Hi there,
On Wed, 14 Nov 2012, Phil Mayers wrote:
On 14/11/12 15:39, Kevin Darcy wrote:
I stopped reading as soon as I saw the requirement to add a NetBIOS
name, being overpowered by the stench of obsolescence. Does anyone
As per our recent thread, there's load of (recent, modern) stuff
Phil Mayers p.may...@imperial.ac.uk writes:
On 14/11/12 15:02, King, Harold Clyde (Hal) wrote:
I'm a bit confused by a user request. I think he is trying to keep some
hosts on the private side of DNS, but he wants to use a DNS name like
host.sub.local. I do not know of the use of the .local
On 15/11/12 15:39, Carsten Strotmann wrote:
Phil Mayers p.may...@imperial.ac.uk writes:
On 14/11/12 15:02, King, Harold Clyde (Hal) wrote:
I'm a bit confused by a user request. I think he is trying to keep some
hosts on the private side of DNS, but he wants to use a DNS name like
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/15/2012 09:40 AM, Carsten Strotmann wrote:
'.local is the 4th most queried domain name (after localhost, com
and net), but it should not exist at all in the Internet (or
queries should not reach the root server system). You see corp,
intern
The adb grow-names process? does not appear to be related to recursive cache as
I cleared cache while monitoring syslog and the counter kept increasing.
However a reload did start the adb grow-names process anew.
Both shown below
.
.
.
Nov 14 15:25:40 local@mercury named[2920]: [ID 873579
On 15/11/12 15:49, Manson, John wrote:
The adb grow-names process? does not appear to be related to recursive cache
as I cleared cache while monitoring syslog and the counter kept increasing.
However a reload did start the adb grow-names process anew.
Both shown below
.
.
.
Nov 14
On 2012.11.15 10.14, Novosielski, Ryan wrote:
Failing to operate a private TLD correctly is causing internal
data leaking to the Internet, which could be a security risk but in
all cases is a burden on the root server system.
Not that I think that I'm doing this (and as I'd said, the only
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/15/2012 11:36 AM, btb wrote:
On 2012.11.15 10.14, Novosielski, Ryan wrote:
Failing to operate a private TLD correctly is causing internal
data leaking to the Internet, which could be a security risk
but in all cases is a burden on the root
On 15/11/12 16:17, Cathy Almond wrote:
On 15/11/12 15:49, Manson, John wrote:
The adb grow-names process? does not appear to be related to recursive cache
as I cleared cache while monitoring syslog and the counter kept increasing.
However a reload did start the adb grow-names process anew.
Hello everyone,
When did BIND 9 switch over from the older
+++ Statistics Dump +++ (timestamp)
success #
referral #
nxrrset #
nxdomain #
recursion #
failure #
--- Statistics Dump --- (timestamp)
to the newer
+++ Statistics Dump +++ (timestamp)
++ Incoming Requests ++
x QUERY
++
Thanks, Phil. Those were my thoughts as well. For the present, I'll
write my own monitoring plugin to parse the XML data.
John
On 11/15/2012 11:47 AM, Phil Mayers wrote:
On 15/11/12 16:44, John Miller wrote:
Hello everyone,
When did BIND 9 switch over from the older
I think that was
Thanks, Carsten,
I've opened bug #4619 and indeed asked Hyperic to parse the XML output.
I agree, it's much nicer than trying to parse the rndc.stats file!
If anyone here has already written a BIND plugin for Hyperic, let me
know--I'd love to have a copy and see if it'll work for us.
John
On 2012.11.15 11.39, Novosielski, Ryan wrote:
Great, thanks, sounds like I'm covered then (I have BIND running
authoritative for my zone on the firewall/NAT machine only accepting
queries from my local 1918 addresses) and DHCP providing its address
as the nameserver.
be sure that bind is also
Thanks, Phil. Those were my thoughts as well. For the present,
I'll write my own monitoring plugin to parse the XML data.
If you need some inspiration, I wrote a bit of C code [1] which does
that rather effectively. It doesn't do what you want, but it may get you
started. ;-)
-JP
On Thu, Nov 15, 2012 at 11:44:12AM -0500, John Miller wrote:
Hello everyone,
When did BIND 9 switch over from the older
The new stats counters were added in 9.5.0. They're in all currently-
supported releases; the old format is fully deprecated now.
Incidentally, that release also
Thanks, Evan. That's exactly what I wanted to know. I'm already
running the statistics server, so I'd certainly prefer to leverage that
rather than rely on a bunch of regexes to parse the statistics file.
I'll let the folks at Hyperic know about the upcoming schema changes.
John
On
Hi,
I have using Bind for a while and last night upgraded to Bind 9.9.2 on
my OpenIndiana 151a7. I would like to be able to control my DNS queries
on Unix/Linux hosts, so that by default the client queries would only
be DNSSEC authenticated/validated. However, as DNSSEC is not completely
In message 50a580c1.9080...@blacklistthisdomain.com, Silas Cutler writes:
Good Evening,
I've been doing some DNS RPZ experiments and during my testing I found
that if a DNS Zone on an Authoritative DNS Server has more then 100k
elements, it will not replicate to a slave DNS Server.
Do
Well, the authoritative server can handle the zone file size. However,
with the slave makes the request for the zone, I get:
refresh: unexpected rcode (REFUSED)
On 11/15/12 6:59 PM, Mark Andrews wrote:
In message 50a580c1.9080...@blacklistthisdomain.com, Silas Cutler writes:
Good Evening,
No ACLs in place.
[SLAVE]
Nov 15 19:13:36 [Redacted] named[21899]: zone rpz/IN: refresh:
unexpected rcode (REFUSED) from master MASTER#53 (source 0.0.0.0#0)
Nov 15 19:13:36 [Redacted] named[21899]: zone rpz/IN: Transfer started.
Nov 15 19:13:36 [Redacted] named[21899]: transfer of 'rpz/IN' from
In message 50a58610.8000...@blacklistthisdomain.com, Silas Cutler writes:
No ACLs in place.
[SLAVE]
Nov 15 19:13:36 [Redacted] named[21899]: zone rpz/IN: refresh:
unexpected rcode (REFUSED) from master MASTER#53 (source 0.0.0.0#0)
Nov 15 19:13:36 [Redacted] named[21899]: zone rpz/IN:
Looks like I'll have to update it for 9.10 tho, hope they updated the
schema number.
Yes, we did.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
Its there
zone rpz {
type master;
file /etc/bind/zones/rpz.db;
allow-query { none; };
allow-transfer { 10.0.0.1; };
};
On 11/15/12 8:10 PM, Peter Yardley wrote:
I wrote a script to extract stats from the XML channel. Works for cricket,
cacti, MRTG ...
You can find it hereā¦
Its there
zone rpz {
type master;
file /etc/bind/zones/rpz.db;
allow-query { none; };
allow-transfer { 10.0.0.1; };
};
I asked:
The slave is making a SOA query to the master and is getting refused as
as response. I would be checking your acls. Look at the logs on the
Hi Peter,
Would you consider donating that script to ISC so they can bundle it
with the BIND distribution?
I have a whole library of scripts like yours which I've collected over
the last 10 years. Most of the hosts that are linked to as where these
scripts are located are long gone and the
25 matches
Mail list logo