Kevin Darcy wrote:
>
> In any case, multi-hop forwarding is always the least-preferred option.
>
I wonder for which reason do you think this.
Of course, any forwarding adds a additional hop and therefore additional delay
and an additional possible point of failure.
But this is true for any
Your system has IPv6 addresses configured so named attempts to use
IPv6 to resolve names. Ask your ISP for IPv6. You may need to
upgrade your router to support IPv6.
The world ran out of enough IPv4 addresses to give every machine
its own unique address in about 1996 and we have been using NAT
I use Bind as a local caching nameserver at my house mainly to speed up
spamassassin queries. Until I upgraded my Ubuntu 14.04 to 16.04 last
week all was working great. After the upgrade bind has been filling up
my syslog with the above error. Running 'named -V' outputs:
chris@localhost:~$ named
On 8/11/2016 12:22 PM, bind-users-requ...@lists.isc.org wrote:
I have a child domain that is delegated to a second site. Pretty
straightforward situation. In the parent zone I have NS records that point
to the DNS servers at the second site.
The issue comes up when a slaved copy of the parent
Sorry, I left out the option of fixing the firewall rules.
Depending on your performance/resilience requirements, available bandwidth,
latency, query patterns, etc. this may or may not be preferable to slaving the
zone to your site. It’s hard to say without knowing a lot of details about your
No, you would never get rid of a valid delegation of a child zone; why *reduce*
the resolvability of that zone? Whatever you do to get around this connectivity
issue would be *in*addition*to* the delegation, not as a replacement for it.
That having been said, I outlined your options in a
> Your problem here is not directly related to the delegation. Your
problem is that you have a recursive server (C) which is blocked from
reaching a part of the Internet
> where there is an authoritative server (B) it needs to contact.
I thought I had said that...
> That's a very convoluted way
On 11 August 2016 at 10:14, Bob McDonald wrote:
>
> Currently, clients sending queries for domain child.example.com. to
> server A get good results.
> However, clients sending queries for domain child.example.com. to server
> C get SERVFAIL because server C has no access
The bottom line is: any resolver which is using iterative resolution (as
opposed to just forwarding) to resolve names in a zone, needs to be able to
talk to at least *some* of the published nameservers for the zone, or to
“override” the regular referral-chain using something like a “stub” zone.
Let me be a bit more clear...
This is strictly internal. There are no external clients or servers
involved. All three of the servers have recursion turned ON.
Server A has a domain (example.com.)
example.com. has an NS record that points to server B and delegate
child.example.com. (yes there's
On 11 August 2016 at 09:13, Bob McDonald wrote:
> I have a child domain that is delegated to a second site. Pretty
> straightforward situation. In the parent zone I have NS records that point
> to the DNS servers at the second site.
>
> The issue comes up when a slaved
I have a child domain that is delegated to a second site. Pretty
straightforward situation. In the parent zone I have NS records that point
to the DNS servers at the second site.
The issue comes up when a slaved copy of the parent domain is running at a
third site and that third site doesn't have
12 matches
Mail list logo