rndc flush /recursive ?

2012-02-27 Thread Stephane Bortzmeyer 
With Unbound, there are two commands to clear the cache, one which
deletes only the records with the exact name and one which is
recursive (deletes everything under the name).

With BIND, I find only the first one, rndc flushname. Any command
that I missed to delete recursively?
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rndc flush /recursive ?

2012-02-27 Thread Bill Owens 
On Mon, Feb 27, 2012 at 02:32:31PM +0100, Stephane Bortzmeyer wrote:
 With Unbound, there are two commands to clear the cache, one which
 deletes only the records with the exact name and one which is
 recursive (deletes everything under the name).
 
 With BIND, I find only the first one, rndc flushname. Any command
 that I missed to delete recursively?

It's in the new 9.9.0 rndc:

  flush Flushes all of the server's caches.
  flush [view]  Flushes the server's cache for a view.
  flushname name [view]
Flush the given name from the server's cache(s)
  flushtree name [view]
Flush all names under the given name from the server's cache(s)

Bill.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rndc flush /recursive ?

2012-02-27 Thread Mark Andrews 

flushtree

In message 20120227133231.ga3...@nic.fr, Stephane Bortzmeyer writes:
 With Unbound, there are two commands to clear the cache, one which
 deletes only the records with the exact name and one which is
 recursive (deletes everything under the name).
 
 With BIND, I find only the first one, rndc flushname. Any command
 that I missed to delete recursively?
 ___
 Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
  from this list
 
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rndc flush /recursive ?

2012-02-27 Thread Stephane Bortzmeyer 
On Mon, Feb 27, 2012 at 08:36:28AM -0500,
 Bill Owens ow...@nysernet.org wrote 
 a message of 18 lines which said:

 It's in the new 9.9.0 rndc:

Thanks, exactly what I needed.

On Tue, Feb 28, 2012 at 12:37:17AM +1100,
 Mark Andrews ma...@isc.org wrote 
 a message of 21 lines which said:

 flushtree

Not in any released (much yet packaged) version.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: rndc flush /recursive ?

2012-02-27 Thread Mark Andrews 

In message 20120227134537.ga3...@nic.fr, Stephane Bortzmeyer writes:
 On Mon, Feb 27, 2012 at 08:36:28AM -0500,
  Bill Owens ow...@nysernet.org wrote 
  a message of 18 lines which said:
 
  It's in the new 9.9.0 rndc:
 
 Thanks, exactly what I needed.
 
 On Tue, Feb 28, 2012 at 12:37:17AM +1100,
  Mark Andrews ma...@isc.org wrote 
  a message of 21 lines which said:
 
  flushtree
 
 Not in any released (much yet packaged) version.

It's packaged.

FreeBSD: ports/dns/bind99/Makefile
PORTNAME=   bind99
PORTVERSION=9.9.0.rc2
PKGNAMESUFFIX=  -devel

 ___
 Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
  from this list
 
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

what's wrong with the e.hushpuppies-australia.com delegation @ns.domainnetwork.se ?

2012-02-27 Thread M. Meadows 


 

dig -t any e.hushpuppies-australia.com @ns.domainnetwork.se
;  DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2  -t any 
e.hushpuppies-australia.com @ns.domainnetwork.se
;; global options:  printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 19181
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;e.hushpuppies-australia.com.   IN  ANY
;; ANSWER SECTION:
e.hushpuppies-australia.com. 600 IN NS  ns1.exacttarget.com.
e.hushpuppies-australia.com. 600 IN NS  ns2.exacttarget.com.
;; Query time: 91 msec
;; SERVER: 203.27.227.61#53(203.27.227.61)
;; WHEN: Mon Feb 27 14:08:18 2012
;; MSG SIZE  rcvd: 93

 
But 
 
dig e.hushpuppies-australia.com +nssearch @8.8.8.8
 
Yields no nameserver list.
 
Thanks!
Martin Meadows
 
  ___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: what's wrong with the e.hushpuppies-australia.com delegation @ns.domainnetwork.se ?

2012-02-27 Thread Chuck Swiger 
Hi--

On Feb 27, 2012, at 12:14 PM, M. Meadows wrote:
 But
  
 dig e.hushpuppies-australia.com +nssearch @8.8.8.8
  
 Yields no nameserver list.

+nssearch does SOA lookups for each of the nameservers, but 
ns.domainnetwork.se (and so forth) only returns an SOA record for 
hushpuppies-australia.com and not e.hushpuppies-australia.com:

% dig -t soa hushpuppies-australia.com. @ns.domainnetwork.se
;  DiG 9.6-ESV-R4-P3  -t soa hushpuppies-australia.com. 
@ns.domainnetwork.se
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 2169
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;hushpuppies-australia.com. IN  SOA

;; ANSWER SECTION:
hushpuppies-australia.com. 86400 IN SOA ns.domainnetwork.se. 
hostmaster.melbourneitcbs.com. 2012022200 28800 7200 1209600 86400

;; Query time: 96 msec
;; SERVER: 203.27.227.61#53(203.27.227.61)
;; WHEN: Mon Feb 27 15:27:24 2012
;; MSG SIZE  rcvd: 124

% dig -t soa e.hushpuppies-australia.com. @ns.domainnetwork.se
;  DiG 9.6-ESV-R4-P3  -t soa e.hushpuppies-australia.com. 
@ns.domainnetwork.se
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 56060
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;e.hushpuppies-australia.com.   IN  SOA

;; AUTHORITY SECTION:
e.hushpuppies-australia.com. 600 IN NS  ns1.exacttarget.com.
e.hushpuppies-australia.com. 600 IN NS  ns2.exacttarget.com.

;; Query time: 97 msec
;; SERVER: 203.27.227.61#53(203.27.227.61)
;; WHEN: Mon Feb 27 15:27:28 2012
;; MSG SIZE  rcvd: 93

Also notice that the nameservers listed in WHOIS (ie, ns*.domainnetwork.se) 
don't match ns*.exacttarget.com; you're missing several glue records as far as 
*.gtld-servers.net are concerned.

Regards,
-- 
-Chuck


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: what's wrong with the e.hushpuppies-australia.com delegation @ns.domainnetwork.se ?

2012-02-27 Thread M. Meadows 

 
Mmmm ... nevermind. Nothing wrong with the delegation. The 
e.hushpuppies-australia.com zone file isn't set up yet! Sorry.

 



From: sun-g...@live.com
To: bind-users@lists.isc.org
Subject: what's wrong with the e.hushpuppies-australia.com delegation 
@ns.domainnetwork.se ?
Date: Mon, 27 Feb 2012 15:14:19 -0500






 


dig -t any e.hushpuppies-australia.com @ns.domainnetwork.se
;  DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2  -t any 
e.hushpuppies-australia.com @ns.domainnetwork.se
;; global options:  printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 19181
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;e.hushpuppies-australia.com.   IN  ANY
;; ANSWER SECTION:
e.hushpuppies-australia.com. 600 IN NS  ns1.exacttarget.com.
e.hushpuppies-australia.com. 600 IN NS  ns2.exacttarget.com.
;; Query time: 91 msec
;; SERVER: 203.27.227.61#53(203.27.227.61)
;; WHEN: Mon Feb 27 14:08:18 2012
;; MSG SIZE  rcvd: 93

 
But 
 
dig e.hushpuppies-australia.com +nssearch @8.8.8.8
 
Yields no nameserver list.
 
Thanks!
Martin Meadows
 
 
___ Please visit 
https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list 
bind-users mailing list bind-users@lists.isc.org 
https://lists.isc.org/mailman/listinfo/bind-users   
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Configuring a domain slave to look up subdomain hosts

2012-02-27 Thread Mark Andrews 


In message cef5d429141640a98f49787ba7583...@netadmin.bart.gov, Mike Bernhardt
 writes:
 I have a domain and a subdomain which is delegated by the
 
 I am trying to figure out the correct way to have the slave of a parent
 domain look up hosts in a subdomain managed by others. I'm running BIND
 9.8.1-P1. The current working configuration for the subdomain is this:
 
 options {
 directory /var/named;
 allow-recursion { any; };
 allow-query { any; };
 allow-query-cache { any; };
 forwarders { 148.165.3.10; };
 forward only;
 recursive-clients 2000;
 zone-statistics yes;
 };
 
 zone domain.com {
 type slave;
 masters { 10.130.1.30; };
 file db.domain;
 forwarders { };
 };
 
 But using forwarders doesn't seem like the correct way to do it.

Well it is a correct way to do it.  It turns *off* the global
override on normal resolution for the name space covered by domain.com.
I normally use forwarders { /* empty */ }; so that it is easier
to see that it is supposed to be a empty list.

 It's in
 the options in order to forward internet queries to our external name server
 instead of to the root servers, which aren't accessible from inside. I've
 been messing with stub zones but that doesn't seem to work:
 
 zone domain.com {
 type slave;
 masters { 10.130.1.30; };
 file db.domain;
 };
 zone subdomain.domain.com {
 type stub;
 masters { 10.2.241.101; 10.2.242.222; };
 file db.subdomain;
 };
 
 With this configuration, the zone file for subdomain.domain.com is correctly
 created but when I run tcpdump I can see that queries for
 host.subdomain.domain.com are being forwarded to 148.165.3.10, not to the
 subdomain name servers. The result of course is NXDOMAIN.
 
 With forwarders set for the zone domain.com, the slave queries the zone
 master, which then queries the subdomain name server as it should. So the
 stub zone is apparently being ignored.
 
 What is wrong? Perhaps I'm misunderstanding the purpose of stub zones? Let
 me know if you need additional config details.
 
 ___
 Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
 from this list
 
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

ddns 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)

2012-02-27 Thread Gregory Machin 
Hi

I'm running  DHCP Server V3.0.1 on Debian 3.2 and BIND 9.7.1-P2 on
Ubuntu 10.10 , this is part of a staged migration , hens the old
Debian server.

When machines request an ip from the dhcp server I see the following
in the dhcp server logs :

Can't update forward map nzhmlwks0091.et.endace.com to 192.168.69.245:
no such RRset

And at the same time on the Bind server I see :

Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426:
view interenal: updating zone 'et.endace.com/IN': update unsuccessful:
nzhmlwks0091.et.endace.com: 'name not in use' prerequisite not
satisfied (YXDOMAIN)
Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426:
view interenal: updating zone 'et.endace.com/IN': update unsuccessful:
nzhmlwks0091.et.endace.com/TXT: 'RRset exists (value dependent)'
prerequisite not satisfied (NXRRSET)

What are these errors and how do I resolve them ?

Thanks

Greg
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: ddns 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)

2012-02-27 Thread Mark Andrews 

In message CAJzjPKmwVxMCR6yi4Wq6d6NnaiM=gERkcvfefU=wsrxczus...@mail.gmail.com,
 Gregory Machin writes:
 Hi
 
 I'm running  DHCP Server V3.0.1 on Debian 3.2 and BIND 9.7.1-P2 on
 Ubuntu 10.10 , this is part of a staged migration , hens the old
 Debian server.
 
 When machines request an ip from the dhcp server I see the following
 in the dhcp server logs :
 
 Can't update forward map nzhmlwks0091.et.endace.com to 192.168.69.245:
 no such RRset
 
 And at the same time on the Bind server I see :
 
 Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426:
 view interenal: updating zone 'et.endace.com/IN': update unsuccessful:
 nzhmlwks0091.et.endace.com: 'name not in use' prerequisite not
 satisfied (YXDOMAIN)

The DHCP server said only make this change if there is nothing at
the name and there was something at the name.  This is done to
prevent DHCP overriding static entries.

 Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426:
 view interenal: updating zone 'et.endace.com/IN': update unsuccessful:
 nzhmlwks0091.et.endace.com/TXT: 'RRset exists (value dependent)'
 prerequisite not satisfied (NXRRSET)

The DHCP server said only make this change if the TXT record that
says I did the last change exists and it doesn't.  This is done to
prevent the DHCP server changing/removing records it didn't add.

The TXT record was used to encode what is now encoded in the DHCID
record.  See http://www.ietf.org/rfc/rfc4701.txt

 What are these errors and how do I resolve them ?
 
If you are certain that there is not a collision removing all the
records at the name will permit DHCP to add new record.

dhcp-us...@isc.org would be a good place to discuss what DHCPD is trying
to do.

 Thanks
 
 Greg
 ___
 Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
 from this list
 
 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: ddns 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)

2012-02-27 Thread Gregory Machin 
Thanks for taking time to clarify those errors. Based on the
explanation the errors are expected and correct.

Thank you.

Greg

On Tue, Feb 28, 2012 at 5:40 PM, Mark Andrews ma...@isc.org wrote:

 In message 
 CAJzjPKmwVxMCR6yi4Wq6d6NnaiM=gERkcvfefU=wsrxczus...@mail.gmail.com,
  Gregory Machin writes:
 Hi

 I'm running  DHCP Server V3.0.1 on Debian 3.2 and BIND 9.7.1-P2 on
 Ubuntu 10.10 , this is part of a staged migration , hens the old
 Debian server.

 When machines request an ip from the dhcp server I see the following
 in the dhcp server logs :

 Can't update forward map nzhmlwks0091.et.endace.com to 192.168.69.245:
 no such RRset

 And at the same time on the Bind server I see :

 Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426:
 view interenal: updating zone 'et.endace.com/IN': update unsuccessful:
 nzhmlwks0091.et.endace.com: 'name not in use' prerequisite not
 satisfied (YXDOMAIN)

 The DHCP server said only make this change if there is nothing at
 the name and there was something at the name.  This is done to
 prevent DHCP overriding static entries.

 Feb 28 16:17:11 nzhmlsrv01 named[3363]: client 192.168.64.242#40426:
 view interenal: updating zone 'et.endace.com/IN': update unsuccessful:
 nzhmlwks0091.et.endace.com/TXT: 'RRset exists (value dependent)'
 prerequisite not satisfied (NXRRSET)

 The DHCP server said only make this change if the TXT record that
 says I did the last change exists and it doesn't.  This is done to
 prevent the DHCP server changing/removing records it didn't add.

 The TXT record was used to encode what is now encoded in the DHCID
 record.  See http://www.ietf.org/rfc/rfc4701.txt

 What are these errors and how do I resolve them ?

 If you are certain that there is not a collision removing all the
 records at the name will permit DHCP to add new record.

 dhcp-us...@isc.org would be a good place to discuss what DHCPD is trying
 to do.

 Thanks

 Greg
 ___
 Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
 from this list

 bind-users mailing list
 bind-users@lists.isc.org
 https://lists.isc.org/mailman/listinfo/bind-users
 --
 Mark Andrews, ISC
 1 Seymour St., Dundas Valley, NSW 2117, Australia
 PHONE: +61 2 9871 4742                 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users