-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/29/2014 07:48 AM, /dev/rob0 wrote:
> On Tue, Apr 29, 2014 at 11:49:49AM +0100, Niall O'Reilly wrote:
>> At Tue, 29 Apr 2014 10:24:58 +, houguanghua wrote:
>>> Yes, I had asked the same question months ago. I'm designing
>>> how to protect DNS
In message <483759859.6291670.1398781076480.javamail.zim...@redhat.com>, Tomas H
ozza writes:
> Hi.
>
> I'm trying to disable DNSSEC/EDNS for the lwresd using the
> following lwresd.conf:
>
> options {
> directory "/var/named/";
>
> dnssec-enable no;
> dnssec-validation no;
>
On 2014-04-29 18:50, houguanghua wrote:
A lot of zones will be supported. All popular zones in the ISP.
Maybe the best solution is to hire some custom programming to develop
private system.
How will you obtain copies of "all popular zones"? Are you just talking
about zones you host, or things
te view that contains your additional
> > nameserver that no one else will know about, though they still might
> > not be able to access it if the primary nameserver is down and the
> > additional nameserver isn't in the parent's glue records (clients
> > wouldn&
On 4/29/2014 3:12 PM, Roberto Carna wrote:
Dear, I have this scenario:
1) Windows DNS with dynamic update zone (Windows clients)
2) BIND with manually update zone (Linux and Cisco clients)
Is there any way to transfer all BIND zone records to the Windows DNS
in order to have just one and compl
Dear, I have this scenario:
1) Windows DNS with dynamic update zone (Windows clients)
2) BIND with manually update zone (Linux and Cisco clients)
Is there any way to transfer all BIND zone records to the Windows DNS
in order to have just one and complete zone in the Windows DNS server
???
Thank
You do it something like this. Note the argument to --host MUST NOT
match what sh config.guess returns.
./configure CC=cc CFLAGS="-Xa -fast -xstrconst -xchip=ultraT3 -xarch=sparcvis3
-mt -m64" --host=sparcvis3-sun-solaris2.10 --with-randomdev=/dev/random
--with-ecdsa=no --with-gost=no BUILD_CC
Hi.
I'm trying to disable DNSSEC/EDNS for the lwresd using the
following lwresd.conf:
options {
directory "/var/named/";
dnssec-enable no;
dnssec-validation no;
pid-file "/run/named/lwresd.pid";
session-keyfile "/run/named/session.key";
};
lwres {
The original server servers as primary DNS for our AD infrastructure.
This could be one explanation about these peculiarities. But since the
source DNS is tuned no to complain about strange names I prefer to have
a similar configuration on the clone.
On 04/29/2014 04:17 PM, Sten Carlsen wrote:
On 04/29/2014 03:31 PM, Tony Finch wrote:
Theodotos Andreou wrote:
Now I have a different problem. After converting alll the zones to master many
zones failed to load because of this:
29-Apr-2014 11:21:32.613 dns_rdata_fromtext: db.0.210.10.in-addr.arpa:26: near
'android_b2b2b8cdeedf92d3.exam
You might want to look at the output of:
dig axfr example.com
This gives also the contents of the zone, nicely sorted but with an
added SOA at the end.
I would suggest to use it for comparison with the files to look for some
of those interesting endings (~~.com\032.) Those really look odd to me.
On Tue, Apr 29, 2014 at 09:50:11AM -0300, Jeronimo L. Cabral wrote:
> Please the last question: can I dynamically update a zone and
> -when necessary- make a freeze, manually add/delete records, and
> after that make a thaw to continue with the dynamic update
> In other words, a mix betwwen dyn
On 29/04/14 14.50, Jeronimo L. Cabral wrote:
> Dear, thanks for your help.
>
> Please the last question: can I dynamically update a zone and -when
> necessary- make a freeze, manually add/delete records, and after that
> make a thaw to continue with the dynamic update In other words, a
> mix b
Well, I tried with the BUILD_CC and BUILD_CFLAGS set. I hadn't noticed the
cross compile test during configuration before since it has been working for
the T1000 and T5140 builds. Now though it has "no" for the cross compile test.
Here is my configure command: (this is in a script that sets path
Dear, thanks for your help.
Please the last question: can I dynamically update a zone and -when
necessary- make a freeze, manually add/delete records, and after that make
a thaw to continue with the dynamic update In other words, a mix
betwwen dynamic and manually update.
Thanks again,
JeLo
Theodotos Andreou wrote:
>
> Now I have a different problem. After converting alll the zones to master many
> zones failed to load because of this:
>
> 29-Apr-2014 11:21:32.613 dns_rdata_fromtext: db.0.210.10.in-addr.arpa:26:
> near 'android_b2b2b8cdeedf92d3.example.com.': bad name (check-names)
Thanks for the tip Mark. Now all the zone files are cached as text.
Now I have a different problem. After converting alll the zones to
master many zones failed to load because of this:
# grep example.com /var/log/syslog
29-Apr-2014 11:21:32.613 dns_rdata_fromtext: db.0.210.10.in-addr.arpa:26:
On Tue, Apr 29, 2014 at 11:49:49AM +0100, Niall O'Reilly wrote:
> At Tue, 29 Apr 2014 10:24:58 +,
> houguanghua wrote:
> > Yes, I had asked the same question months ago.
> > I'm designing how to protect DNS for an ISP. The zones are not
> > owned by the ISP. The ISP wants to proect the DNS qu
At Tue, 29 Apr 2014 10:24:58 +,
houguanghua wrote:
>
> Yes, I had asked the same question months ago.
> I'm designing how to protect DNS for an ISP. The zones are not owned
> by the ISP. The ISP wants to proect the DNS query during attacking.
> So it's not standard DNS solution. During the at
steven,
Yes, I had asked the same question months ago.
I'm designing how to protect DNS for an ISP. The zones are not owned by the
ISP. The ISP wants to proect the DNS query during attacking.
So it's not standard DNS solution. During the attacking, the backup server
will provide the DNS quer
On 29 April 2014 07:06, houguanghua wrote:
> hi kevin,
>
> Stealth slaves can't be used as backup NS server. This backup server can't
> be accessed by all internet users.
> It can only be accessed by users from one ISP. It's used when all authority
> NSs are down, especially in case of DDoS atta
21 matches
Mail list logo
