CNAME record for the root of the domain
How to set it? I know there is a workaround, but I hadn't been able to make it work... I use bind 9.7.3. Thanks, Niccolò ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: CNAME record for the root of the domain
2011/10/12 Niccolò Belli darkba...@linuxsystems.it: How to set it? I know there is a workaround, but I hadn't been able to make it work... What have you tried so far? -- aRDy Music and Rick Dicaire present: http://www.ardynet.com http://www.ardynet.com:9000/ardymusic.ogg.m3u ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: CNAME record for the root of the domain
On Wed, 12 Oct 2011, Niccolò Belli wrote: Subject: CNAME record for the root of the domain How to set it? I know there is a workaround, but I hadn't been able to make it work... I use bind 9.7.3. Perhaps you mean DNAME? http://www.ietf.org/rfc/rfc2672.txt http://www.informit.com/articles/article.aspx?p=19798 Paul ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: CNAME record for the root of the domain
On 10/12/2011 09:20 AM, Paul Wouters wrote: On Wed, 12 Oct 2011, Niccolò Belli wrote: Subject: CNAME record for the root of the domain How to set it? I know there is a workaround, but I hadn't been able to make it work... I use bind 9.7.3. Perhaps you mean DNAME? How widely are DNAMEs supported? -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: CNAME record for the root of the domain
Il 12/10/2011 18:18, Rick Dicaire ha scritto: What have you tried so far? @ IN CNAME linuxsystems.it. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: CNAME record for the root of the domain
What have you tried so far? @ IN CNAME linuxsystems.it. No CNAME and other data [1]. You have an SOA and NS at the apex, so a CNAME isn't allowed. -JP [1] Until you start with DNSSEC :) ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
host versus nslookup
Many years ago, various flavors of unix began distributing a utility called host which did almost the same thing as nslookup. Host is what I use most of the time, now, and I actually thought that nslookup on unix systems was maybe going away. A coworker recently asked me about nslookup on our FreeBSD system and I verified the behavior he was asking about. Other than a different output format, what are the advantages of having both host and nslookup. On the FreeBSD system in question, nslookup is definitely a different binary than is host so one is not hard-linked to the other. The behavior he was asking about was simply that all foreign domains that one looks up with nslookup report as non-authoritative since the DNS one is using isnot authoritative for, say, microsoft.com or yahoo.com. This is not a problem. I am just curious. Many thanks. Martin McCormick WB5AGZ Stillwater, OK Systems Engineer OSU Information Technology Department Telecommunications Services Group ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: host versus nslookup
One thing that is different about nslookup on HP-UX (which doesn't have host) is that it actually respects nsswitch.conf so will give you results from /etc/hosts OR from name services whereas most implementations only do it from name services. Nslookup is deprecated meaning you should use host where possible. Also for DNS troubleshooting dig is a much better tool than nslookup or host. -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Martin McCormick Sent: Wednesday, October 12, 2011 1:22 PM To: 'bind-users@lists.isc.org'; mar...@dc.cis.okstate.edu Subject: host versus nslookup Many years ago, various flavors of unix began distributing a utility called host which did almost the same thing as nslookup. Host is what I use most of the time, now, and I actually thought that nslookup on unix systems was maybe going away. A coworker recently asked me about nslookup on our FreeBSD system and I verified the behavior he was asking about. Other than a different output format, what are the advantages of having both host and nslookup. On the FreeBSD system in question, nslookup is definitely a different binary than is host so one is not hard-linked to the other. The behavior he was asking about was simply that all foreign domains that one looks up with nslookup report as non-authoritative since the DNS one is using isnot authoritative for, say, microsoft.com or yahoo.com. This is not a problem. I am just curious. Many thanks. Martin McCormick WB5AGZ Stillwater, OK Systems Engineer OSU Information Technology Department Telecommunications Services Group ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Athena(r), Created for the Cause(tm) Making a Difference in the Fight Against Breast Cancer - CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. -- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
Martin wrote on 10/12/2011 01:21:45 PM: Other than a different output format, what are the advantages of having both host and nslookup. host is four characters shorter. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
On 10/12/2011 1:21 PM, Martin McCormick wrote: Many years ago, various flavors of unix began distributing a utility called host which did almost the same thing as nslookup. Host is what I use most of the time, now, and I actually thought that nslookup on unix systems was maybe going away. A coworker recently asked me about nslookup on our FreeBSD system and I verified the behavior he was asking about. Other than a different output format, what are the advantages of having both host and nslookup. On the FreeBSD system in question, nslookup is definitely a different binary than is host so one is not hard-linked to the other. The behavior he was asking about was simply that all foreign domains that one looks up with nslookup report as non-authoritative since the DNS one is using isnot authoritative for, say, microsoft.com or yahoo.com. This is not a problem. I am just curious. nslookup has lots of problems. Four that I can cite off the top of my head: 1) most versions of nslookup will stop dead in their tracks if they can't reverse-resolve the name of whatever resolver they're trying to use (even though that's basically irrelevant to the actual lookup that the user requested) 2) nslookup will by default use a searchlist, but it does this completely invisibly by default (unless a debugging option is turned on), and thus will often mis-represent the real result of the query (e.g. you look up foo.example1.com, that gets a SERVFAIL, then unbeknownst to the user, nslookup tries the searchlist'ed name foo.example1.com.example2.com and reports the resulting NXDOMAIN as the final error of the lookup, thus obscuring the real error -- SERVFAIL) 3) the default output format of nslookup doesn't distinguish the result of the query from the identity of the resolver clearly enough, so unsophisticated users will often think that the name they're looking up actually resolves to the address of the DNS resolver, and much hilarity ensues (mis-routed trouble tickets, drama, confusion, etc.) 4) some versions of nslookup display atypical DNS responses (e.g. dangling CNAMEs, referrals) in very confusing, non-intuitive ways. - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
On 10/12/2011 3:01 PM, Kevin Darcy wrote: On 10/12/2011 1:21 PM, Martin McCormick wrote: Many years ago, various flavors of unix began distributing a utility called host which did almost the same thing as nslookup. Host is what I use most of the time, now, and I actually thought that nslookup on unix systems was maybe going away. A coworker recently asked me about nslookup on our FreeBSD system and I verified the behavior he was asking about. Other than a different output format, what are the advantages of having both host and nslookup. On the FreeBSD system in question, nslookup is definitely a different binary than is host so one is not hard-linked to the other. The behavior he was asking about was simply that all foreign domains that one looks up with nslookup report as non-authoritative since the DNS one is using isnot authoritative for, say, microsoft.com or yahoo.com. This is not a problem. I am just curious. nslookup has lots of problems. Four that I can cite off the top of my head: 1) most versions of nslookup will stop dead in their tracks if they can't reverse-resolve the name of whatever resolver they're trying to use (even though that's basically irrelevant to the actual lookup that the user requested) 2) nslookup will by default use a searchlist, but it does this completely invisibly by default (unless a debugging option is turned on), and thus will often mis-represent the real result of the query (e.g. you look up foo.example1.com, that gets a SERVFAIL, then unbeknownst to the user, nslookup tries the searchlist'ed name foo.example1.com.example2.com and reports the resulting NXDOMAIN as the final error of the lookup, thus obscuring the real error -- SERVFAIL) 3) the default output format of nslookup doesn't distinguish the result of the query from the identity of the resolver clearly enough, so unsophisticated users will often think that the name they're looking up actually resolves to the address of the DNS resolver, and much hilarity ensues (mis-routed trouble tickets, drama, confusion, etc.) 4) some versions of nslookup display atypical DNS responses (e.g. dangling CNAMEs, referrals) in very confusing, non-intuitive ways. - Kevin Use dig. Always use dig. If dig isn't installed - install dig and then use dig. Make dig part of your default set of packages on all boxes. host vs nslookup? is asking whether you should hit your self in the head with a small or large hammer. Put down the hammer and use dig. -DMM ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: host versus nslookup
So hitting yourself in the head with a shovel is better? :p -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of David Miller Sent: Wednesday, October 12, 2011 4:08 PM To: bind-users@lists.isc.org Subject: Re: host versus nslookup On 10/12/2011 3:01 PM, Kevin Darcy wrote: On 10/12/2011 1:21 PM, Martin McCormick wrote: Many years ago, various flavors of unix began distributing a utility called host which did almost the same thing as nslookup. Host is what I use most of the time, now, and I actually thought that nslookup on unix systems was maybe going away. A coworker recently asked me about nslookup on our FreeBSD system and I verified the behavior he was asking about. Other than a different output format, what are the advantages of having both host and nslookup. On the FreeBSD system in question, nslookup is definitely a different binary than is host so one is not hard-linked to the other. The behavior he was asking about was simply that all foreign domains that one looks up with nslookup report as non-authoritative since the DNS one is using isnot authoritative for, say, microsoft.com or yahoo.com. This is not a problem. I am just curious. nslookup has lots of problems. Four that I can cite off the top of my head: 1) most versions of nslookup will stop dead in their tracks if they can't reverse-resolve the name of whatever resolver they're trying to use (even though that's basically irrelevant to the actual lookup that the user requested) 2) nslookup will by default use a searchlist, but it does this completely invisibly by default (unless a debugging option is turned on), and thus will often mis-represent the real result of the query (e.g. you look up foo.example1.com, that gets a SERVFAIL, then unbeknownst to the user, nslookup tries the searchlist'ed name foo.example1.com.example2.com and reports the resulting NXDOMAIN as the final error of the lookup, thus obscuring the real error -- SERVFAIL) 3) the default output format of nslookup doesn't distinguish the result of the query from the identity of the resolver clearly enough, so unsophisticated users will often think that the name they're looking up actually resolves to the address of the DNS resolver, and much hilarity ensues (mis-routed trouble tickets, drama, confusion, etc.) 4) some versions of nslookup display atypical DNS responses (e.g. dangling CNAMEs, referrals) in very confusing, non-intuitive ways. - Kevin Use dig. Always use dig. If dig isn't installed - install dig and then use dig. Make dig part of your default set of packages on all boxes. host vs nslookup? is asking whether you should hit your self in the head with a small or large hammer. Put down the hammer and use dig. -DMM ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Athena(r), Created for the Cause(tm) Making a Difference in the Fight Against Breast Cancer - CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. -- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
On 12/10/11 22:08, David Miller wrote: On 10/12/2011 3:01 PM, Kevin Darcy wrote: On 10/12/2011 1:21 PM, Martin McCormick wrote: Many years ago, various flavors of unix began distributing a utility called host which did almost the same thing as nslookup. Host is what I use most of the time, now, and I actually thought that nslookup on unix systems was maybe going away. A coworker recently asked me about nslookup on our FreeBSD system and I verified the behavior he was asking about. Other than a different output format, what are the advantages of having both host and nslookup. On the FreeBSD system in question, nslookup is definitely a different binary than is host so one is not hard-linked to the other. The behavior he was asking about was simply that all foreign domains that one looks up with nslookup report as non-authoritative since the DNS one is using isnot authoritative for, say, microsoft.com or yahoo.com. This is not a problem. I am just curious. nslookup has lots of problems. Four that I can cite off the top of my head: 1) most versions of nslookup will stop dead in their tracks if they can't reverse-resolve the name of whatever resolver they're trying to use (even though that's basically irrelevant to the actual lookup that the user requested) 2) nslookup will by default use a searchlist, but it does this completely invisibly by default (unless a debugging option is turned on), and thus will often mis-represent the real result of the query (e.g. you look up foo.example1.com, that gets a SERVFAIL, then unbeknownst to the user, nslookup tries the searchlist'ed name foo.example1.com.example2.com and reports the resulting NXDOMAIN as the final error of the lookup, thus obscuring the real error -- SERVFAIL) 3) the default output format of nslookup doesn't distinguish the result of the query from the identity of the resolver clearly enough, so unsophisticated users will often think that the name they're looking up actually resolves to the address of the DNS resolver, and much hilarity ensues (mis-routed trouble tickets, drama, confusion, etc.) 4) some versions of nslookup display atypical DNS responses (e.g. dangling CNAMEs, referrals) in very confusing, non-intuitive ways. - Kevin Use dig. Always use dig. If dig isn't installed - install dig and then use dig. Make dig part of your default set of packages on all boxes. host vs nslookup? is asking whether you should hit your self in the head with a small or large hammer. Put down the hammer and use dig. I don't quite agree, for debugging bind, use dig - for debugging lookup issues on some machine, host will behave more like any normal program, using resolv.conf and what else and can point to some issues dig will not discover. E.g. normal SW using something else than DNS, because of some setup. Dig will never catch this. -DMM ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- Best regards Sten Carlsen No improvements come from shouting: MALE BOVINE MANURE!!! ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
On Thu, Oct 13, 2011 at 3:23 AM, Sten Carlsen st...@s-carlsen.dk wrote: Use dig. Always use dig. I don't quite agree, for debugging bind, use dig - for debugging lookup issues on some machine, host will behave more like any normal program, using resolv.conf and what else and can point to some issues dig will not discover. E.g. normal SW using something else than DNS, because of some setup. Dig will never catch this. If you're concern about what address programs gets when they resolve host names, then getent is a better choice as it also respects nsswitch.conf and hosts file. -- Fajar ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
On 12/10/11 22:33, Fajar A. Nugraha wrote: On Thu, Oct 13, 2011 at 3:23 AM, Sten Carlsen st...@s-carlsen.dk wrote: Use dig. Always use dig. I don't quite agree, for debugging bind, use dig - for debugging lookup issues on some machine, host will behave more like any normal program, using resolv.conf and what else and can point to some issues dig will not discover. E.g. normal SW using something else than DNS, because of some setup. Dig will never catch this. If you're concern about what address programs gets when they resolve host names, then getent is a better choice as it also respects nsswitch.conf and hosts file. I just tried to make the point that dig is NOT always the perfect tool, it depends what you want to know. Using dig tells you about DNS, host and getent and even nslookup tells you more about the behaviour of your system. The right combination of those tools tells you what you need, not one single tool. I was not aware of getent, so thanks for that. -- Best regards Sten Carlsen No improvements come from shouting: MALE BOVINE MANURE!!! ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
On 10/12/2011 5:46 PM, Sten Carlsen wrote: On 12/10/11 22:33, Fajar A. Nugraha wrote: On Thu, Oct 13, 2011 at 3:23 AM, Sten Carlsenst...@s-carlsen.dk wrote: Use dig. Always use dig. I don't quite agree, for debugging bind, use dig - for debugging lookup issues on some machine, host will behave more like any normal program, using resolv.conf and what else and can point to some issues dig will not discover. E.g. normal SW using something else than DNS, because of some setup. Dig will never catch this. If you're concern about what address programs gets when they resolve host names, then getent is a better choice as it also respects nsswitch.conf and hosts file. I just tried to make the point that dig is NOT always the perfect tool, it depends what you want to know. Using dig tells you about DNS, host and getent and even nslookup tells you more about the behaviour of your system. As far as I know, only HP-UX has hacked nslookup to look at /etc/hosts. And I don't think it even looks at the switch file or other naming sources (e.g. Yellow Plague). HP-UX's nslookup enhancement is a one-off, I believe. On most platforms, the only way that nslookup is closer to the OS name-resolution mechanism than dig is that nslookup will do suffix-searching, whereas dig will not. But even then, I think nslookup uses its own version of the resolver library to do that, so if one is trying to troubleshoot a problem with the OS'es suffix-searching behavior using nslookup, one might be comparing apples to grapefruit (or, since we're talking about nslookup here, perhaps I should say uglyfruit). - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
AIX also does something similar. On 10/12/11 05:09 PM, Kevin Darcy wrote: As far as I know, only HP-UX has hacked nslookup to look at /etc/hosts. And I don't think it even looks at the switch file or other naming sources (e.g. Yellow Plague). HP-UX's nslookup enhancement is a one-off, I believe. On most platforms, the only way that nslookup is closer to the OS name-resolution mechanism than dig is that nslookup will do suffix-searching, whereas dig will not. But even then, I think nslookup uses its own version of the resolver library to do that, so if one is trying to troubleshoot a problem with the OS'es suffix-searching behavior using nslookup, one might be comparing apples to grapefruit (or, since we're talking about nslookup here, perhaps I should say uglyfruit). - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: host versus nslookup
In message 040b89c8b1e1d945ae2700c511a039e905a...@atmexdb04.dsw.net, Lightne r, Jeff writes: One thing that is different about nslookup on HP-UX (which doesn't have host) is that it actually respects nsswitch.conf so will give you results from /et c/hosts OR from name services whereas most implementations only do it from na me services. It shouldn't. The NS in nslookup stands for NAMESERVER. Nslookup is a diagnostic tool for the DNS and corrupting it to lookin /etc/hosts, NIS, YP, LDAP is just wrong. Nslookup is deprecated meaning you should use host where possible. Also f or DNS troubleshooting dig is a much better tool than nslookup or host. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users