On Jun 14, 2012, at 5:54 AM, Marian Roess wrote:
Thank you for your quick answer.
You've possibly checked all this, but let me ask anyway:
1. Are you monitoring named logs when reload the zones? Any errors?
Yes, I do.
zone cs.uni-dortmund.de/IN: loaded serial 1121661332
2.
If what you want is the basic functionality of cat, what's wrong with
named-compilezone -with -some -options?
On Jun 14, 2012, at 11:00 AM, Walter Smith wrote:
So essentially if I'm scripting on a slave and would like to check-into-svn
changes within any particular 'raw' zone - I'll still
We have a problem with one of our firewalls caused by DNS peaks. Once or twice
a day a DNS burst (20K requests/15sec) kills all connections on the firewall.
The firewall is due for replacement but in the mean time we would like to stop
these peaks at their origin or at least try to limit their
On 15 Jun 2012, at 01:14, Rodrigo Renie Braga wrote:
I've been trying to find examples on how to use TSIG to replicate several
differents views to a slave server, but I could only find with two views, and
I just couldn't figure out how to adapt that example to 3 or more views.
Could you
Holemans Wim wim.holem...@ua.ac.be wrote:
I have 2 questions, one, is there a way to rate-limit the amount of
request a single client (the AD servers in this case) can have standing
out against a bind server ? Kind of rate-limiting parameter for bind
name server.
There isn't a way to do
bind-users-bounces+wbrown=e1b@lists.isc.org wrote on 06/15/2012
04:25:16 AM:
We have a problem with one of our firewalls caused by DNS peaks.
Once or twice a day a DNS burst (20K requests/15sec) kills all
connections on the firewall.
The firewall is due for replacement but in the mean
Wim Holemans
Netwerkdienst Universiteit Antwerpen
Network Services University of Antwerp
One of the problems is that these firewalls are going to be replaced soon and
we don't want to spend to much effort in trying to fix what seems an annoying
side-effect of something caused by a DNS
On Fri, Jun 15, 2012 at 9:37 PM, Holemans Wim wim.holem...@ua.ac.be wrote:
Wim Holemans
Netwerkdienst Universiteit Antwerpen
Network Services University of Antwerp
One of the problems is that these firewalls are going to be replaced soon and
we don't want to spend to much effort in
Yes we know and new firewalls are on their way (already partly installed), but
we can't activate them for the moment as we are in an examination period in
which we can't make any change to our network as students should be able to
take online tests 24/24...
Wim Holemans
Netwerkdienst
You DO realize that DNS is (mostly) UDP packets, and an attacker (or
in your case, the ADs) can simply send UDP packet floods to kill your
firewall (in your current state), regardless how your DNS server is
configured, even when the DNS server is down?
Once we had the firewall for DNS, when
On Jun 15, 2012, at 4:25 AM, Holemans Wim wrote:
We have a problem with one of our firewalls caused by DNS peaks.
Yes. EOM
W
Once or twice a day a DNS burst (20K requests/15sec) kills all connections on
the firewall.
The firewall is due for replacement but in the mean time we would like
Hi there,
On Fri, 15 Jun 2012, Holemans Wim wrote:
... Once or twice a day a DNS burst (20K requests/15sec) kills all
connections on the firewall.
Have you disabled firewall connection tracking for DNS requests?
We have 6 dns servers (bind) on our campus, that are all
authoritative for our
On 15/06/12 16:37, Holemans Wim wrote:
Wim Holemans
Netwerkdienst Universiteit Antwerpen
Network Services University of Antwerp
One of the problems is that these firewalls are going to be replaced soon and
we don't want to spend to much effort in trying to fix what seems an annoying
13 matches
Mail list logo
