Named should automatically correct this error. The journal version was not
updated when the transaction header was updated. This has been corrected and
named detects the unexpected transaction header and writes out a corrected
journal.
--
Mark Andrews
> On 30 Apr 2021, at 21:16, Tom wrote:
One thing I note, all check say everything is good, but when using dnsviz,
it says secure, shows the ecd... but also puts up warnings that I am using
alg 13 but digest 1 (sha1), which is not allowed, I never use the setting
when create keys as the guide says not needed, if this a problem with them
[ Classification Level: GENERAL BUSINESS ]
Duplicate RRs are suppressed, as per the standards.
RFC 2181, Section 5:
Each DNS Resource Record (RR) has a label, class, type, and data. It
is meaningless for two records to ever have label, class, type and
data all equal - servers should suppr
Hello everyone,
There is a round robin resolving mechanism in bind9 where the server
chooses different records to resolve for each request, but is there a way
to assign weights so that the server resolves with different probabilities?
All I could find about the topic was this old mail from the ar
@lbutlr wrote:
>
> I update the last of my zones over a month ago and they are still
> showing alg-7.
>
> I'm sure I missed a step on these specific domains, but there are only a
> handful that are still using alg-7 and many more that are now on alg-13
> only.
Hmm, curious!
If you have swapped t
On 30 Apr 2021, at 12:15, Tony Finch wrote:
>
> dig +ttlunits example.com ds @$(dig +short com ns | head -1)
I update the last of my zones over a month ago and they are still showing
alg-7. The longest TTL int e zone files is 2w, but we're 29 days in.
Te signed file has
On 30 Apr 2021, at 08:21, Jordan Tinsley wrote:
> Is BIND 9.11.6 (Extended Support Version) vulnerable?
>
> Is BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 (Extended Support Version)
> vulnerable?
The CVE descriptions indicates both of those versions are vulnerable.
"In BIND 9.5.0 -> 9.11.29 … c
Robert M. Stockmann wrote:
>
> Does bind 9 need C11 atomics ?
Yes. BIND used to have its own atomic implementation but that kind of code
is tricky and arcane, so it's better to use the standard implementations
in the C library.
It is not just a matter of the hardware BIND runs on: atomics rely o
Edwardo Garcia wrote:
>
> One question however it talk about longest TTL, does this mean also root
> TLD zones (.com, .net) which from memory are 48 hours, so before we delete
> old keys we need wait 48 hours, even though our zone TTL was 24 ?
When you are waiting after adding and signing with th
On 2021-04-30 07:20, Sainik Biswas via bind-users wrote:
I need some help setting up a recursive nameserver for my internal
network using BIND 9. The recursive name server is not resolving any
domains.
I am running the BIND 9 package from the ppa:isc/bind repo.
BIND Version Number: 9.16.15
OS
On 30.04.21 17:50, Sainik Biswas via bind-users wrote:
I need some help setting up a recursive nameserver for my internal
network using BIND 9. The recursive name server is not resolving any
domains.
Error Log [resolver.log]
2021-04-30T11:58:17.784Z notice: DNS format error from 198.41.0.4#
I have a question -
Is BIND 9.11.6 (Extended Support Version) vulnerable?
Is BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 (Extended Support Version)
vulnerable?
Thanks
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
fro
Hi,
I need some help setting up a recursive nameserver for my internal
network using BIND 9. The recursive name server is not resolving any
domains.
I am running the BIND 9 package from the ppa:isc/bind repo.
BIND Version Number: 9.16.15
OS: Ubuntu 18.04 LTS
This is the named.conf.options conf
On Thu, 29 Apr 2021, [utf-8] OndÅej Surý wrote:
> Date: Thu, 29 Apr 2021 13:35:32 +0200
> From: "[utf-8] OndÅej Surý"
> To: BIND Users
> Subject: Deprecating BIND 9.18+ on Windows (or making it community
> improved and supported)
>
> Hi,
>
> we've been discussing the /subj for quite
Hi
After upgrading to BIND-9.16.15, I have the following error in named.log:
30-Apr-2021 12:41:29.194 general: error: managed-keys.bind.jnw: journal
file corrupt: expected serial 1823, got 1824
30-Apr-2021 12:41:29.194 general: error: managed-keys-zone:
dns_journal_compact failed: unexpected e
15 matches
Mail list logo