sun.com/app/docs/doc/816-7137/6md5pauj7?l=en&a=view
But note that in my experience BIND 9.4.x will not use these OS limits, but
what how many FDs have compiled BIND with.
For our purposes, 9.5.1b2 worked great on Solaris9
We are now runnin
Matthew Pounsett wrote:
>
> On 25-Feb-2009, at 16:46, Mike Bernhardt wrote:
>
>> So what is the accepted view on this currently? Is there another RFC that
>> has made it OK now?
>
> I'm not going to say this definitively, because I'm not certain, but I
> think 952 may have been updated by a late
Sorry. Yes I meant /etc/system file.
--- On Thu, 2/26/09, Linux Addict wrote:
> From: Linux Addict
> Subject: Re: DNS server can resolve some domains - BIND 9.4.2-P1
> To: prana9...@yahoo.com
> Cc: comp-protocols-dns-b...@isc.org, sergiot...@gmail.com
> Date: Thursday, February 26, 2009, 12:18
On Thu, Feb 26, 2009 at 1:11 PM, Prabhat Rana wrote:
>
> Also you may want to increase the File descriptor limits in /etc/service
> file
> * Set File descriptor (FD) limits
> set rlim_fd_max=
>
Its /etc/system
>
>
> --- On Thu, 2/26/09, JINMEI Tatuya / 神明達哉 wrote:
>
> > From: JINMEI Tatuya /
Also you may want to increase the File descriptor limits in /etc/service file
* Set File descriptor (FD) limits
set rlim_fd_max=
--- On Thu, 2/26/09, JINMEI Tatuya / 神明達哉 wrote:
> From: JINMEI Tatuya / 神明達哉
> Subject: Re: DNS server can resolve some domains - BIND 9.4.2-P1
> To: comp-protoco
So, before I'm allowed to even think about 9.4.3-P1, because of the
outage we experienced 9.4.2-P2, I need to run through a full test
suite/load testing in my lab. I am trying to find a succinct list of
the differences between 9.4.2-P2 and 9.4.3-P1 so I know where I should
be focusing my testing.
Another wrinkle: RFC 1035 states "The labels must follow the rules for
ARPANET host names. They must start with a letter, end with a letter or
digit, and have as interior characters only letters, digits, and hyphen.
There are also some restrictions on the length. Labels must be 63
characters or l
Ha ha, I forgot about the root servers. Thanks to a couple of you for the
clarification.
-Original Message-
From: Evan Hunt [mailto:evan_h...@isc.org]
Sent: Wednesday, February 25, 2009 2:15 PM
To: Mike Bernhardt
Cc: bind-users@lists.isc.org
Subject: Re: single-character host names
> Cer
The point in the ACL is it allows you to grow the list of servers
without cluttering up the Options section.
-Original Message-
From: Prabhat Rana [mailto:prana9...@yahoo.com]
Sent: Thursday, February 26, 2009 12:43 PM
To: Eric C. Davis; Jeff Lightner
Cc: bind-users@lists.isc.org
Subject:
At Wed, 25 Feb 2009 12:27:29 -0800 (PST),
sergiot...@gmail.com wrote:
>
> I have a server installed, with Solaris 9 and BIND 9.4.2-P1, 1 week
> ago, i began to receive some messages in the message logs:
>
> 25-Feb-2009 15:30:35.826 general: error: socket: too many open file
> descriptors
> 25-Feb
At Thu, 26 Feb 2009 07:58:29 -0600,
Timothy Holtzen wrote:
> No it is a single processor on both production and test systems.
> Production is an Opteron and the test system is an Athlon64 but both are
> single core processors. Just to be sure I did a configured with a
> --disable-threads on the
Thanks Eric. Using blackhole option sounds like feasible option to block a IP
address. Instead of using the acl can I just use the option blackhole
blackhole { xx.xx.xx.xx; };
The idea is to user file::tail perl module in a script to tail the stat file
continuously and if the condition occurs
How about writing a firewall rule on the fly to block connections from that IP?
>>> Prabhat Rana 2/26/2009 9:18 AM >>>
Hello,
I have BIND 9.5running on a Solaris10 box. It provides recursive DNS service.
I'm trying to implement a script where it reads the BIND stats file for all the
incoming
That being said you CAN do what you asked:
Create an ACL in named.conf:
# Blackhats ACL - zones to be used in blackhole statement - will prevent
# them from being allowed to query and will not respond to them.
acl "blackhats" {
xx.xx.xx.xx;
};
(Where you put the specific IP in place of
It is better do this with a real IPS rather than use your DNS server to
do this. You should avoid having any unwanted traffic hit you DNS
servers ever.
Eric
Prabhat Rana wrote:
Hello,
I have BIND 9.5running on a Solaris10 box. It provides recursive DNS service.
I'm trying to implement a scri
Hello,
I have BIND 9.5running on a Solaris10 box. It provides recursive DNS service.
I'm trying to implement a script where it reads the BIND stats file for all the
incoming queries and if there are too many queries from a single user (source
IP) it will block queries from that particular IP. I
First of all Jeremy thank you for answering my question.
I have mistyped the digits.. its 9.3.5-P2 ..
After hours of testing, we found out that the rndc does the check of zone files
beeing changed through the modify statistics of a file (zone file).
Their was a to big time difference between th
Hi.
I have a server installed, with Solaris 9 and BIND 9.4.2-P1, 1 week
ago, i began to receive some messages in the message logs:
25-Feb-2009 15:30:35.826 general: error: socket: too many open file
descriptors
25-Feb-2009 15:30:35.827 general: error: socket: too many open file
descriptors
25-Feb
No it is a single processor on both production and test systems.
Production is an Opteron and the test system is an Athlon64 but both are
single core processors. Just to be sure I did a configured with a
--disable-threads on the test system and tried again. Testing still
triggers the exception w
* El Wed, Feb 25, 2009 at 02:39:51PM +0100, escribiste:
> Hello,
>
> I have an issue with 9.5.3 on which I see that bind does a reload of the
> named.conf but does not reload the include files which are in named.conf
>
> Situation:
> I do an add or change of name / ip in Plesk, plesk nicely rsy
> Mark Andrews wrote:
> > When does it stop? What will be the next character you
> > "just have to have"? At the moment you have 1 inter label
> > seperator and 1 intra label seperator. That should be
> > enough for anyone.
On 25.02.09 08:49, Peter Laws wrote:
> Like 640k of mem
On 25.02.09 00:31, shulkae wrote:
> My customer requested to add multiple IPs to a single name so that he
> can use the round-robin feature of BIND to load-balance the service.
>
> The entry we added looks something as below:
>
> # more db.myzone
> ..
> ..
> ws
What is this? some specialized
32 matches
Mail list logo