Is this scenario possible?

Hey Guys, lets say I have a domain exmaple.com which is hosted out and are having MX records as mail01.exmaple.com and mail02.example.com and mail.example.comas a A Record for accessing mails example.com NA ns1.example.com ns2.example.com IN

Re: Is this scenario possible?

Margolin bar...@alum.mit.edu wrote: In article mailman.1978.1389240374.20661.bind-us...@lists.isc.org, Blason R blaso...@gmail.com wrote: Hey Guys, lets say I have a domain exmaple.com which is hosted out and are having MX records as mail01.exmaple.com and mail02.example.com

Re: Is this scenario possible?

Oh yeah you are right...I missed that out :) Thanks for pointing it out.. On Sun, Jan 12, 2014 at 2:03 AM, Barry Margolin bar...@alum.mit.edu wrote: In article mailman.1996.1389470377.20661.bind-us...@lists.isc.org, Blason R blaso...@gmail.com wrote: Hey all, Pertaining to the same

Can we do a sub-domain delegation with godaddy?

Hi Folks, I am not sure if this is an appropriate forum to answer since more or less it is pertaining to Go Daddy support but since its a huge community our there and I am sure many of them are already using Go Daddy wondering if su-domain delegation is possible in Go Daddy? I mean I have

Re: Can we do a sub-domain delegation with godaddy?

Yeah Warren you are correct. That seems to be a hack for adding subdomain. So to answer your queries what I wanted to achieve is mail.example.com will be my subdomain [again its just not gonna be my host entry] it will be a delegated sub-domain for which I'll build internal DNS server for

Re: Can we do a sub-domain delegation with godaddy?

addr = dns.dnsmadeeasy.com serial = 1997022724 refresh = 28800 (8 hours) retry = 14400 (4 hours) expire = 360 (41 days 16 hours) default TTL = 86400 (1 day) Seems to be correct, right? On Thu, Jan 16, 2014 at 10:07 AM, Blason R blaso...@gmail.com

I may be confused regarding sub delegated zone

Hello friends, I may sound like novice but have basic question regarding Sub-zone which is an delegated zone. lets say I have zone example.com whose NS are ns1.example.com and then I have delegated sub-zone subdom.example.com whose ns record would be say ns2.example.com. So people who will be

Re: I may be confused regarding sub delegated zone

for the subdomain. After that it will go to ns2 directly until the ns records time out in cache. On Jan 23, 2014 12:30 PM, Blason R blaso...@gmail.com wrote: Hello friends, I may sound like novice but have basic question regarding Sub-zone which is an delegated zone. lets say I have zone example.com whose

Why the heck my NS are not working

Hi Guys, Though it may not relevant with BIND but I need help with NS servers which are now hosted inside. I have a domain hosted with godaddy and godaddy were the DNS as well as registrars. Now I have setup my own DNS server inside my network and pointed NS record in godaddy panel which happened

Re: Why the heck my NS are not working

The domain is isnlab.in and host i am trying to ping is lbtest.isnlab.in On 20 Jul 2014 15:51, Reindl Harald h.rei...@thelounge.net wrote: Am 20.07.2014 09:21, schrieb Blason R: Though it may not relevant with BIND but I need help with NS servers which are now hosted inside. I have a domain

Re: Why the heck my NS are not working

l...@lcrcomputer.net wrote: post the domain name so we can look from out here. Is the name server on a public ip address and your firewall allowing udp tcp port 53 access to talk to named? Lyle On 07/20/14 02:21, Blason R wrote: Hi Guys, Though it may not relevant with BIND but I

Re: Why the heck my NS are not working

, Chris Thompson c...@cam.ac.uk wrote: On Jul 20 2014, Blason R wrote: The domain is isnlab.in and host i am trying to ping is lbtest.isnlab.in The glue for delegation isnlab,in is out of step with (various) in-zone contents. The in servers give a referral to ;; AUTHORITY SECTION: isnlab.in

Re: My DNS sinkhole is failing to start

< daniel.stirnim...@switch.ch> wrote: > On 26.11.17 16:48, Blason R wrote: > > Strange...when I started with command line it started successfully even > > catering all my zones and sinkholing the requests as well > > > > /usr/sbin/named -u named -d 10 -c /etc/named.conf &

Can I log response given by bind?

Hi Guys, Since I have sinkhole configured on DNS I need to know if I can log responses received in my log files? I mean this is required to grep out the matched entries against my malicious zones. Please suggest. ___ Please visit

Re: Queries regarding Master/Slave

tion: > > https://ftp.isc.org/isc/bind9/9.12.1/doc/arm/Bv9ARM.ch05.html > > Regards, > Anand > > On 06/05/2018 18:15, Blason R wrote: > > > This needs to be configured on Master or slave or both? > > > > On Sun, May 6, 2018 at 2:29 AM, Grant Taylor via bind-users <

Re: Queries regarding Master/Slave

This needs to be configured on Master or slave or both? On Sun, May 6, 2018 at 2:29 AM, Grant Taylor via bind-users < bind-users@lists.isc.org> wrote: > On 05/05/2018 11:35 AM, Blason R wrote: > > BTW on the slave dumped zones are not in a readable format I believe > > those

Re: notify explicit and also-notify

OK So wondering if I have master in cloud wanted to know which port should I open for slave which is behind corporate firewall and if I set as below then my slaves will start listening on port 2034? I am bit confused on port numbers for NOTIFY messages and NOTIFY-UPDATED [i.e. AXFR/IXFR]

Queries regarding Master/Slave

Hi Team, Since I am building Master/slave RPZ for my organization I do have couple of queries. 1. My ixfr is not working as soon as I remove the statement it works fine 2. Do I need to create files at secondary server? or will those be created automatically? 3. I guess I always need

Re: notify explicit and also-notify

ll send notifies to all name servers for a given zone. > > Also notify pertains too the notification of name servers not included in > zone data. > > Kind Regards Peter > > On 04/05/2018 05:51, Blason R wrote: > > Hi, > > So I was playing with these two statements a

Re: notify explicit and also-notify

Absolutely that is TCP/53 required for Zone Xfer right? On Sat, May 5, 2018 at 10:34 PM, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > On 05.05.18 09:52, Blason R wrote: > >> OK So wondering if I have master in cloud wanted to know which port should >> I open f

Re: Queries regarding Master/Slave

, /dev/rob0 <r...@gmx.co.uk> wrote: > On Sat, May 05, 2018 at 03:52:16PM +0530, Blason R wrote: > > Since I am building Master/slave RPZ for my organization I do have > > couple of queries. > > > > > >1. My ixfr is not working as soon as I remove the st

Re: also-notify and allow-notify

018 at 12:08 AM, Matthew Pounsett <m...@conundrum.com> wrote: > > > On 17 May 2018 at 13:30, Blason R <blaso...@gmail.com> wrote: > >> Hi, >> >> I have RPZ installed on server and its acting as a master server but >> somehow port setting is not working

Re: also-notify and allow-notify

Thats correct taht worked for me and checking further now. On Fri, May 18, 2018 at 1:23 PM, Warren Kumari <war...@kumari.net> wrote: > On Fri, May 18, 2018 at 9:41 AM Blason R <blaso...@gmail.com> wrote: > > > Hi there, > > > Thanks for the update and here is

also-notify and allow-notify

Hi, I have RPZ installed on server and its acting as a master server but somehow port setting is not working on master ## Master Server configuration response-policy { zone "malware.trap"; }; zone "malware.trap" { type master; file "/var/lib/bind/malware.trap.db"; notify explicit;

nsupdate with RPZ

Hi Team, Wondering if anyone have a working How-To guide for implementing nsupdate with RPZ? I mean do we need to configure any specific settings in zone of Options? Please advise TIA ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users

Re: Can we define masters as hostsname?

Hey, Thanks a lot for your crisp and short answer!! On Wed, May 23, 2018 at 6:31 PM, Matthew Pounsett <m...@conundrum.com> wrote: > > > On 23 May 2018 at 07:37, Blason R <blaso...@gmail.com> wrote: > >> Hi Guys, >> >> Can we define masters as h

Can we define masters as hostsname?

Hi Guys, Can we define masters as hostname instead of IP address? I guess its not possible but wondering if community can shed come light on this? zone "test.update" { type slave; masters { cloud.dns.net; }; file "/var/lib/bind/test.update.db"; allow-notify {

Re: RPZ zone update how to sync

why? is there any logic in this? yeah management does not want to allow direct syncing with master as they dont want to expose any info to them. On Fri, May 18, 2018 at 7:32 PM, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > On 18.05.18 19:29, Blason R wrote: > >> I hav

Re: also-notify and allow-notify

Nah that is not my query; instead I wanted updates to be sent on other port and not TCP/53. Queries let it happen on UDP 53 On Fri, May 18, 2018 at 3:02 PM, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > On 17.05.18 23:00, Blason R wrote: > >> I have RPZ installed on ser

RPZ zone update how to sync

Hi Guys, I have this other query on RPZ; I have one master server [lets say masterns.test.com.] on cloud. One slave [slavens.test.com] in my organization and our partner would also want to sync with slave but not with master server. How can one slave can sync with other slave? Can someone please

Re: also-notify and allow-notify

Okies so zone xfer would happen on TCP/53 correct and notify would be sent on udp/53? On Fri, May 18, 2018, 7:31 PM Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > >> On 17.05.18 23:00, Blason R wrote: > >>> So here I am sending notification to 192.168.5.49 on

Re: nsupdate with RPZ

, May 23, 2018 at 8:43 PM, Chris Buxton <cli...@buxtonfamily.us> wrote: > On May 22, 2018, at 7:35 PM, Blason R <blaso...@gmail.com> wrote: > > > Wondering if anyone have a working How-To guide for implementing > nsupdate with RPZ? I mean do we need to configure any

Re: Building Geo Map using Queries

Thanks! Any particular use case or configuration you would like to suggest? On Sun, Jun 10, 2018 at 10:25 AM Vadim Pavlov wrote: > Hi Blason, > > You can use MaxMind GeoIP DB and enrich logs with data you need. > > Vadim > > On 09 Jun 2018, at 17:33, Blason

Building Geo Map using Queries

Hi There, I have DNS RPZ server runnnig and have configured logstatsh on the same to parse the DNS RPZ logs. My requirement is I need to build Geo Map basis on the DNS responses; Any idea how can that be achieved? Or need to know the requests made from which country and any other idea community

Re: Data exfiltration using DNS RPZ

Excellent Inputs guys and thanks a ton for your feedbacks. RPS is quite interesting and which one is commercial offering for the same? On Sun, Jun 17, 2018 at 10:56 PM Grant Taylor via bind-users < bind-users@lists.isc.org> wrote: > On 06/17/2018 11:18 AM, Vadim Pavlov via bind-users wrote: > >

Data exfiltration using DNS RPZ

Hi Team, Can someone please guide if DNS exfiltration techniques can be identified using DNS RPZ? Or do I need to install any other third party tool like IDS to identify the the DNS beacon channels. Has anyone used DNS RPZ to block/detect data exfiltration?

Unable to resolve the A records, not sure what is wrong

Hi there, I am writing a RPZ zone and here is my zone file. RPZ is working fine but somehow A records are not getting resovled hence I am unable to do the wall-gardening. Can someone please help $TTL 3h @ IN SOA ns1.malware.trap. admin.malware.trap.(

Re: Unable to resolve the A records, not sure what is wrong

Well this is I am getting in network.log what could be the issue? 01-Jun-2018 23:27:42.274 client 192.168.5.103#58425 (wg.block.tld): query 'wg.block.tld/A/IN' denied On Fri, Jun 1, 2018 at 11:27 PM, Bob Harold wrote: > > On Fri, Jun 1, 2018 at 1:36 PM Blason R wrote: > >> Hi

Re: Unable to resolve the A records, not sure what is wrong

I guess this could be the issue zone "malware.trap" { type master; file "/var/lib/bind/zones/malware.trap.db"; allow-query { localhost;}; On Fri, Jun 1, 2018 at 11:28 PM, Blason R wrote: > Well this is I am getting in network.log what could b

Re: Unable to resolve the A records, not sure what is wrong

Yes that was the issue :) and got resolved. On Fri, Jun 1, 2018 at 11:29 PM, Blason R wrote: > I guess this could be the issue > > zone "malware.trap" { > type master; > file "/var/lib/bind/zones/malware.trap.db"; > allow-query {

What if the link is failed between master/slave

Hi There, I have bind Master server with me and slave is at other remote location. My query is since I have opted for PUSH update from master to slave over random port. What if the link at slave is down and NOTFY message is not reached? When will slave then pull the update? Lets take an example

Re: What if the link is failed between master/slave

(716) 821-7285 > > "bind-users" wrote on 06/29/2018 > 12:53:07 PM: > > > From: "Blason R" > > > I have bind Master server with me and slave is at other remote > > location. My query is since I have opted for PUSH update from master > > to s

Re: What if the link is failed between master/slave

Excellent..Thanks! On Fri, Jun 29, 2018 at 10:52 PM wrote: > From: "Blason R" > > > OK - Got it so is there any settings available at master by which it > > will keep on probing slave and as soon it is contacted NOTIFY Message is > sent. > > No. The

policy-ip-trigger

Hi, I am trying to write a zone for policy-ip-trigger and trying to reverse the IP which I have done with below command cat test | awk -F. '{print $4"."$3"."$2"."$1".rpz-ip"}' Does any one have any other idea? Also with policy-ip-trigger is it mandatory to provide subnet mask in reverse

Re: policy-ip-trigger

, Blason R <blaso...@gmail.com> wrote: > Hi, > > I am trying to write a zone for policy-ip-trigger and trying to reverse > the IP which I have done with below command > > cat test | awk -F. '{print $4"."$3"."$2"."$1".rpz-ip"}' >

Re: Can we block/detect DNS beacon channels?

of resources hence wondering if natively can we configure anything like that? On Thu, May 3, 2018 at 12:20 AM, Grant Taylor via bind-users < bind-users@lists.isc.org> wrote: > On 05/02/2018 12:23 PM, Blason R wrote: > >> I would really appreciate if someone can shed light; if DNS based &

Can we block/detect DNS beacon channels?

Hi, I would really appreciate if someone can shed light; if DNS based advanced attacks can be stopped using DNS RPZ? Like DNS beacon channels or Data Exfiltration through DNS queries. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to

Re: Whitelisting sites using RPZ

9.12 is not yet stable; i believe? On Thu, Apr 26, 2018 at 1:23 PM, Daniel Stirnimann < daniel.stirnim...@switch.ch> wrote: > On 26.04.18 09:46, Blason R wrote: > > Oh thats great...in that case general practice would be always whitelist > > the zones first then bla

Re: Whitelisting sites using RPZ

Oh thats great...in that case general practice would be always whitelist the zones first then blacklist? On Thu, Apr 26, 2018 at 11:53 AM, Daniel Stirnimann < daniel.stirnim...@switch.ch> wrote: > > response-policy { zone "malware.trap"; zone "whitelist.allow" policy > > passthru; }; > > ... >

Re: Fwd: Facing weird issue with DNS-RPZ

I do not have IPv6 disable its just a plain CentOS where I am compiling. Thanks for the info though. On Thu, Apr 26, 2018 at 2:32 AM, Carl Byington <c...@byington.org> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On Wed, 2018-04-25 at 19:30 +0530, Blason R

Whitelisting sites using RPZ

Hi team, In RPZ since we can build up to 32 zones can I create blacklist and whitelist policies like this? response-policy { zone "malware.trap"; zone "whitelist.allow" policy passthru; }; zone "malware.trap" { type master; file "/etc/bind/malware.trap.db"; }; zone

what is mapping and how to achieve it?

Hi Team, Just been looking around about using mapping in my DNS RPZ server but didnt find any relevant documentation. Can somone please help me understanding mapping in RPZ and how that can be beneficial? performance wise/storage wise/faster loading of zones?

Re: DNS RPZ Master/Slave configuration

PM, Blason R <blaso...@gmail.com> wrote: > Hi there, > > Can someone please guide me on working configuration of Mater/Slave zone > in DNS RPZ for reference? > > Is that available with someone? And does it work exactly as master/sla

DNS RPZ Master/Slave configuration

Hi there, Can someone please guide me on working configuration of Mater/Slave zone in DNS RPZ for reference? Is that available with someone? And does it work exactly as master/slave like any other zone? ___ Please visit

Re: DNS RPZ Master/Slave configuration

Again unicast could be any IP address or normal IP address given on server? There is no such specification like multicast On Thu, May 3, 2018 at 7:46 PM, Blason R <blaso...@gmail.com> wrote: > Thanks I got it, Below link helped me understand. > > https://deepthought.isc.org/art

RPZ logging

Hi Folks, I have been struggligng with exact RPZ/Bind option/statement which enables the logging for RPZ and shows if the query matches RPZ zone. Can someone please help me? ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to

How to implement DNS RPZ with Domain Based Reputation Data

Hi Team, Can someone please confirm if below stuff I found pertaining to BIND can be implemented with DNS RPZ? If yes can someone please point me to the appropriate document? Domain Based Reputational Data With the release of BIND 9.8.1 a *new* reputational mechanism is available, this time for

Re: RPZ logging

hmm..ok let me try. Since I am also wrting parsers in logstash wondering what exactly would be the log setting I need to pick up. On Sun, Apr 29, 2018 at 9:12 AM, Bob Harold <rharo...@umich.edu> wrote: > > On Sat, Apr 28, 2018 at 11:29 PM, Blason R <blaso...@gmail.com> wr

Re: RPZ logging

Yep; thanks that worked!! On Sun, Apr 29, 2018 at 10:38 AM, Blason R <blaso...@gmail.com> wrote: > hmm..ok let me try. Since I am also wrting parsers in logstash wondering > what exactly would be the log setting I need to pick up. > > On Sun, Apr 29, 2018 at 9:12 AM,

Re: How to implement DNS RPZ with Domain Based Reputation Data

Oh I see.. I thought this a kind of feature of BIND. I got it now. On Sun, Apr 29, 2018 at 8:38 AM, Mukund Sivaraman <m...@isc.org> wrote: > On Sun, Apr 29, 2018 at 08:27:34AM +0530, Blason R wrote: > > Hi Team, > > Can someone please confirm if below stuff I found p

notify explicit and also-notify

Hi, So I was playing with these two statements and wanted to know something on also-notify. also-notify by default will update slaves about delta changes on port TCP/53 if not explicitly set right? e.g. also-notify {10.0.1.2; "notify-them" port 2034;};

Little confusion about BIND/AD [DNS] Setup

Hi there, I have little confusion about bind and Windows AD/DNS Setup and woudl appreciate if someone can shed some light on my query. Well, I have BIND/RPZ setup in my environment and I have AD/DNS server, users are configured to talk to Windows DNS server and it has forwarder set to my

Re: Question about BIND and RPZ

Well I was working on the same but you really need to have good RPZ feeds. I subscribed to third party feeds and have worked on my RPZ but later you need to have good reporting engine. Hence better to have a dedicated RPZ server instead and that's what I could suggest. This is not marketing talk

Re: Queries regarding forwarders

n Wed, Aug 8, 2018 at 10:26 PM Matus UHLAR - fantomas wrote: > On 08.08.18 19:32, Blason R wrote: > >I am bit confused about DNS forwarders. I have two BIND Servers one is > >being used as Authoritative DNS server which has forwarder set > > why? > > > to ot

Need help on RPZ sever, bit urgent

Hi Bind-Users, I would really appreciate if someone can help me understanding my issue with BIND RPZ server? I have one windows server say 192.168.1.42 and then RPZ server with 192.168.1.179. I noticed that there are certain domains which are not getting resolved from end users. Ideally since

Re: Need help on RPZ sever, bit urgent

For example this one. 18:59:26.905177 IP 192.168.1.120.65049 > 192.168.1.42.53: 42074+ A? 0351dag.com. (29) 18:59:26.905299 IP 192.168.1.42.53 > 192.168.1.120.65049: 42074 NXDomain 0/1/0 (102) On Thu, Aug 9, 2018 at 6:59 PM Blason R wrote: > Hi Bind-Users, > > I would re

Re: Need help on RPZ sever, bit urgent

Ok - Now I added like this and it disappeared. response-policy { zone "whitelist.allow" policy passthru; zone "malware.trap"; zone "ransomwareips.block"; } qname-wait-recurse no break-dnssec no; On Sat, Au

Re: Need help on RPZ sever, bit urgent

ot;malware.trap"; zone "ransomwareips.block"; } qname-wait-recurse no break-dnssec no; }; On Sat, Aug 11, 2018 at 1:17 AM Carl Byington wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On Fri, 2018-08-10 at 13:17 +0530, Blason R wrote: > > Na

Re: Need help on RPZ sever, bit urgent

a.gtld-servers.net <http://a.gtld-servers.net>. nstld.verisign-grs.com <http://nstld.verisign-grs.com>. 1533954938 1800 900 604800 86400* ;; Query time: 0 msec ;; SERVER: 192.168.3.15#53(192.168.3.15) ;; WHEN: Sat Aug 11 08:12:17 IST 2018 ;; MSG SIZE rcvd: 114 On Sat, Aug 11, 2018 at 7

Re: Need help on RPZ sever, bit urgent

hether > your RPZ configuration is supposed to change that. > > Sam > > > > On 9 Aug 2018, at 18:25, Blason R wrote: > > > > Is it a big?? I mean certain domains from my rpz feeds are properly > getting resolved while few are giving nxdomain though they appear in

Queries regarding forwarders

Hi there, I am bit confused about DNS forwarders. I have two BIND Servers one is being used as Authoritative DNS server which has forwarder set to other server like this Auth Server for xvyz.com 192.168.3.15 Recursive Server 192.168.3.44 Now if I am debugging from client side using -debug

Re: Need help on RPZ sever, bit urgent

to 192.168.3.78. PS: I guess there are certain folks are on list from commercial RPZ services, are they facing same issue? On Sun, Aug 12, 2018 at 10:12 AM Bob Harold wrote: > > On Fri, Aug 10, 2018 at 10:53 PM Blason R wrote: > >> Infact what I observed that the intermedi

Re: Need help on RPZ sever, bit urgent

Its there!!! On Mon, Aug 13, 2018 at 6:58 PM Bob Harold wrote: > > > -- > Bob Harold > hostmaster, UMnet, ITcom > Information and Technology Services (ITS) > rharo...@umich.edu > 734-647-6524 desk > > > On Sun, Aug 12, 2018 at 2:38 AM Blason R wrote: >

Re: Need help on RPZ sever, bit urgent

zone "malware.trap"; > zone "ransomwareips.block"; > } qname-wait-recurse no break-dnssec no; > > Vadim > > On 09 Aug 2018, at 20:50, Blason R wrote: > > This is the error I am getting > > /etc/bind/named.conf.options:24: expected 'zo

Re: Need help on RPZ sever, bit urgent

server are not at all getting resolved. When I captured packets on BIND/RPZ server I see that those domains are getting NXdomain by RPZ and not sure why. Thanks and Regards, Lionel F On Thu, Aug 9, 2018 at 11:08 PM Bob Harold wrote: > > On Thu, Aug 9, 2018 at 9:31 AM Blason R

Re: Need help on RPZ sever, bit urgent

an provide the logs and config. Or if someone has a similar setup can try simulating at their end and confirm, plz? On Fri, Aug 10, 2018 at 1:17 PM Blason R wrote: > Nah I dont think that is the answer since you need a termination after > clause. > > > Thanks and Regards, > Lione

Re: Need help on RPZ sever, bit urgent

Is it a big?? I mean certain domains from my rpz feeds are properly getting resolved while few are giving nxdomain though they appear in zone. On Thu, Aug 9, 2018, 8:57 PM Sam Wilson wrote: > On 2018-08-09 14:00:55 +0000, Blason R said: > > > For example this one. > > >

Re: Need help on RPZ sever, bit urgent

This is the error I am getting /etc/bind/named.conf.options:24: expected 'zone' near 'qname-wait-recurse' On Fri, Aug 10, 2018 at 9:10 AM Blason R wrote: > Hi there, > > Where it should appear? ARM says it should appear inl Global-section of > response-policy which I tried but g

Re: Need help on RPZ sever, bit urgent

"ransomwareips.block"; }; qname-wait-recurse no; break-dnssec no; On Fri, Aug 10, 2018 at 8:09 AM Blason R wrote: > Well mine is bit different. I have RPZ and almost 40+ RPZ entries wall > gardened. And in my scenario users are talking to windows based

Re: Queries regarding forwarders

Well this is valid when users are directly talking to RPZ servers. What if there is one more resolver in between like Active Directory which itself acts as a DNS server? In that case I believe you don't need to do that, right? On Fri, Aug 10, 2018 at 12:33 AM Grant Taylor via bind-users <

Re: Logrotate for bind9

What exactly are those? Well what I wated to achieve here is to rotate the logs daily and start new file; then compress On Thu, Jul 5, 2018 at 6:21 AM Rohan Henry wrote: > Why not use Bind logging option? > > On Jul 4, 2018 8:51 AM, "Blason R" wrote: > >> Hi T

Re: Logrotate for bind9

_log { > > file "/var/log/named/named.log"; > > severity dynamic; > > print-time yes; > > print-severity yes; > > print-category yes; > > }; > > ... > > categ

My IXFR/AXFR stopped suddenly

Hi Team, Any clue how do I troubleshoot why master to Slave IXFR/AXFR stopped? It was working before even my logs shows notifies..I can connect to my slave on customised port that NOTIFY messages are sent but then PULL from slave to master is not working. Master zone "block.now" { type

Re: My IXFR/AXFR stopped suddenly

:11.521 client xx.xx.xx.xx#16129 (immediate.block): transfer of 'block.now/IN': AXFR ended On Sat, Jul 7, 2018 at 9:07 AM Blason R wrote: > Yes Anand is right; I didnt diclose the full config at Slave but its been > configured to listen on port 15455 and that UDP port is listening and

Re: My IXFR/AXFR stopped suddenly

Well after numerous try I could not succeed hence then I had to delete the block.now.db file and had to restart the service it then done the AXFR and later IXFR started as well. On Sat, Jul 7, 2018 at 9:55 AM Blason R wrote: > Well, I just tried transferring zone using dig and it was success

Re: My IXFR/AXFR stopped suddenly

Yes Anand is right; I didnt diclose the full config at Slave but its been configured to listen on port 15455 and that UDP port is listening and I can connect to that port using nc. It was in fact working absolutely fine but suddenly it stopped. @Ananad - can you confirm what command should I run

Re: My IXFR/AXFR stopped suddenly

. Even after zone refresh time it always shows 1 record transferred in fact some time I even add added or deleted more than 1 records. Hence finally I deleted the file from slave and restarted the daemon and it done the trick. On Sat, Jul 7, 2018 at 9:30 PM Matus UHLAR - fantomas wrote: > On 0

Logrotate for bind9

Hi There, I am not getting appropriate results for my custom daily logrorate for bind9 logs on Ubuntu. Can someone please help me with the settings which would include below stuff 1. Should rotate daily 2. Compress 3. create new file 4. keep last 180 entries Do I need stop bind9

Re: Queries related to RPZ

Is this list spammed? I am receiving lot of SPAM mails. On Tue, Apr 17, 2018 at 8:52 AM, Blason R <blaso...@gmail.com> wrote: > Hi All, > > I am building DNS RPZ and I am complete no-vice. I will be having around > 10-20k zones which my DNS will be wallgardening. > > Jus

Re: Queries related to RPZ

And would please share your Options para for response-zone rpz.zone.db On Tue, Apr 17, 2018 at 5:43 PM, Philippe Maechler wrote: > Hello blason > > > > I'm not an RPZ expert, but we have a running RPZ configuration > > > > From named.conf > > > > zone "rpz.zone" {

Re: Somehow my DNS is not starting up

ren Kumari <war...@kumari.net> wrote: > On Wed, Apr 18, 2018 at 5:13 AM, Daniel Stirnimann > <daniel.stirnim...@switch.ch> wrote: > > On 18.04.18 10:57, Blason R wrote: > >> Well it just loads fine when I run from command line i.e. named -u named > >> -n 4 -c

Re: Which one performs good RPZ or Zones with Include statment

Will the performance be same, considering the number of zones I have or will have?? On Thu, Apr 19, 2018 at 12:16 AM, Grant Taylor via bind-users < bind-users@lists.isc.org> wrote: > On 04/18/2018 11:52 AM, Blason R wrote: > >> Pertaining to my other thread since I am buildi

Which one performs good RPZ or Zones with Include statment

Hi, Pertaining to my other thread since I am building sinkhole server which will eventually have around 0.5 million zones or may be 1 Million which one would you think will perform better? RPZ or include statements? I have 8 Core Processor and 32 GB of RAM Please advise!!

Re: Somehow my DNS is not starting up

tStartSec= from the manager configuration file, except when > Type=oneshot is used, in which case the timeout is disabled by default > (see systemd-system.conf(5)). > > Am 18.04.2018 um 09:47 schrieb Blason R: > > Not sure what is gone wrong but my DNS is not starting up. an

Somehow my DNS is not starting up

Hi Team, Not sure what is gone wrong but my DNS is not starting up. and I am getting below error. I have around 362086 zones with 4 core CPU and 8 GB RAM. This is a sinkhole DNS server Apr 18 13:09:02 dnsfw named[1644]: command channel listening on 127.0.0.1#953 Apr 18 13:09:02 dnsfw

Re: Does anyone have BIND 9.11.3 RPM

Hey thanks for it. Which the latest earlier version available than that? On Fri, Apr 20, 2018 at 9:51 PM, Evan Hunt <e...@isc.org> wrote: > On Fri, Apr 20, 2018 at 01:29:33PM +0530, Blason R wrote: > > I am looking for BIND rpm 9.11.3 for CentOS 7.4 with pre-compiled. Is > >

Re: How to wall garden the malicious domain

ers@lists.isc.org> wrote: > On 04/18/2018 11:37 PM, Blason R wrote: > >> I need to wall garden the malicious Domain request and instead route to >> that server itself. >> > > I assume that you are saying that you need to 1) filter malicious domains > and 2) you want r

Does anyone have BIND 9.11.3 RPM

Hi Team, I am looking for BIND rpm 9.11.3 for CentOS 7.4 with pre-compiled. Is anyone aware of any link where I could download ready made RPM? Since compiling from source is pretty time consuming. ___ Please visit

Re: Fwd: Facing weird issue with DNS-RPZ

, Mukund Sivaraman <m...@isc.org> wrote: > On Tue, Apr 24, 2018 at 07:25:45PM -0700, Ray Van Dolson wrote: > > On Tue, Apr 24, 2018 at 07:21:34PM -0700, Mukund Sivaraman wrote: > > > On Tue, Apr 24, 2018 at 06:03:43PM +0530, Blason R wrote: > > > > I am buildin

Re: Fwd: Facing weird issue with DNS-RPZ

*BIND 9.10.3-P4-Ubuntu * On Wed, Apr 25, 2018 at 8:52 AM, Blason R <blaso...@gmail.com> wrote: > Unfortunately neither RHEL nor CentOS gives RPM for 9.10+ and really > compiling and building is really pain and time consuming. > Hence I decided to give a try with Ubuntu 16.04 and

  1   2   >