new version of bind
Hi, I am sysadmin of one of the leading ISPs of Saudi Arabia, I am going to upgrade the bind which is from BIND 9.3.4-P1 to the latest one, so please can any one confirm that the latest BIND 9.6.0-P1 can be helpful in ISP's environment. As I have experienced some issues earlier when I installed the BIND 9.5.1-P2 version, such as problem in opening the websites and slow browsing issues etc... Ejaz ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: new version of bind
Those issues you describe are likely not related to the version, rather the configuration. Should you suffer those symptoms again, post their description and your config here and we¹ll try to help out as best we can :) When upgrading anything of value I would suggest trying it on a test system. Luckily with BIND, that should be fairly easy. Depending on how you feel, this might be an opportunity to clean up an old config. If not, then you can use your existing config and test how the upgrade will affect it without causing your company problems. confirm that the latest BIND 9.6.0-P1 can be helpful in ISP¹s environment Yes it can be helpful for an ISP. Check out the announcement with each major release for full details. But significantly, 9.6 will contain a lot more DNSSEC support/features than 9.3.4. Here is a very brief page with the highlights: https://www.isc.org/software/bind/new-features Also note that 9.3.4 is no longer a current release. On 8/6/09 1:00 PM, Mohammed Ejaz me...@cyberia.net.sa wrote: Hi, I am sysadmin of one of the leading ISPs of Saudi Arabia, I am going to upgrade the bind which is from BIND 9.3.4-P1 to the latest one, so please can any one confirm that the latest BIND 9.6.0-P1 can be helpful in ISP¹s environment. As I have experienced some issues earlier when I installed the BIND 9.5.1-P2 version, such as problem in opening the websites and slow browsing issues etc... Ejaz ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Kal Feher ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Single Zone Forwarding Dilema
First you should check that you can receive a valid response for the intended zone from your forwarders (from your caching server) not from your pc. It wasn't clear from your initial email that this is what you did. yourcacheserver ~ # dig @forwarder_address A host.fwd.zone.net Although it may seem appropriate to mask the domain you are looking up. It does make solving your problem quite difficult. If the above test works yet other queries fail, I would suggest providing the full result of a: yourlocalpc ~ # dig @yourcacheserver A host.fwd.zone.net You may also wish to provide the query logs for this query. On 8/6/09 4:01 PM, Matus UHLAR - fantomas uh...@fantomas.sk wrote: On 06.06.09 01:10, Ben Croswell wrote: If you want to force forwarding you will probably want to add the forward only; directive. By default your server will try to follow NS delegations and then forward if it can't follow them I think it's the opposite - the server will try to query the configured forwarders first, then to continus in usual NS resolution. Forward only; tells it to not even bother trying to follow NS delegations. and thus I recomment not to use this for public zones - if the forwarders are unavailable or from some reason can't answer, the classic resolution will be used. I guess the configured forwarders have one of these problems -- Kal Feher ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Delegation of already loading zones?
Good day, Looking through configuration of one of my servers (ns01.local), I have example.com loading, and test.example.com loading. In example.com, someone has delegated test.example.com back to the server: test.example.comIN NS ns01.local Since I am loading test.example.com specifically, that delegation appears redundant. Are there cases where that delegation is required? Is there a standard that says I should do that for all zones I'm loading that are subzones of another zone I'm loading? Is this just an oddball configuration that should be cleaned up? Thanks, Todd. - This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
2GB Memory Limits on Solaris 10
Hello, I am running several Bind 9.6.0-P1 DNS resolvers on Solaris 10. The largest does around 2500 queries/second at peak times. They are configured with --enable-largefile support. About once a month I am having a problem with the largest resolvers breaking when the named process hits 2GB. I've logged a few different errors including file descriptor limits which I increased when that happened, to increasing the option for max-cache-size, to my current errors such as ns_client_replace() failed: out of memory. The servers have 8GB of physical memory. I am OK with telling bind to use an unlimited amount of resources or specifying a double in the current maximum up to 4GB. Would it be possible for someone to provide a full list of all of the named.conf options that I need to specify in named.conf and increase from the default settings? I've been fixing these errors one at a time for a while now and I really can't afford to keep troubleshooting this problem by waiting for new errors to happen. Thank you for your time, -Raymond ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: 2GB Memory Limits on Solaris 10
enable-largefile support turns on 64 bit filesystem, but not 64 bit memory. Normally under Solaris even a 32 bit process should be able to use the full 4GB address space (or at least 3.5-3.8GB). Try checking your ulimits in the script that starts the process. BTW, by default the named process even on a 64 bit system is compiled in 32 bit mode. The main reason is that any other libraries it might use (openssl, etc) will also need to have 64 bit versions. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http:// http://www.otaotr.com/ www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Raymond Popowich Sent: Monday, June 08, 2009 3:35 PM To: bind-users@lists.isc.org Subject: 2GB Memory Limits on Solaris 10 Hello, I am running several Bind 9.6.0-P1 DNS resolvers on Solaris 10. The largest does around 2500 queries/second at peak times. They are configured with --enable-largefile support. About once a month I am having a problem with the largest resolvers breaking when the named process hits 2GB. I've logged a few different errors including file descriptor limits which I increased when that happened, to increasing the option for max-cache-size, to my current errors such as ns_client_replace() failed: out of memory. The servers have 8GB of physical memory. I am OK with telling bind to use an unlimited amount of resources or specifying a double in the current maximum up to 4GB. Would it be possible for someone to provide a full list of all of the named.conf options that I need to specify in named.conf and increase from the default settings? I've been fixing these errors one at a time for a while now and I really can't afford to keep troubleshooting this problem by waiting for new errors to happen. Thank you for your time, -Raymond image001.jpg Matthew Huff.vcf Description: Binary data smime.p7s Description: S/MIME cryptographic signature ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users