listen-on is a ACL. 0.0.0.0 is short hand for 0.0.0.0/32 and that matches an
interface that is NOT configured. Use “any;”.
> On 7 May 2021, at 15:37, Dan Egli wrote:
>
> Okay, I got all the zones loaded by named-checkzone, and named-checkconf
> returns no errors. So I started up named in the
Dan,
nobody can help you if you strip the logs to bare minimum.
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 7. 5. 2021, at 7:37, Dan Egli wrote:
>
> Okay, I got all the
Thanks! I went somewhere else, used THEIR dkim generator, and it works
fine. I've sent a message to supp...@powerdmarc.com about this.
On 5/6/2021 10:40 PM, Mark Andrews wrote:
Split the record at 255 characters. TXT field need to be <= 255 characters.
Complain to the developers of the tool
Split the record at 255 characters. TXT field need to be <= 255 characters.
Complain to the developers of the tool that created this record that it is
INVALID as the field length is TOO BIG.
> On 7 May 2021, at 14:35, Dan Egli wrote:
>
> I don't know what's up, but when I tried to put my DKIM
I don't know what's up, but when I tried to put my DKIM into the test
server, named-checkzone keeps giving a syntax error on the key line.
Here's what I'm putting in (it really is on one line in the zone file,
just too long for my MUA to put on one line):
key1._domainkey IN
TXT
First of all the user running the tests needs to be able to write to
bin/tests/system. See the permission denied from tee.
--
Mark Andrews
> On 7 May 2021, at 08:20, Dennis Clarke via bind-users
> wrote:
>
>
>
> I very carefully created an airgap test system for this process and did
>
I'm running BIND 9.16.15 fine on Windows Server Standard 2019. What do you see
in the Event Viewer > Application log?
There'll be lots of entries in there of course, so just filter by Source
"named" and look for any Critical, Error, or Warning messages.
Richard.
From: bind-users On Behalf Of
I very carefully created an airgap test system for this process and did
setup all the required network interfaces. However all tests fail
terribly due to some weird python requirement ?
airgap$ ./runall.sh -n
+ SYSTEMTESTTOP=.
+ . ./conf.sh
++
What changed between Bind 9.16.13 and 9.16.15 Windows x64 binaries?
9.16.15 will not start at all in Server 2008 R2 Enterprise x64, 9.16.13 worked
fine.
Only get "The service is not responding to the control function" when trying to
start the service.
Tried this as an upgrade to the 9.16.13,
> With 2 views ddos trace looks much better:
>
> 17:40:21.483188 186.149.116.55.80 > 91.216.35.171.53: [no udp cksum] 1+ >
> RRSIG? pizzaseo.com.(30) (ttl 242, id 21165, len 58)
> 17:40:21.483470 91.216.35.171.53 > 186.149.116.55.80: [udp sum ok] 1 >
> Refused- q: RRSIG? pizzaseo.com. 0/0/0(30)
> Am 06.05.2021 um 18:41 schrieb Axel Rau :
>
> This NS has some other clients in the DMZ LAN, so I need Views.
With 2 views ddos trace looks much better:
17:40:21.483188 186.149.116.55.80 > 91.216.35.171.53: [no udp cksum] 1+ RRSIG?
pizzaseo.com.(30) (ttl 242, id 21165, len 58)
See https://gitlab.isc.org/isc-projects/bind9/-/issues/2667
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 6. 5. 2021, at 18:48, DeCaro, James John (Jim) CIV DISA FE (USA) via
> Am 05.05.2021 um 22:06 schrieb Kevin Darcy via bind-users
> mailto:bind-users@lists.isc.org>>:
>
> I just checked the ARM, and it denotes that "match-recursive-only" (boolean)
> still exists for views. So, you might be able to set up a special view with
> that, as well as a negated
Hello,
I have what is probably a very rudimentary question, but I am stuck.
I am attempting to upgrade BIND on a Solaris 11.4 x86 virtual platform. I have
installed BIND successfully up to version 9.16.12 using ./configure
--enable-full-report --with-gssapi=krb5-config --sysconfdir=/etc
> Am 06.05.2021 um 12:05 schrieb Matus UHLAR - fantomas :
>
>
> Which named version do you run?
9.16.15
> do you use views?
No, but after reading Tonys response, I’m now starting to convert my config to
views.
Axel
---
PGP-Key: CDE74120 ☀ computing @ chaos claudius
signature.asc
> Am 06.05.2021 um 16:45 schrieb Tony Finch :
>
> Axel Rau wrote:
>
>> I have,
>>
>> allow-query { any; };
>> allow-query-cache { recursive-users; };
>> allow-recursion { recursive-users; };
>>
>> How can I make sure that none recursive-users get a REFUSED if query is
>>
On 5/6/21 11:24, Ondřej Surý wrote:
> FTR the test suite is meant to be used by developers. There’s little value to
> use it for validating the production systems.
>
> Generally speaking, having the dependencies and test interfaces (`sudo
> bin/tests/system/ifconfig.sh up`) and running `make
FTR the test suite is meant to be used by developers. There’s little value to
use it for validating the production systems.
Generally speaking, having the dependencies and test interfaces (`sudo
bin/tests/system/ifconfig.sh up`) and running `make check` is enough.
Ondřej
--
Ondřej Surý — ISC
On 5/6/21 10:50, Tony Finch wrote:
> Dennis Clarke via bind-users wrote:
>>
>> Hey there. I looked in the README and I dont see an INSTALL file at all
>> so I have to assume that the testing docs exist somewhere.
>
> Have a look at
>
>
Levente Birta wrote:
>
> I have a caching resolver. Is it possible to log the IP address of the queried
> forwarder without too much overhead?
dnstap might be what you want, but it's a bit intricate.
Tony.
--
f.anthony.n.finchhttps://dotat.at/
Irish Sea: Northwesterly 4 to 6, occasionally
Dennis Clarke via bind-users wrote:
>
> Hey there. I looked in the README and I dont see an INSTALL file at all
> so I have to assume that the testing docs exist somewhere.
Have a look at
https://gitlab.isc.org/isc-projects/bind9/-/tree/main/bin/tests/system
There are some more notes in:
Axel Rau wrote:
> I have,
>
> allow-query { any; };
> allow-query-cache { recursive-users; };
> allow-recursion { recursive-users; };
>
> How can I make sure that none recursive-users get a REFUSED if query is
> recursive?
Weird! I think your config should do what you want so
On 05.05.21 21:09, Axel Rau wrote:
allow-query { any; };
allow-query-cache { recursive-users; };
allow-recursion { recursive-users; };
How can I make sure that none recursive-users get a REFUSED if query is
recursive?
I thought this is the default...
PS: I want to
23 matches
Mail list logo