Regexp to match RR's

Hi all, I got some time over so I decide to hack a bit on a DNS management tool for my home-server. I'm curious as to wether someone knows of a list of regexps that can be used to match RR's. Thx /Jonathan ___ bind-users mailing list bind-users@lists.

Re: Round robin load distribution among servers does not work properly

In message <96c8e9660904071112p557840a4kfd85120d7c275...@mail.gmail.com>, Mallappa Pallakke writes: > Hi Mark/Kevin, > > I did the changes you suggested and it worked fine. > > Thanks a lot for all your help. > > Regarding round-robin load sharing instead of random, I have > plann

Re: Windows servers triying to update my zone

On 4/7/2009 8:28 PM, joans4nz wrote: Apr 7 20:04:54 myserver named[67312]: client 172.16.0.146#2186: view interna: update 'mydomain.com/IN ' denied How fix this problem? Either don't use your Windows domain name externally, or ignore the messages. The update is deni

Re: Windows servers triying to update my zone

I'm not clear what you're trying to achieve her but if you don't want the servers to update the zones you're fine as it is. You may want to look at the hosts that is trying to make updates and make changes on those accordingly. If you do want them to be able to update just add allow-update { ip; }

Windows servers triying to update my zone

Hi, I am working as a litle ISP in a building giving service to a few enterprises. All entresprises are using private ip addresses. Only my servers have public ip addresses. In all entreprises exist a dns server that are subdomains of my domain and my dns servers are showing the following logs mes

Re: ip forwarding DNS 9.6.0

In message , myron writes: > I started reading up on Kirk's suggestions of the allow-*** settings. > In the global options level > I put > options { > directory "/etc/dns"; > allow-query-cache { any; }; > allow-query { any; }; > auth-nxdomain yes; > };

Re: [OT] zonedit.com and changing DNS servers from current provider

If your domain was registered by your hosting provider, then they own the domain. You need to gain control of the ns records for the domain. This is usually accomplished by requesting a registrar transfer for your domain into an account that you control. Unfortunately the administrative contact

Re: [OT] zonedit.com and changing DNS servers from current provider

Am 2009-04-06 16:38:17, schrieb Dustin Lovell: > Michelle, > > Do you own the domain? Yes, of course, > If so, the authoritative ns change will need to happen at the > registrar level (Network Solutions, Tucows, etc.). The problem is, that it was registered by my Hosting Provider and not by my

Re: Necessity of DNSSEC Lookaside Validation(DLV)

Chandan Laskar wrote: Hi, We have deployed DNS on RHEL 5 Update 1. Below are feature of our DNS. *1. Implemented OS Security Best Practice ( e.g. Enable MD5 and shadow passwords, Root Login Console Restricted, Configure SSH as an alternative of Telnet e.t.c.). * *2. Configured Openssl Versi

Re: Using TCP for checking

My one caution on this would be you may run into false negatives with TCP if people have misconfigured firewalls. It's surprising the number of people out there that believe TCP is only for xfers. -- -Ben Croswell On Tue, Apr 7, 2009 at 3:17 PM, Mark Elkins wrote: > I'm involved in the CO.ZA

Re: Using TCP for checking

RFC 1123 (Section 6.1.3.2) says "DNS servers MUST be able to service UDP queries and SHOULD be able to service TCP queries.". You, as a registry, may opt to enforce a "must service TCP queries" policy, but if you're checking minimal standards-conformance, UDP is mandatory, TCP is optional, you

Re: Strange DNS Resolution Issues

You should try a 'dig microsoft.com +trace' and see where the problem resides. Pablo Lionel Arturi Maipú 464 - 1° B - 1006 Capital Federal Ciudad Autónoma de Buenos Aires +5411 5218 4829 part...@bairesweb.com - Original Message - From: Revital Gorsht To: bind-users@lists.isc.org

Strange DNS Resolution Issues

Hi all, A few weeks ago, two of several internal DNS servers were suddenly unable to resolve some external sites (eg microsoft.com, yahoo.com), while all internal and other external sites (eg google.com) were resolving fine. Since we couldn't pinpoint the cause, the problem went on for about 5

Using TCP for checking

I'm involved in the CO.ZA Registry. In the process of registering a domain name in the co.za zone - we do a bunch of DNS checks using 'dig'. for each nameserver, a) check that the zone exists (fetch the SOA), b) fetch the NS RRSet count and compare entries. c) if Nameserver inside the dom

Re: Round robin load distribution among servers does not work properly

Hi Mark/Kevin, I did the changes you suggested and it worked fine. Thanks a lot for all your help. Regarding round-robin load sharing instead of random, I have planned to have a dynamic update (nsupdate) triggered at realtime when ever a server goes down or comes up so that there wil

Re: Unreachable IP in allow transfer

At Tue, 07 Apr 2009 12:34:46 -0400, Barry Margolin wrote: > This look more like the result of "masters { 123.123.123.123;}". If a > slave can't connect to the master, it will time out when it tries to > perform a zone transfer. > > I'm not sure why this would cause slow response times, though

Re: rdataset.c:652: REQUIRE(dbp != ((void *)0) && *dbp == ((void *)0)) failed

JINMEI Tatuya / 神明達哉 wrote: At Tue, 07 Apr 2009 07:54:38 +0100, Howard Wilkinson wrote: We have had a failure of one of our BIND installations this morning. The failure happened at 01:51:45 BST on a machine that was effectively idle at the time. The previous messages logged by 'named' we

Re: Unreachable IP in allow transfer

In article , "Hayward, Bruce" wrote: > We were chasing why we were seeing slow responses when busier (running > 9.5.1-P1/Solaris 10). > > =20 > > In our named.conf we had an allow-transfer for IP 123.123.123.123 for > zone fredderf.com (IP/names have been changed to protect the innocent): > >

Re: Trouble configuring forwarders for reverse zones.

On Apr 7, 2009, at 8:37 AM, Callum Millard wrote: //I've tried a variety of versions of this next line: //zone "16/0.0.5.10.in-addr.arpa." //zone "5.10.in-addr.arpa." //zone "0.0.5.10.in-addr.arpa." //Etc., etc. zone "16/0.0.5.10.in-addr.arpa." IN { type forward; forwarders {10.5.

Re: BIND and Solaris rand()

On Apr 7 2009, Stacey Jonathan Marshall wrote: On 04/06/09 16:06, Chris Thompson wrote: It turns out that rand(3c) in even recent Solaris versions returns values in the range 0..32767 only. I suppose this is part of Sun's rather extreme paranoia about backwards compatibility with programs writt

Re: Necessity of DNSSEC Lookaside Validation(DLV)

On Apr 7, 2009, at 9:43 AM, Chandan Laskar wrote: Hi, We have deployed DNS on RHEL 5 Update 1. Below are feature of our DNS. 1. Implemented OS Security Best Practice ( e.g. Enable MD5 and shadow passwords, Root Login Console Restricted, Configure SSH as an alternative of Telnet e.t.c.).

Re: rdataset.c:652: REQUIRE(dbp != ((void *)0) && *dbp == ((void *)0)) failed

At Tue, 07 Apr 2009 07:54:38 +0100, Howard Wilkinson wrote: > We have had a failure of one of our BIND installations this morning. The > failure happened at 01:51:45 BST on a machine that was effectively idle > at the time. > > The previous messages logged by 'named' were 30 seconds before the

Re: nameserver not responding (servfail)

At Tue, 7 Apr 2009 13:47:06 +0800, David Cake wrote: > It loads all domains fine on startup, and sends and receives > notifies, but any attempts to lookup domains from the server itself > seem to fail, returning servfail. Could you be more specific about "any attempts...fail"? Desirably

Trouble configuring forwarders for reverse zones.

First of, apologies for any misuse of terms: it does keep tying me it knots this here DNS business. We're a small-ish educational charity and have the following setup. There are two subnets, 10.5.0.0/16 & 10.6.0.0/16 each with a Windows 2003 server running an MS nameserver. They handle all reque

Necessity of DNSSEC Lookaside Validation(DLV)

Hi, We have deployed DNS on RHEL 5 Update 1. Below are feature of our DNS. 1. Implemented OS Security Best Practice ( e.g. Enable MD5 and shadow passwords, Root Login Console Restricted, Configure SSH as an alternative of Telnet e.t.c.). 2. Configured Openssl Version 0.9.8j. 3. Configured BIN

Unreachable IP in allow transfer

Hi We were chasing why we were seeing slow responses when busier (running 9.5.1-P1/Solaris 10). In our named.conf we had an allow-transfer for IP 123.123.123.123 for zone fredderf.com (IP/names have been changed to protect the innocent): If the IP was not reachable we see a timeout whe

Re: ip forwarding DNS 9.6.0

I started reading up on Kirk's suggestions of the allow-*** settings. In the global options level I put options { directory "/etc/dns"; allow-query-cache { any; }; allow-query { any; }; auth-nxdomain yes; }; and that definitely worked. By no means do I un

Re: BIND and Solaris rand()

On 04/06/09 16:06, Chris Thompson wrote: It turns out that rand(3c) in even recent Solaris versions returns values in the range 0..32767 only. I suppose this is part of Sun's rather extreme paranoia about backwards compatibility with programs written before the flood. rand(3C) - simple random-num

Notify not working with latest Bind

I'm running the latest version of Bind on Fedora 10 32-bit systems in master-slave setup with notify on. Apparently when nsupdates happen, the notify doesn't get sent and transfers don't happen. The slave syncs with master only at regular refresh intervals. This seems like a regression from the

Re: bind 9.4 acache crashes

On 6/4/2009 9:23 μμ, JINMEI Tatuya / 神明達哉 wrote: At Fri, 03 Apr 2009 18:38:01 +0300, Sotiris Tsimbonis wrote: Anyone else seen crashes like these? FWIW, I've never seen any of these. Solaris 10, Bind 9.4.3b2 Logfile: 10-Mar-2009 09:14:19.460 general: socket.c:2739: fatal error: