At Fri, 21 Jan 2011 14:00:19 -0500 (EST),
Paul Wouters wrote:
> >* BIND now supports a new zone type, static-stub. This allows the
> > administrator of a recursive nameserver to force queries for a
> > particular zone to go to IP addresses of the administrator's choosing,
> > on a per zone ba
Sue Graves writes:
New Features
9.8.0
* BIND now supports a new zone type, static-stub. This allows the
administrator of a recursive nameserver to force queries for a
particular zone to go to IP addresses of the administrator's choosing,
on a per zone basis, both globally or per view. I.e. i
greetings,
i'm in the midst of an odd problem (to me, anyway) and would appreciate
any pointers.
three servers, all running bind-9.7.2-P3 compiled from source with the
same options. one master; two slaves. two views: internal and
external. one master and one slave are on the same subnet
In message , Barry Mar
golin writes:
> In article ,
> Dave Knight wrote:
>
> > I guess the tool just always assumes that there's probably a www worthy
> > asking about
>
> That's what I assumed at first, too. But the report for his domain also
> included NS records for the subdomain test.ns
On Fri, 21 Jan 2011, Sue Graves wrote:
* BIND now supports a new zone type, static-stub. This allows the
administrator of a recursive nameserver to force queries for a
particular zone to go to IP addresses of the administrator's choosing,
on a per zone basis, both globally or per view. I.e. i
Introduction
BIND 9.8.0b1 is the first beta release of BIND 9.8.
This document summarizes changes from BIND 9.7 to BIND 9.8. Please see
the CHANGES file in the source code release for a complete list of all
changes.
Download
The latest development versions of BIND 9 software can always be found
In article ,
Dave Knight wrote:
> I guess the tool just always assumes that there's probably a www worthy
> asking about
That's what I assumed at first, too. But the report for his domain also
included NS records for the subdomain test.nsbeta.info. Do you think it
also has test. in its def
It might not be your bug. It might be other sites.
As was said, bind can log info that would help
explain it.
Or if the number is rising continuously, you can capture a
bunch of dns queries with tcpdump or a similar program
and look over a sample of the rejected queries.
On Jan 18, 2011, at 9:
On 21/01/11 14:21, p...@mail.nsbeta.info wrote:
Dave Knight writes:
I guess the tool just always assumes that there's probably a www worthy asking
about
But how does the site know I have a sub domain test.nsbeta.info and its
name servers? I didn't think that I have got this sub domain be
It checks for test. - I saw it do that for my zone. For us it
isn't a subdomain but simply an A record. Apparently when it found
your record it went ahead and did another check for your sub-zone.
I'm surprised that it does not check for ftp.. Whenever we're
doing acquisitions here that is one
It seems to do a regular lookup, plus maybe an ANY
But I've also noticed that it seems to find test.domain.com. I often put a
'test.whatever.com. IN A 127.0.0.1' into zones and a couple I checked it found
them, even though it shouldn't have by "normal" means
it also found a 'blog' record I had
Dnia 2011-01-21 08:50 Barry Margolin napisał(a):
>In article ,
> Joseph S D Yao wrote:
>
>> On Fri, Jan 21, 2011 at 02:19:45PM +0800, p...@mail.nsbeta.info wrote:
>> >
>> > I'm jsut curious, how does "who.is" know the dns records in my domain
>> > (nsbeta.info)?
>> >
>> > The page shows some
On 21/01/11 2:05 PM, "Zbigniew Jasiński" wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> W dniu 2011-01-21 11:23, Kalman Feher pisze:
>> The only way I can replicate the behaviour is with dnssec-enable no or with
>> an unsigned version of the zone in another view. Assuming you've
Dave Knight writes:
I guess the tool just always assumes that there's probably a www worthy asking about
But how does the site know I have a sub domain test.nsbeta.info and its
name servers? I didn't think that I have got this sub domain be public.
Regards.
___
On 21/01/11 14:18, Phil Mayers wrote:
On 21/01/11 13:50, Barry Margolin wrote:
In article,
Joseph S D Yao wrote:
On Fri, Jan 21, 2011 at 02:19:45PM +0800, p...@mail.nsbeta.info wrote:
I'm jsut curious, how does "who.is" know the dns records in my domain
(nsbeta.info)?
The page shows so
On 21/01/11 13:50, Barry Margolin wrote:
In article,
Joseph S D Yao wrote:
On Fri, Jan 21, 2011 at 02:19:45PM +0800, p...@mail.nsbeta.info wrote:
I'm jsut curious, how does "who.is" know the dns records in my domain
(nsbeta.info)?
The page shows some of my RRs exactly:
http://who.is/dns/
On 2011-01-21, at 8:50 AM, Barry Margolin wrote:
> In article ,
> Joseph S D Yao wrote:
>
>> On Fri, Jan 21, 2011 at 02:19:45PM +0800, p...@mail.nsbeta.info wrote:
>>>
>>> I'm jsut curious, how does "who.is" know the dns records in my domain
>>> (nsbeta.info)?
>>>
>>> The page shows some of
In article ,
p...@mail.nsbeta.info wrote:
> In fact I want to the clients that match view_b to fall into the default
> view, say it's view_c.
There is no fall-through in views. The search stops when it finds the
first view that matches. Each view is like a totally separate server
(which i
In article ,
Joseph S D Yao wrote:
> On Fri, Jan 21, 2011 at 02:19:45PM +0800, p...@mail.nsbeta.info wrote:
> >
> > I'm jsut curious, how does "who.is" know the dns records in my domain
> > (nsbeta.info)?
> >
> > The page shows some of my RRs exactly:
> >
> > http://who.is/dns/nsbeta.info/
On Fri, Jan 21, 2011 at 02:19:45PM +0800, p...@mail.nsbeta.info wrote:
>
> I'm jsut curious, how does "who.is" know the dns records in my domain
> (nsbeta.info)?
>
> The page shows some of my RRs exactly:
>
> http://who.is/dns/nsbeta.info/
The title of the page is, "Nsbeta.info DNS Lookup
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
W dniu 2011-01-21 11:23, Kalman Feher pisze:
> The only way I can replicate the behaviour is with dnssec-enable no or with
> an unsigned version of the zone in another view. Assuming you've not
> overlapped your views in such a way (it was a very contr
On 01/20/2011 09:28 PM, Mark Andrews wrote:
Or one can not worry about the IP address being used. The addresses
are still there for backwards compatibilty with BIND 8 where only
the IP address is used. TSIG is really so much stronger than any
IP based authentication. It's like putting a scree
The only way I can replicate the behaviour is with dnssec-enable no or with
an unsigned version of the zone in another view. Assuming you've not
overlapped your views in such a way (it was a very contrived test), I think
you'll need to provide a bit more information on your configuration.
-options
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
W dniu 2011-01-19 18:38, Hauke Lampe pisze:
> Another thing you might check:
>
> With "dnssec-enable no;" in named.conf, BIND still does its automatic
> DNSSEC signing but won't add RRSIG to responses.
>
> I ran across such a configuration lately. Y
24 matches
Mail list logo
