RE: Bind 9.9 install on Windows 2012 error

2016-05-03 Thread Michael Barber 
Never mind..

Right click on the Bindinstall.exe file, Select Properties, then
Compatibility. Go to Privilege level and select> Run as administrator.  

Right clicking the file and selecting Run as Administrator is not sufficient
and NOT the same, and somehow this toggle is different.

 

Thanks,

Michael Barber

 

  _  

From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Michael Barber
Sent: Tuesday, May 03, 2016 1:15 PM
To: bind-users@lists.isc.org
Subject: Bind 9.9 install on Windows 2012 error

 

I'm migrating from a Windows 2003 Server to Windows Server 2012 and trying
to install Bind 9.9

 

When I download the 64bit ver, unpack it, and attempt to run
BindInstall.exe, I get the error message>

  "A referral was returned from the server"

 

I've tried turning off UAC and that doesn't make this error go away. 

I can't seem to get BindInstall to run no matter what.  Any ideas why this
is or what I need to turn on or off on Windows Server 2012.

 

I was running bind 9.3 previously on the 2003 machine and still have that in
the 32 bit flavor.  I haven't tried that yet as an alternative but it is
going backwards.

Thanks in advance,

Michael Barber

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Bind 9.9 install on Windows 2012 error

2016-05-03 Thread Michael Barber 
I'm migrating from a Windows 2003 Server to Windows Server 2012 and trying
to install Bind 9.9

 

When I download the 64bit ver, unpack it, and attempt to run
BindInstall.exe, I get the error message>

  "A referral was returned from the server"

 

I've tried turning off UAC and that doesn't make this error go away. 

I can't seem to get BindInstall to run no matter what.  Any ideas why this
is or what I need to turn on or off on Windows Server 2012.

 

I was running bind 9.3 previously on the 2003 machine and still have that in
the 32 bit flavor.  I haven't tried that yet as an alternative but it is
going backwards.

Thanks in advance,

Michael Barber

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Multiple SERVFAIL/REFUSED unexpected RCODE

2016-05-03 Thread Barry Margolin 
In article ,
 Mik J  wrote:

> Hello Mark,
> Thank you for your answer. I'm not sure I've understood everything but I'll 
> read it numerous times if necessary.I have ACLs so I'm not surprised to see 
> these REFUSED, I also understand the SERVFAIL meaning.

Your ACL is not relevant. The REFUSED response is coming from the server 
the reverse zone is delegated to.

> I'm just trying to figure out where the problem comes from.You seem to point 
> out a device which should be on my network and who queries a PTR (something 
> like a mail server which want to check the domain of the user who sent the 
> email)

The problem comes from bad reverse DNS delegations of remote addresses. 
Unfortunately, this has always been very common.

> 
> What I didn't understand is"You could use whois to try to contact the 
> administrators of these zones to correct the servers or remove the 
> delegations."You mean this one "x.204.99.116.in-addr.arpa" which appeared in 
> my logs ?
> Regards 

whois -h whois.apnic.net 116.99.204.0

role:   VIETEL IPADMIN GROUP
address:1 Tran Huu Duc, My Dinh, Tu Liem, Hanoi
country:VN
phone:  +84-9-83000456
fax-no: +84-4-38460486
e-mail: tie...@viettel.com.vn
remarks:send spam and abuse report to tie...@viettel.com.vn

whois 88.165.16.0

role:   Administrative Contact for ProXad
address:Free SAS / ProXad
address:8, rue de la Ville L'Eveque
address:75008 Paris
phone:  +33 1 73 50 20 00
fax-no: +33 1 73 92 25 69
remarks:trouble:  Information: http://www.proxad.net/
remarks:trouble:  Spam/Abuse requests: 
mailto:ab...@proxad.net
admin-c:APfP1-RIPE
tech-c: TPfP1-RIPE
nic-hdl:ACP23-RIPE
mnt-by: PROXAD-MNT
abuse-mailbox:  ab...@proxad.net
created:2002-06-26T12:46:56Z
last-modified:  2013-08-01T12:16:00Z
source: RIPE # Filtered


> 
> Le Mardi 3 mai 2016 13h30, Mark Andrews  a écrit :
>  
>  
> 
>  
> In message <353379836.10168122.1462272936427.javamail.ya...@mail.yahoo.com>, 
> Mi
> k J writes:
> >
> > Hello,
> > In my named.log I can see a lot of SERVFAIL/REFUSED unexpected RCODE
> > messages. Most of the time someone tries to resolve a PTR
> > I can see an average of 10 messages per second like these
> > May  3 10:46:26 dns named[7228]: REFUSED unexpected RCODE resolving
> > 'x.204.99.116.in-addr.arpa/PTR/IN': 203.113.131.x#53
> > May  3 10:46:26 dns named[7228]: SERVFAIL unexpected RCODE resolving
> > 'x.16.165.88.in-addr.arpa/PTR/IN': 193.0.9.x#53
> >
> > The PTR records don't belong to me and the remote DNS servers are located
> > around the world.
> > Does anyone has an understanding of why I receive these type of requests
> > ? Why do they query my DNS servers ?
> > Thank you
> 
> Something on your network is trying to convert 116.00.204.x and
> 88.165.16.x addresses to names, presumably because they are seeing
> traffic from those addresses.  In both cases there appears to be
> broken delegations involved.
> 
> REFUSED usually means that the server is not configured for the
> zone.
> 
> SERVFAIL usually means that the server is configured for the zone
> but doesn't have a current copy.
> 
> You could use whois to try to contact the administrators of these
> zones to correct the servers or remove the delegations.
> 
> Mark

-- 
Barry Margolin
Arlington, MA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Multiple SERVFAIL/REFUSED unexpected RCODE

2016-05-03 Thread Mik J 
Hello Mark,
Thank you for your answer. I'm not sure I've understood everything but I'll 
read it numerous times if necessary.I have ACLs so I'm not surprised to see 
these REFUSED, I also understand the SERVFAIL meaning.
I'm just trying to figure out where the problem comes from.You seem to point 
out a device which should be on my network and who queries a PTR (something 
like a mail server which want to check the domain of the user who sent the 
email)

What I didn't understand is"You could use whois to try to contact the 
administrators of these zones to correct the servers or remove the 
delegations."You mean this one "x.204.99.116.in-addr.arpa" which appeared in my 
logs ?
Regards 

Le Mardi 3 mai 2016 13h30, Mark Andrews  a écrit :
 
 

 
In message <353379836.10168122.1462272936427.javamail.ya...@mail.yahoo.com>, Mi
k J writes:
>
> Hello,
> In my named.log I can see a lot of SERVFAIL/REFUSED unexpected RCODE
> messages. Most of the time someone tries to resolve a PTR
> I can see an average of 10 messages per second like these
> May  3 10:46:26 dns named[7228]: REFUSED unexpected RCODE resolving
> 'x.204.99.116.in-addr.arpa/PTR/IN': 203.113.131.x#53
> May  3 10:46:26 dns named[7228]: SERVFAIL unexpected RCODE resolving
> 'x.16.165.88.in-addr.arpa/PTR/IN': 193.0.9.x#53
>
> The PTR records don't belong to me and the remote DNS servers are located
> around the world.
> Does anyone has an understanding of why I receive these type of requests
> ? Why do they query my DNS servers ?
> Thank you

Something on your network is trying to convert 116.00.204.x and
88.165.16.x addresses to names, presumably because they are seeing
traffic from those addresses.  In both cases there appears to be
broken delegations involved.

REFUSED usually means that the server is not configured for the
zone.

SERVFAIL usually means that the server is configured for the zone
but doesn't have a current copy.

You could use whois to try to contact the administrators of these
zones to correct the servers or remove the delegations.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                INTERNET: ma...@isc.org


 
  ___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Multiple SERVFAIL/REFUSED unexpected RCODE

2016-05-03 Thread Mark Andrews 

In message <353379836.10168122.1462272936427.javamail.ya...@mail.yahoo.com>, Mi
k J writes:
>
> Hello,
> In my named.log I can see a lot of SERVFAIL/REFUSED unexpected RCODE
> messages. Most of the time someone tries to resolve a PTR
> I can see an average of 10 messages per second like these
> May  3 10:46:26 dns named[7228]: REFUSED unexpected RCODE resolving
> 'x.204.99.116.in-addr.arpa/PTR/IN': 203.113.131.x#53
> May  3 10:46:26 dns named[7228]: SERVFAIL unexpected RCODE resolving
> 'x.16.165.88.in-addr.arpa/PTR/IN': 193.0.9.x#53
>
> The PTR records don't belong to me and the remote DNS servers are located
> around the world.
> Does anyone has an understanding of why I receive these type of requests
> ? Why do they query my DNS servers ?
> Thank you

Something on your network is trying to convert 116.00.204.x and
88.165.16.x addresses to names, presumably because they are seeing
traffic from those addresses.  In both cases there appears to be
broken delegations involved.

REFUSED usually means that the server is not configured for the
zone.

SERVFAIL usually means that the server is configured for the zone
but doesn't have a current copy.

You could use whois to try to contact the administrators of these
zones to correct the servers or remove the delegations.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Multiple SERVFAIL/REFUSED unexpected RCODE

2016-05-03 Thread Mik J 
Hello,
In my named.log I can see a lot of SERVFAIL/REFUSED unexpected RCODE messages. 
Most of the time someone tries to resolve a PTR
I can see an average of 10 messages per second like these
May  3 10:46:26 dns named[7228]: REFUSED unexpected RCODE resolving 
'x.204.99.116.in-addr.arpa/PTR/IN': 203.113.131.x#53
May  3 10:46:26 dns named[7228]: SERVFAIL unexpected RCODE resolving 
'x.16.165.88.in-addr.arpa/PTR/IN': 193.0.9.x#53

The PTR records don't belong to me and the remote DNS servers are located 
around the world.
Does anyone has an understanding of why I receive these type of requests ? Why 
do they query my DNS servers ?
Thank you
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Nsupdate usage scenario

2016-05-03 Thread Tony Finch 
Paul Kosinski  wrote:

> Except for this single dynamic IP address, the zone file is maintained
> by hand with a text editor, so rearranging it into an arbitrary order
> would make hand maintenance much more difficult.
>
> If there is a way to have nsupdate preserve the original order of the
> zone file -- simply modifying the one A record "in place" and updating
> the serial number -- that would be nice. If not I guess I will have to
> continue using the little Perl script I wrote to do just that.

You can do this with nsdiff - http://dotat.at/prog/nsdiff/ - but it's
probably overkill for one dynamic entry in an otherwise static zone.

Tony.
-- 
f.anthony.n.finch    http://dotat.at/  -  I xn--zr8h punycode
Fisher, German Bight: West 3 or 4, occasionally 5 at first. Slight or
moderate. Rain at first in east. Good.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users