Re: issue in bind installation
On 06 Jul 2020, at 22:00, ShubhamGoyal wrote: > I am installing bind latest version with additional feature , it gave me > "configure: error librpz.so and dlopen needed for dnsrps" error. > I am searching for that error but i did not find the solution. You have configured bind for dnsrps and you do not have the necessary requirements installed would be my guess. Re you using a package manager to compile or building manually. -- "Are you pondering what I'm pondering?" "Well, I think so -POIT- but where do you stick the feather and call it macaroni?" ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bind-users Digest, Vol 3492, Issue 1
On 7/6/20 10:42 PM, ShubhamGoyal wrote: i am working in Centos 8 with bind version 9.17.2 and i am install from source package It sounds like you're missing some dependencies. Read the documents that come with BIND source code and make sure you have all the dependencies. Seeing as how you are working with CentOS, chances are decent that you also need the *-dev versions of the listed dependencies. I'd chase the dlopen first. I would expect librpz.so to be provided with BIND. -- Grant. . . . unix || die smime.p7s Description: S/MIME Cryptographic Signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bind-users Digest, Vol 3492, Issue 1
> On 7/6/20 10:00 PM, ShubhamGoyal wrote: > > I am installing bind latest version with additional feature , it gave > > me "configure: error librpz.so and dlopen needed for dnsrps" error. > > I am searching for that error but i did not find the solution. > > please help me! > > Are you compiling from source? Or did you install a binary package and > now you're getting that error when trying to run something? > > Please tell us a little bit about what you have done up to this point. > > Please include details about the platform and version (updates) that you > are working on. i am working in Centos 8 with bind version 9.17.2 and i am install from source package [ C-DAC is on Social-Media too. Kindly follow us at: Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ] This e-mail is for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies and the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email is strictly prohibited and appropriate legal action will be taken. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: issue in bind installation
On 7/6/20 10:00 PM, ShubhamGoyal wrote: I am installing bind latest version with additional feature , it gave me "configure: error librpz.so and dlopen needed for dnsrps" error. I am searching for that error but i did not find the solution. please help me! Are you compiling from source? Or did you install a binary package and now you're getting that error when trying to run something? Please tell us a little bit about what you have done up to this point. Please include details about the platform and version (updates) that you are working on. -- Grant. . . . unix || die smime.p7s Description: S/MIME Cryptographic Signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
issue in bind installation
Dear sir I am installing bind latest version with additional feature , it gave me "configure: error librpz.so and dlopen needed for dnsrps" error. I am searching for that error but i did not find the solution. please help me! Best regards Shubham Goyal [ C-DAC is on Social-Media too. Kindly follow us at: Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ] This e-mail is for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies and the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email is strictly prohibited and appropriate legal action will be taken. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Fun with nsudpate and ac1.nstld.com
Actually you had "zone name covisp.net” which told nsupdate to update the “name.” zone as it was treated as “zone name”. Nsupdate then when and looked up the SOA for name and found ac1.nstld.com is the primary server. name. 86400 IN SOA ac1.nstld.com. info.verisign-grs.com. 1594079077 1800 900 604800 86400 Nsupdate can normally determine the name of the zone that has to be updated so most of the time you don’t need to specify the zone. There are a few cases, like when adding delegating NS records or glue to the parent zone you have to override the normal zone discovery procedure. Mark > On 7 Jul 2020, at 08:59, @lbutlr wrote: > > On 06 Jul 2020, at 16:47, Kevin Darcy wrote: >> You didn't dot-terminate covisp.net in the "zone" statement > > > > Ow! > > > > Sigh. > > > > -- > The whole thing that makes a mathematician's life worthwhile is that > he gets the grudging admiration of three or four colleagues > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Fun with nsudpate and ac1.nstld.com
On 06 Jul 2020, at 16:47, Kevin Darcy wrote: > You didn't dot-terminate covisp.net in the "zone" statement Ow! Sigh. -- The whole thing that makes a mathematician's life worthwhile is that he gets the grudging admiration of three or four colleagues ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Fun with nsudpate and ac1.nstld.com
[ Classification Level: GENERAL BUSINESS ] You didn't dot-terminate covisp.net in the "zone" statement, so it may be appending who-knows-what to one of its queries, and going awry. nsupdate -d (or -D) shows all :-) - Kevin On Mon, Jul 6, 2020 at 6:32 PM @lbutlr wrote: > Trying to verify that I can make changes with nsupdatem and running into > something I don’t understand. > > mail # nsupdate -k admin.key > > zone name covisp.net > > update delete ns1.covisp.net. INA 65.121.55.42 > > update add ns1.covisp.net. 3601 INA 65.121.55.42 > > send > ; Communication with 192.42.173.30#53 failed: timed out > > Uh… what? Why is it trying to update 192.42.173.30 (ac1.nstld.com)? > > That IP does not appear in any file in /usr/local/etc/ nor in /etc/ on my > system. > > What am I missing here? > > In fact, the only file on the entire /usr/ that has this IP address in it > is the draft copy of this email. > > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Fun with nsudpate and ac1.nstld.com
Trying to verify that I can make changes with nsupdatem and running into something I don’t understand. mail # nsupdate -k admin.key > zone name covisp.net > update delete ns1.covisp.net. INA 65.121.55.42 > update add ns1.covisp.net. 3601 INA 65.121.55.42 > send ; Communication with 192.42.173.30#53 failed: timed out Uh… what? Why is it trying to update 192.42.173.30 (ac1.nstld.com)? That IP does not appear in any file in /usr/local/etc/ nor in /etc/ on my system. What am I missing here? In fact, the only file on the entire /usr/ that has this IP address in it is the draft copy of this email. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hints for forwarding a subdomain on a authoritative server
Tom wrote: > > But: The zone-forwarding is only working, when I enable "recursion" on the > authoritative server. Does this means, that zone-forwarding really requires > recursion? Yes, forwarding is completely specific to recursive servers. That is, the server doing the forwarding must be recursive, and the target server must also be recursive. [ In some limited cases you can get away with the target server not being recursive; I think the restrictions are that the target zone must not have any delegations or out-of-zone CNAMEs, but I haven't tested this myself. ] > Is there a better way with not enabling recursion (perhaps with views) > to accomplish this? Use a type "static-stub" zone if the target server is authoritative. If the server doing the forwarding is not recursive then it needs to secondary its own authoritative copy of the zone. But presumably you are trying to forward because AXFRing the zone isn't possible. In that case you need something like dnsdist which can act as a DNS reverse proxy. BIND won't query another server when a query is RD=0. Tony. -- f.anthony.n.finchhttp://dotat.at/ Fisher, German Bight: West or northwest 7 or gale 8, occasionally severe gale 9 at first in Fisher, decreasing 5 or 6 later. Rough or very rough, becoming moderate or rough later. Showers. Good. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Hints for forwarding a subdomain on a authoritative server
Thanks
Sten
> On 6 Jul 2020, at 16.03, Tom wrote:
>
> Hi list
>
> Our BIND (9.16.4) is authoritative for zone "example.com". Now I need to
> forward a subzone "sub.example.com" to another nameserver instance on the
> same server, running for example under port 5353:
>
> A few years ago, this topic was already discussed:
> https://lists.isc.org/pipermail/bind-users/2009-April/076156.html
>
> My BIND config looks like this:
> == SCHNIPP ==
> zone "example.com" {
>type master;
>file "master/example.com.hosts";
>};
> zone "sub.example.com" {
>type forward;
>forwarders { 127.0.0.1 port 5353; };
>forward only;
>};
> == SCHNAPP ==
>
> In the zonefile for "example.com" I have a delegation like this (as described
> in the post above):
>
> sub.example.com.IN NS subns.example.com.
>
> So, the authoritative server understands not to be responsible for this zone
> and forwards the request to the other nameserver.
>
> But: The zone-forwarding is only working, when I enable "recursion" on the
> authoritative server. Does this means, that zone-forwarding really requires
> recursion?
Yes.
> Is there a better way with not enabling recursion (perhaps with views) to
> accomplish this?
Stub zones are normally recommended instead.
>
> Many thanks for any hints.
>
> Kind regards,
> Tom
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hints for forwarding a subdomain on a authoritative server
Hi list
Our BIND (9.16.4) is authoritative for zone "example.com". Now I need to
forward a subzone "sub.example.com" to another nameserver instance on
the same server, running for example under port 5353:
A few years ago, this topic was already discussed:
https://lists.isc.org/pipermail/bind-users/2009-April/076156.html
My BIND config looks like this:
== SCHNIPP ==
zone "example.com" {
type master;
file "master/example.com.hosts";
};
zone "sub.example.com" {
type forward;
forwarders { 127.0.0.1 port 5353; };
forward only;
};
== SCHNAPP ==
In the zonefile for "example.com" I have a delegation like this (as
described in the post above):
sub.example.com.IN NS subns.example.com.
So, the authoritative server understands not to be responsible for this
zone and forwards the request to the other nameserver.
But: The zone-forwarding is only working, when I enable "recursion" on
the authoritative server. Does this means, that zone-forwarding really
requires recursion? Is there a better way with not enabling recursion
(perhaps with views) to accomplish this?
Many thanks for any hints.
Kind regards,
Tom
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: Syntex for primary/secondary
On Sun, Jul 05, 2020 at 06:30:11PM -0600, @lbutlr wrote: > When seeing up a secondary zone what do I replace # with in following > (the old syntax was masters instead od master, so I am guessing it needs > a new keyword)? Not yet. In 9.12 we added "primary" and "secondary" as synonyms for the "master" and "slave" zone types, but we didn't touch any other syntax. In 9.17/9.18, we're going further: "primaries" will work in place of "masters", and "primary-only" in place of "master-only". Old syntax will continue working so old named.conf files don't need to be changed, at least for the next several releases. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
