In article mailman.1172.1271358692.21153.bind-us...@lists.isc.org,
Gregory Hicks ghi...@hicks-net.net wrote:
Date: Thu, 15 Apr 2010 14:25:35 -0400
Subject: Re: logging forwarding reqs
From: Jonathan Reed jreed...@gmail.com
To: bind-users@lists.isc.org
But I am still unable to
Greg,
Usually we use forwarders so we don't always have to bother root
servers.
Because our ISP's deals with great amount of requests from all the
clients, probably most of your new requests are already in their cache
and it's much faster than query a root server, because it's on the same
Did I misread your original problem? I thought you said it worked if
you had only one of the nameservers in resolv.conf. You didn't state
but I assume (that word again) that you meant if either of your
nameservers was there by itself it worked?
Why would a recursion issue not come into play
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Do I need to allow UDP/500 packets (ISAKMP) to my bind DNS servers for DNSSEC?
I've been seeing a lot of UDP/500 attempts from the general internet
to my public DNS servers, and can't figure out why. The Wikipedia page
for DNSSEC doesn't mention anything about ISAKMP or VPN tunnels.
--
deny ip
On 4/16/2010 9:49 AM, Deny IP Any Any wrote:
Do I need to allow UDP/500 packets (ISAKMP) to my bind DNS servers for DNSSEC?
I've been seeing a lot of UDP/500 attempts from the general internet
to my public DNS servers, and can't figure out why. The Wikipedia page
for DNSSEC doesn't mention
On Fri, 16 Apr 2010, Deny IP Any Any wrote:
Do I need to allow UDP/500 packets (ISAKMP) to my bind DNS servers for DNSSEC?
I've been seeing a lot of UDP/500 attempts from the general internet
to my public DNS servers, and can't figure out why. The Wikipedia page
for DNSSEC doesn't mention
I did some timings with BIND 9.6.1-P3 and 9.7.0-P1 on two servers:
SunOS 5.9 sun4u sparc SUNW,Sun-Blade-1500 (old hardware)
Ubuntu hardy x86_64 GNU/Linux (more modern hardware)
I had noticed long times for rndc reload to complete, and I wanted to
see if 9.6.1-P3 was
DNSSEC and ISAKMP are not related.
Well, that's no longer entirely true... AIUI Microsoft seem to have
decided that in their DNSSEC implementation they will use IPsec (and
hence IKE with GSS-API) to secure communications from the client to
the validating resolver (rather than using GSS-TSIG,
In message ff38bba1bf42ab46a7f46524614fab62024c1...@exvs02.dsw.net, Lightner
, Jeff writes:
Did I misread your original problem? I thought you said it worked if
you had only one of the nameservers in resolv.conf. You didn't state
but I assume (that word again) that you meant if either of
On 4/16/2010 4:03 PM, Roy Badami wrote:
DNSSEC and ISAKMP are not related.
Well, that's no longer entirely true... AIUI Microsoft seem to have
decided that in their DNSSEC implementation they will use IPsec (and
hence IKE with GSS-API) to secure communications from the client to
the
In article mailman.1185.1271408848.21153.bind-us...@lists.isc.org,
Nuno Paquete nunopaqu...@lusocargo.pt wrote:
Greg,
Usually we use forwarders so we don't always have to bother root
servers.
You only bother the root servers when the TLD's NS records aren't in
cache. Since these NS
12 matches
Mail list logo