In message <20090730174054.h23...@gwyn.tux.org>, Joseph S D Yao writes:
> I assume someone can answer this; but Google has not been able to be my
> friend on this one.
>
> In dig(1), the '-k' option is said to require a "TSIG key file" as an
> option. I have a TSIG file with a comment header and
Hello,
I'm having a problem with bind 9.4.3-P3 . The last version I built on this
system was 9.4.2-P2 and that still builds ok.
System info
[root unix]# rpm -qf /usr/include/linux/prctl.h
kernel-headers-2.2.16C37_III-1
glibc-2.1.3
gcc-2.95
The Error
make[3]: Entering directory
`/home/redhat
I don't think buddha cares much for bind.
cheers
joe baptista
On Thu, Jul 30, 2009 at 2:26 PM, fakessh wrote:
> nb : "Buddha" peace themselve
>
> On Thu, 30 Jul 2009 13:41:17 -0400, Joe Baptista
> wrote:
> > You guys get excited over small potatoes. There are hundreds of millions
> of
> > pote
Mandriva 2009.1 Bind 9.6.0-P1. Mandriva downloaded a security update
this morning for Bind. When restarting I noticed the above line in my
syslog. Running
[r...@localhost ~]# named-checkconf -z
/etc/named.conf:17: open: /etc/bogon_acl.conf: file not found
The permissions for the files in /var/lib
I assume someone can answer this; but Google has not been able to be my
friend on this one.
In dig(1), the '-k' option is said to require a "TSIG key file" as an
option. I have a TSIG file with a comment header and the following:
key mynet. { algorithm hmac-md5; secret "Ain/tGonnaTellNoWay=="; }
On Mon, Jul 27, 2009 at 11:36 AM, Richard wrote:
> (This problem involves bind, but it's not about bind strictly
> speaking. Is there a general DNS discussion list somewhere? If so,
> please direct me.)
dns-operations might come reasonably close. Historically, this list
used to be 'the' place, b
Uh, OK. Thanks for that.
So, how can I confirm that my formerly "caching only" DNS server is now
fetching records from transferred zone files?
TIA
--
Rob
On Wed, Jul 29, 2009 at 12:31 PM, Kevin Darcy wrote:
> The +trace option *forces* dig to step through each level of the hierarchy.
>
> Therefo
nb : "Buddha" peace themselve
On Thu, 30 Jul 2009 13:41:17 -0400, Joe Baptista
wrote:
> You guys get excited over small potatoes. There are hundreds of millions
of
> potential DLV RRsets. This is not even a drop in the bucket.
>
> cheers
> joe baptista
>
> p.s. this message does not imply i sup
Mark Andrews wrote:
-4 shuts down any v6 service. We would like BIND to be able to *reply*
to v6 queries without *generating* them. (For the record, I have the
same issue than Gilles.)
>
> ::/0 -> NULL
> ULA::/48 -> default router
>
> Would allow ula local tra
You guys get excited over small potatoes. There are hundreds of millions of
potential DLV RRsets. This is not even a drop in the bucket.
cheers
joe baptista
p.s. this message does not imply i support dnssec deployment. dnscurve is
the solution to our woes http://bit.ly/pJVq4
On Thu, Jul 30, 2009
[In a message on Thu, 30 Jul 2009 09:08:05 +0200,
"Stephane Bortzmeyer" wrote:]
>
>How many people checked them? Probably not a lot since I did not saw
>reports "BIND releases corrupted!". It tells a lot about Internet
>security. And makes me seriously worry for the future when DNSSEC will
>be
> How many people checked them? Probably not a lot since I did not saw
> reports "BIND releases corrupted!". It tells a lot about Internet
> security. And makes me seriously worry for the future when DNSSEC will
> be deployed...
We received several private reports of the error.
I checked them my
Tech W. escreveu:
--- On Tue, 28/7/09, Stephane Bortzmeyer wrote:
what's the use of bind's tcp port 53?
DNS requests and responses.
oh, I was always thinking dns requests and responses are going with udp
protocal. under what condition it uses tcp protocal?
Try this: "dig
[You'll find a mighty strange web page if you google for that subject,
but I couldn't resist...]
On 30 July 2008, dlv.isc.org had 113 DLV RRsets
On 30 July 2009, dlv.isc.org had 791 DLV RRsets
(and I didn't cheat! it came out exactly 7x)
So, will we see another 7x increase by 30 July 2010, or w
Hi,
I have updated BIND from 9.4.2-P2 to 9.4.3-P3 to mitigate the Dynamic Update
DOS attack. I have noted a lot of errors from socket.c (which I have never
seen before with v9.4.2)
Jul 30 06:25:18 DNS1 named[2]: socket.c:4524: unexpected error:
Jul 30 06:25:18 DNS1 named[2]: 22/Invalid arg
Alans escreveu:
Hi,
I'm new to dnstop, what is really matter, is it *new queries* or *total*?
The *total* is the counter of queries since you start dnstop.
The *new queries* is the counter after you refresh with other option.
--
Ats,
Breno S. Soares
Analista de Redes
SERPRO/SUPRE/REBHE
In message <20090730144610.gb22...@fantomas.sk>, Matus UHLAR - fantomas writes:
> > In message <20090730141131.ga30...@nic.fr>, Stephane Bortzmeyer writes:
> > > On Thu, Jul 30, 2009 at 03:57:16PM +0200,
> > > JINMEI Tatuya / wrote
> > > a message of 25 lines which said:
> > >
> > > > I
> On Jul 30 2009, Stephane Bortzmeyer wrote:
>> -4 shuts down any v6 service. We would like BIND to be able to *reply*
>> to v6 queries without *generating* them. (For the record, I have the
>> same issue than Gilles.)
On 30.07.09 15:46, Chris Thompson wrote:
> Would
>
> server ::/0 { bogus yes;
No, I guess not :)
Thanks. I looked for something like that, but my google-fu was lacking.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
> -Original Message-
> Fr
On Jul 30 2009, Stephane Bortzmeyer wrote:
On Thu, Jul 30, 2009 at 03:57:16PM +0200,
JINMEI Tatuya / wrote
a message of 25 lines which said:
I personally don't see a need for it (what's wrong with -4/-6?)
-4 shuts down any v6 service. We would like BIND to be able to *reply*
to v6 qu
> In message <20090730141131.ga30...@nic.fr>, Stephane Bortzmeyer writes:
> > On Thu, Jul 30, 2009 at 03:57:16PM +0200,
> > JINMEI Tatuya / wrote
> > a message of 25 lines which said:
> >
> > > I personally don't see a need for it (what's wrong with -4/-6?)
> >
> > -4 shuts down any v6 s
On 30.07.09 10:35, Matthew Huff wrote:
> Is there any way to disable BIND from loading the automatic empty zones
> (D.F.IP6.APRA, etc...). They are being generated even with the -4 command
> line.
have you looked at the disable-empty-zone configuration directive?
--
Matus UHLAR - fantomas, uh...
Is there any way to disable BIND from loading the automatic empty zones
(D.F.IP6.APRA, etc...). They are being generated even with the -4 command
line.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhu
In message <20090730141131.ga30...@nic.fr>, Stephane Bortzmeyer writes:
> On Thu, Jul 30, 2009 at 03:57:16PM +0200,
> JINMEI Tatuya / wrote
> a message of 25 lines which said:
>
> > I personally don't see a need for it (what's wrong with -4/-6?)
>
> -4 shuts down any v6 service. We woul
JINMEI Tatuya / 神明達哉 wrote:
Is there a way to prevent Bind (9.6) from using ipv6 transport for
making queries, by an entry in the config file rather than by 'named -4'?
>>> No.
>> Ok, thanks.
>>
>> In that case I would humbly suggest to enhance the syntax of
>> query-source[-6v] and tran
On Thu, Jul 30, 2009 at 03:57:16PM +0200,
JINMEI Tatuya / wrote
a message of 25 lines which said:
> I personally don't see a need for it (what's wrong with -4/-6?)
-4 shuts down any v6 service. We would like BIND to be able to *reply*
to v6 queries without *generating* them. (For the rec
At Thu, 30 Jul 2009 12:10:14 +0200,
Gilles Massen wrote:
> >> Is there a way to prevent Bind (9.6) from using ipv6 transport for
> >> making queries, by an entry in the config file rather than by 'named -4'?
> >
> > No.
>
> Ok, thanks.
>
> In that case I would humbly suggest to enhance the syn
On Thu, Jul 30, 2009 at 10:15:42AM +0300,
Alans wrote
a message of 141 lines which said:
> And in the table the first record in both Source and Destination is
> the local ip of the DNS server itself, is it fine?
Yes, if you use both -Q and -R.
If you use -Q (the default), your name server wi
On Jul 30 2009, Danny Mayer wrote:
Chris Thompson wrote:
On Jul 28 2009, sth...@nethelp.no wrote:
% dig +short a dns3.potomacnetworks.com @a.gtld-servers.net
216.250.243.230
As long as that host record exists, with an IP different from what
your authoritative servers reply with, you are goin
JINMEI Tatuya / 神明達哉 wrote:
>> Is there a way to prevent Bind (9.6) from using ipv6 transport for
>> making queries, by an entry in the config file rather than by 'named -4'?
>
> No.
Ok, thanks.
In that case I would humbly suggest to enhance the syntax of
query-source[-6v] and transfer-source[-
At Thu, 30 Jul 2009 09:02:51 +0200,
Gilles Massen wrote:
> Is there a way to prevent Bind (9.6) from using ipv6 transport for
> making queries, by an entry in the config file rather than by 'named -4'?
No.
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
On Jul 29 2009, Kevin Darcy wrote:
Danny Mayer wrote:
[...]
Not true. For a Domain alias use a DNAME:
mydomain.com. IN DNAME otherdomain.com.
Bearing in mind that the OP asked specifically about creation of CNAMEs,
which part is "not true"?
Especially as a DNAME does not redire
In message <20090730070805.ga1...@nic.fr>, Stephane Bortzmeyer writes:
> On Wed, Jul 29, 2009 at 04:25:18PM +,
> Evan Hunt wrote
> a message of 16 lines which said:
>
> > Due to a combination of circumstances, including extreme rush and
> > the usual signer of our releases being away at I
>> Is there a way to prevent Bind (9.6) from using ipv6 transport for
>> making queries, by an entry in the config file rather than by
>> 'named -4'?
>>
> Well, i think that is OS-specific issue than bind issue. At once,
> that was discussed in here, i remember. Ask to Mark.
I don't think it's
On 29.07.09 22:37, Abello, Vinny wrote:
> Considering 2003, 2003 R2, 2008, and 2008 R2 (technically done, but will
> officially release in October) have been released, I don't think dropping
> support for an ancient operating system from 9.5 years ago and roughly 3
> prior generations that the vend
Gilles Massen writes:
> Hello,
>
> Is there a way to prevent Bind (9.6) from using ipv6 transport for
> making queries, by an entry in the config file rather than by 'named -4'?
>
> I wasn't able to find anything in the ARM, but maybe I missed something...
Well, i think that is OS-specific issue
I collect statistics data via the http interface and parse the XML file.
There are some differences of the layout of the XML result between
Bind9.5 and Bind9.6.
Is there an option or configuration parameter that allows to control the
XML format?
The resstat counters are no longer in the "serv
Hi,
I'm new to dnstop, what is really matter, is it new queries or total?
And in the table the first record in both Source and Destination is the
local ip of the DNS server itself, is it fine?
Also, what is there any monitoring tools beside dnstop?
Regards,
Alans
___
On Wed, Jul 29, 2009 at 04:25:18PM +,
Evan Hunt wrote
a message of 16 lines which said:
> Due to a combination of circumstances, including extreme rush and
> the usual signer of our releases being away at IETF, we accidentally
> signed yesterday's BIND 9 patch releases (9.4.3-P3, 9.5.1-P3,
Hello,
Is there a way to prevent Bind (9.6) from using ipv6 transport for
making queries, by an entry in the config file rather than by 'named -4'?
I wasn't able to find anything in the ARM, but maybe I missed something...
Best,
Gilles
--
Fondation RESTENA - DNS-LU
6, rue Coudenhove-Kalergi
L-
On Tue, Jul 28, 2009 at 09:05:44PM +0100,
Chris Thompson wrote
a message of 24 lines which said:
> This is the wretched "glue promoted to answer" bug (we can call it a
> bug by now, surely?) which we are assured that the GTLD servers will
> be cured of this year, next year, sometime, or ...
N
On Tue, Jul 28, 2009 at 10:40:53AM -0400,
Richard Michael wrote
a message of 60 lines which said:
> > Indeed, lastminute.com's name servers are severely broken.
>
> By this, do you mean the SOA record in the response is incorrect?
Yes.
> the SOA for their own domain
Yes. The authority sec
42 matches
Mail list logo
