Can u tell me how to do this ?
If you enable query log, you might be able to see if it's actually
serving queries at that time.
I mean "it hang" is named process is still running but it cannot respond any
lookup query. CPU is almost at low rate 5-6 % or lower. It's both hang with
single thread
I assume this has to do with the transfer-format option set to
'many-answers' (this is the default of bind), so what decides how many
records goes into one DNS packet? Since it is a tcp-stream I assumed
there would be only one TSIG signature in the end, I guess I assumed
wrong.
So, if there a sin
> Successive queries give different orderings of nameservers. I though
> it was decreasing RTT order, but wanted to confirm.
It's configurable (see the documentation of the "rrset-order" statement
for details), but in this particular case it appears to be round-robin.
Successive queries give me
Hi all,
Does anyone know what algorithm BIND uses to order the NS records in a
DNS reply? e.g.
dig @66.6.49.217 NS yahoo.com
yahoo.com. 160275 IN NS ns6.yahoo.com.
yahoo.com. 160275 IN NS ns8.yahoo.com.
yahoo.com. 160275 IN NS
In article ,
John Horne wrote:
> Hello,
>
> We are running BIND 9.7.0, and use a split view such that there is a
> difference depending on whether you are within our site campus or not.
> For all the other zones we support we simply 'include' the zone file
> into both views. Generally this seem
Yep, zone for hint is right. No interesting messages "service named
checkconfig" (which RH has helpfully set up to run named-checkconf and
named-checkzone) shows that all is well.
:-(
On 07/08/10 15:55, Warren Kumari wrote:
On Jul 8, 2010, at 3:42 PM, Peter Laws wrote:
BIND 9.3.6-P1-RedHa
On Jul 8, 2010, at 3:42 PM, Peter Laws wrote:
BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
From the host itself, a slave for all my zones, I can resolve all my
zones. I cannot, however, resolve anything else.
For example, if I dig google.com I get a timeout.
Further, if I do a blank dig, I do
BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
From the host itself, a slave for all my zones, I can resolve all my
zones. I cannot, however, resolve anything else.
For example, if I dig google.com I get a timeout.
Further, if I do a blank dig, I don't get the root servers even though the
hints zo
BIND 9.7.1-P1 is now available.
BIND 9.7.1-P1 is a maintenance release for BIND 9.7.
BIND 9.7.1-P1 addresses two backwards compatibility issues introduced in
BIND 9.7.0:
1) BIND 9.7.x expected negative responses to be in a certain format,
one that matches what BI
On Jul 8 2010, John Horne wrote:
On Thu, 2010-07-08 at 07:34 -0400, Alan Clegg wrote:
[...]
You need to specify different "file" locations for each of the slaved
zones (even if the data is the same) in each view.
Does that apply for master zones which are common (i.e. the same data)
to both
Not necessarily. A zone transfer is composed of a sequence of
DNS response messages, each of which may have a TSIG signature
record (from what I've seen BIND adds a signature to every
response message). If each of those response messages is
generated, delivered, and verified within the fudge windo
>> You need to specify different "file" locations for each of the slaved
>> zones (even if the data is the same) in each view.
>>
>Does that apply for master zones which are common (i.e. the same data)
>to both views as well?
In my experience, you can use a shared file for mastering. We have ado
On Thu, 2010-07-08 at 07:34 -0400, Alan Clegg wrote:
> On 7/8/2010 7:26 AM, John Horne wrote:
>
> > However, when checking the SOA serial number of our reverse zone we are
> > seeing different values depending on whether we are inside or outside of
> > the campus. This zone is maintained internall
2010/7/8 John Horne
> [..]
> Both views use the same zone file (which currently contains 3330257 as
> the serial number), and the zone is configured to use a single master.
> If I use rndc to reload the zone in both views, then nothing changes. If
> I stop and restart the whole named service, the
khanh rua wrote:
> Hi,
>
> I install bind as a cache server on Solaris 10, Sun Sparc T5140. It has
> problem,
> bind always hang out when named reach to 5-600 Mb ('prstat' check). I have
> several servers and all have this problem even when i install bind in zone or
> try with a 64bit version
Hello to all.
I have recently set up a slave DNS server
(bind-9.3.6) on a CentOS 5.x Linux box. The
master is our Windows server and, really, it
directly serves our AD infrastructure, and
forwards external queries to our ISP''s DNS
servers.
I got the basic set-up correct, I believe.
Howev
On 7/8/2010 7:58 AM, John Horne wrote:
>> You need to specify different "file" locations for each of the slaved
>> zones (even if the data is the same) in each view.
>>
> Okay, but why? As said this generally works, it just seems a bit out of
> step between the views.
Because BIND won't do what y
On Thu, 2010-07-08 at 13:37 +0200, Matus UHLAR - fantomas wrote:
>
> I think you can for example configure one view as slave of the other view,
> with
> sending notifies from master to slave and using no zone file for the slave
> part.
>
Interesting idea. I will look into that.
Thanks,
John.
On Thu, 2010-07-08 at 07:34 -0400, Alan Clegg wrote:
> On 7/8/2010 7:26 AM, John Horne wrote:
>
> > However, when checking the SOA serial number of our reverse zone we are
> > seeing different values depending on whether we are inside or outside of
> > the campus. This zone is maintained internall
On 08.07.10 12:26, John Horne wrote:
> We are running BIND 9.7.0, and use a split view such that there is a
> difference depending on whether you are within our site campus or not.
> For all the other zones we support we simply 'include' the zone file
> into both views. Generally this seems to work
On 7/8/2010 7:26 AM, John Horne wrote:
> However, when checking the SOA serial number of our reverse zone we are
> seeing different values depending on whether we are inside or outside of
> the campus. This zone is maintained internally by MS Windows servers,
> and so our main servers (141.163.1.2
Hello,
We are running BIND 9.7.0, and use a split view such that there is a
difference depending on whether you are within our site campus or not.
For all the other zones we support we simply 'include' the zone file
into both views. Generally this seems to work fine.
However, when checking the SO
> > On 07.07.10 20:43, Kebba Foon wrote:
> > > I have been experience DNS resolutions problems these past few days, if
> > > i run nslookup i get this error:
> > > ;; connection timed out; no servers could be reached
> >
> >
> > > with dig +trace i get:
> > >
>
> > > ; <<>> DiG 9.6-ESV-R1 <<>>
On Thu, Jul 8, 2010 at 4:30 PM, khanh rua wrote:
> Hi,
>
> I install bind as a cache server on Solaris 10, Sun Sparc T5140. It has
> problem, bind always hang out when named reach to 5-600 Mb ('prstat' check).
How did you determine that it "hang"?
If you enable query log, you might be able to see
Hi,
I install bind as a cache server on Solaris 10, Sun Sparc T5140. It has
problem,
bind always hang out when named reach to 5-600 Mb ('prstat' check). I have
several servers and all have this problem even when i install bind in zone or
try with a 64bit version. T5140's a powerful server bu
On Thu, 2010-07-08 at 10:37 +0200, Matus UHLAR - fantomas wrote:
> Hello,
>
> please, if you are writing a new post, send it as new mail and not
> as reply/followup on old mail. It makes people with threading clients
> angry and they can also in such case miss your e-mail.
> Thank you.
>
> On 07.
Hello,
This was my first guess as well, but since the TSIG fudge is set to 300
seconds then all zonetransfers which take more the 5 minutes would fail
if this was true.
/Nico
On tor, 2010-07-08 at 10:28 +0200, Gilles Massen wrote:
> Hi Nico,
>
> Could it be that the signature of the AXFR mess
Hello,
please, if you are writing a new post, send it as new mail and not
as reply/followup on old mail. It makes people with threading clients
angry and they can also in such case miss your e-mail.
Thank you.
On 07.07.10 20:43, Kebba Foon wrote:
> Subject: Bind DNS server not resloving
> From: K
Hi Nico,
Could it be that the signature of the AXFR message is created at request
time on the master (actually when the answer is build), but the
validation on the client side is obviously only made at the end of the
transfer?
The RFC2845 suggests that this is possible, but I'm not fluent enough
> You need "auto-dnssec maintain" in the zone statement
Right, or "auto-dnssec allow".
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On 07/07/2010 08:24 PM, L. Gabriel Somlo wrote:
view "global" {
zone "example.org" {
type master;
file "example.org.signed";
allow-update {
key foo;
};
};
The problem is that, when I attempt
31 matches
Mail list logo