In message 001501ca5785$257c7220$21011...@china.huawei.com, Ashwin writes:
Hi All,
RFC 2671 mentions in Section 5.3
Responders who do not understand these protocol extensions are
expected to send a response with RCODE NOTIMPL, FORMERR, or
SERVFAIL.
However the above mentioned error
In message 001501ca5785$257c7220$21011...@china.huawei.com, Ashwin writes:
Hi All,
RFC 2671 mentions in Section 5.3
Responders who do not understand these protocol extensions are
expected to send a response with RCODE NOTIMPL, FORMERR, or
SERVFAIL.
However the above mentioned error
It's not a perfect world. Even getting back a EDNS response does not
indicate that the server understands EDNS.
In message 002301ca579c$56deb0f0$21011...@china.huawei.com, Ashwin writes:
In message 001501ca5785$257c7220$21011...@china.huawei.com, Ashwin writes:
Hi All,
RFC 2671
Hi!
On some of our (linux based) DNS server's the BIND just hangs; the combination
was fairly old hardware and fairly new OS/BIND. Couldn't figure it out either
until I came up with https://www.isc.org/node/302.
At least you could try it, I found no harm on setting the
Hello,
There are few websites that our DNS (BIND 9.4.2 on CentOS 5) is not
resolving while others like 4.2.2.2 does, I wonder what could be the reasons
for this?
Regards,
Alans
___
bind-users mailing list
bind-users@lists.isc.org
Just simple question.
I'm setting up slave dns server, my question, is do I need to transfer Reverse
zone
too ? or just domain zone is enough?
thank you for any help
___
bind-users mailing list
bind-users@lists.isc.org
Justin Shore wrote:
The boxes are running fairly old Bind code, 9.5.1b2. Tomorrow I will
upgrade to 9.6.1rc1 (unless people believe 9.7.0b1 is ready for use).
I would recommend not using beta or release candidate code in your
deployment. If you want something that will stand up to customer
On Tue, Oct 20, 2009 at 08:29:20PM +,
Evan Hunt e...@isc.org wrote
a message of 836 lines which said:
BIND 9.7.0b1 is now available.
Apparently, support for the new algorithms RSASHA256 and RSASHA512 is
not included? Is it planned for 9.7 or shall I wait 9.8?
%
Nikkilä wrote:
Hi!
On some of our (linux based) DNS server's the BIND just hangs; the combination
was fairly old hardware and fairly new OS/BIND. Couldn't figure it out either
until I came up with https://www.isc.org/node/302.
At least you could try it, I found no harm on setting the
On Oct 28 2009, Evan Hunt wrote:
Apparently, support for the new algorithms RSASHA256 and RSASHA512 is
not included? Is it planned for 9.7 or shall I wait 9.8?
That will be in 9.7.0b2.
You aren't going to wait for the RFC? - it doesn't seem to be out yet.
Or maybe you are predicting that it
On Wed, Oct 28, 2009 at 03:17:54PM +,
Chris Thompson c...@cam.ac.uk wrote
a message of 13 lines which said:
You aren't going to wait for the RFC?
It is in AUTH48 (the last step before publication, theoretically
meaning that the people involved have 48 h to make remarks).
After all,
Hello BIND users,
I have setup a new Ubuntu 9.04 server with BIND9.
I have looked at a few tutorial and how tos like this one:
https://help.ubuntu.com/community/BIND9ServerHowto
but would like to get your tips and tricks to secure your BIND servers
before putting it into production.
On Wed, Oct 28, 2009 at 11:27 AM, NéoSynergix | Martin Dubreuil
martin.dubre...@neosynergix.com wrote:
but would like to get your tips and tricks to secure your BIND servers
before putting it into production.
A little vague here. You haven't defined what your intentions are. Is
this an
Yes sorry,
This DNS server is only to resolve our local hosted domain names -
authoritative only server
- WITH no recursion
-Original Message-
From: Rick Dicaire [mailto:kri...@gmail.com]
Sent: 28 octobre 2009 12:01
To: martin.dubre...@neosynergix.com
Cc: bind-users@lists.isc.org
Alans,
Why would you use Google to determine whether a web site is up or not?
It's not even clear to me that you're having a DNS problem. It's rather
bad practice to have lots of reverse-records in the DNS for a given
address (e.g. 96.31.75.113), and can even cause problems with oversized
アルベルト wrote:
Just simple question.
I'm setting up slave dns server, my question, is do I need to transfer Reverse
zone
too ? or just domain zone is enough?
Sort of impossible to answer, without more information.
Why did you set up a slave server in the first place? Redundancy?
On 28.10.09 11:27, NéoSynergix | Martin Dubreuil wrote:
I have setup a new Ubuntu 9.04 server with BIND9.
but would like to get your tips and tricks to secure your BIND servers
before putting it into production.
What do you mean secure?
Default installation should not allowanything that
Hello BIND users,
I have setup a new Ubuntu 9.04 server with BIND9.
I have looked at a few tutorial and how to's like this one:
https://help.ubuntu.com/community/BIND9ServerHowto
but would like to get your tips and tricks to secure
Yeah, look it over, but take the zone-transfer restrictions and
version-obfuscation stuff with a bit of a grain of salt. Those parts are
a little too PHSCSE (Pointy-Haired So-Called Security Expert)-ish for my
tastes, verging on Theater. At least they finally got rid of the bogon
stuff.
You aren't going to wait for the RFC? - it doesn't seem to be out yet.
Or maybe you are predicting that it will be out before 9.7.0b2 is...
It's out now (RFC 5702), so this is a moot point--but we were mainly
waiting for IANA to pick the final codepoints, not so much for the
RFC to be
In article mailman.799.1256720493.14796.bind-us...@lists.isc.org,
$B%%k%Y%k%H(B dziu...@kdl.co.jp wrote:
Just simple question.
I'm setting up slave dns server, my question, is do I need to transfer
Reverse zone
too ? or just domain zone is enough?
thank you for any help
You need to
On Oct 28 2009, Evan Hunt wrote:
You aren't going to wait for the RFC? - it doesn't seem to be out yet.
Or maybe you are predicting that it will be out before 9.7.0b2 is...
It's out now (RFC 5702), so this is a moot point--but we were mainly
waiting for IANA to pick the final codepoints, not
Will you be adding RSASHA256 support in the 9.5.x and 9.6.x series? It
might be a bit optimistic to expect everyone to move to 9.7.x by 2010-07-01,
if that's when the root zone is going to be *really* signed (with RSASHA256,
according to current reports).
Not 9.5.x, as it lacks NSEC3
HI,
I have already analysis where to add new RR,and how to make it works.
But i don't contact automake tool before, so reading so large configure
and makefiles make me feel so bad. I try to understand ,but it just myself
alone to do this , so anyone can give some guide how to debug the
In message e1b1ab9e0910281921j612d2982le3170b6dc3d60...@mail.gmail.com, aihua
zhang writes:
HI,
I have already analysis where to add new RR,and how to make it works.
But i don't contact automake tool before, so reading so large configure
and makefiles make me feel so bad. I try to
25 matches
Mail list logo