Hey Guys,
lets say I have a domain exmaple.com which is hosted out and are having MX
records as mail01.exmaple.com and mail02.example.com and
mail.example.comas a A Record for accessing mails
example.com NA ns1.example.com
ns2.example.com
IN
Margolin bar...@alum.mit.edu wrote:
In article mailman.1978.1389240374.20661.bind-us...@lists.isc.org,
Blason R blaso...@gmail.com wrote:
Hey Guys,
lets say I have a domain exmaple.com which is hosted out and are having
MX
records as mail01.exmaple.com and mail02.example.com
Oh yeah you are right...I missed that out :)
Thanks for pointing it out..
On Sun, Jan 12, 2014 at 2:03 AM, Barry Margolin bar...@alum.mit.edu wrote:
In article mailman.1996.1389470377.20661.bind-us...@lists.isc.org,
Blason R blaso...@gmail.com wrote:
Hey all,
Pertaining to the same
Hi Folks,
I am not sure if this is an appropriate forum to answer since more or less
it is pertaining to Go Daddy support but since its a huge community our
there and I am sure many of them are already using Go Daddy wondering if
su-domain delegation is possible in Go Daddy?
I mean I have
Yeah Warren you are correct. That seems to be a hack for adding subdomain.
So to answer your queries what I wanted to achieve is mail.example.com will
be my subdomain [again its just not gonna be my host entry] it will be a
delegated sub-domain for which I'll build internal DNS server for
addr = dns.dnsmadeeasy.com
serial = 1997022724
refresh = 28800 (8 hours)
retry = 14400 (4 hours)
expire = 360 (41 days 16 hours)
default TTL = 86400 (1 day)
Seems to be correct, right?
On Thu, Jan 16, 2014 at 10:07 AM, Blason R blaso...@gmail.com
Hello friends,
I may sound like novice but have basic question regarding Sub-zone which is
an delegated zone. lets say I have zone example.com whose NS are
ns1.example.com and then I have delegated sub-zone subdom.example.com whose
ns record would be say ns2.example.com.
So people who will be
for the subdomain. After that it will go to ns2
directly until the ns records time out in cache.
On Jan 23, 2014 12:30 PM, Blason R blaso...@gmail.com wrote:
Hello friends,
I may sound like novice but have basic question regarding Sub-zone which
is an delegated zone. lets say I have zone example.com whose
Hi Guys,
Though it may not relevant with BIND but I need help with NS servers which
are now hosted inside. I have a domain hosted with godaddy and godaddy were
the DNS as well as registrars. Now I have setup my own DNS server inside my
network and pointed NS record in godaddy panel which happened
The domain is isnlab.in and host i am trying to ping is lbtest.isnlab.in
On 20 Jul 2014 15:51, Reindl Harald h.rei...@thelounge.net wrote:
Am 20.07.2014 09:21, schrieb Blason R:
Though it may not relevant with BIND but I need help with NS servers
which are now hosted inside. I have a domain
l...@lcrcomputer.net wrote:
post the domain name so we can look from out here.
Is the name server on a public ip address and your firewall allowing udp
tcp port 53 access to talk to named?
Lyle
On 07/20/14 02:21, Blason R wrote:
Hi Guys,
Though it may not relevant with BIND but I
, Chris Thompson c...@cam.ac.uk wrote:
On Jul 20 2014, Blason R wrote:
The domain is isnlab.in and host i am trying to ping is lbtest.isnlab.in
The glue for delegation isnlab,in is out of step with (various) in-zone
contents. The in servers give a referral to
;; AUTHORITY SECTION:
isnlab.in
<
daniel.stirnim...@switch.ch> wrote:
> On 26.11.17 16:48, Blason R wrote:
> > Strange...when I started with command line it started successfully even
> > catering all my zones and sinkholing the requests as well
> >
> > /usr/sbin/named -u named -d 10 -c /etc/named.conf
&
Hi Guys,
Since I have sinkhole configured on DNS I need to know if I can log
responses received in my log files?
I mean this is required to grep out the matched entries against my
malicious zones.
Please suggest.
___
Please visit
tion:
>
> https://ftp.isc.org/isc/bind9/9.12.1/doc/arm/Bv9ARM.ch05.html
>
> Regards,
> Anand
>
> On 06/05/2018 18:15, Blason R wrote:
>
> > This needs to be configured on Master or slave or both?
> >
> > On Sun, May 6, 2018 at 2:29 AM, Grant Taylor via bind-users <
This needs to be configured on Master or slave or both?
On Sun, May 6, 2018 at 2:29 AM, Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 05/05/2018 11:35 AM, Blason R wrote:
> > BTW on the slave dumped zones are not in a readable format I believe
> > those
OK So wondering if I have master in cloud wanted to know which port should
I open for slave which is behind corporate firewall and if I set as below
then my slaves will start listening on port 2034? I am bit confused on port
numbers for NOTIFY messages and NOTIFY-UPDATED [i.e. AXFR/IXFR]
Hi Team,
Since I am building Master/slave RPZ for my organization I do have couple
of queries.
1. My ixfr is not working as soon as I remove the statement it works fine
2. Do I need to create files at secondary server? or will those be
created automatically?
3. I guess I always need
ll send notifies to all name servers for a given zone.
>
> Also notify pertains too the notification of name servers not included in
> zone data.
>
> Kind Regards Peter
>
> On 04/05/2018 05:51, Blason R wrote:
>
> Hi,
>
> So I was playing with these two statements a
Absolutely that is TCP/53 required for Zone Xfer right?
On Sat, May 5, 2018 at 10:34 PM, Matus UHLAR - fantomas <uh...@fantomas.sk>
wrote:
> On 05.05.18 09:52, Blason R wrote:
>
>> OK So wondering if I have master in cloud wanted to know which port should
>> I open f
, /dev/rob0 <r...@gmx.co.uk> wrote:
> On Sat, May 05, 2018 at 03:52:16PM +0530, Blason R wrote:
> > Since I am building Master/slave RPZ for my organization I do have
> > couple of queries.
> >
> >
> >1. My ixfr is not working as soon as I remove the st
018 at 12:08 AM, Matthew Pounsett <m...@conundrum.com>
wrote:
>
>
> On 17 May 2018 at 13:30, Blason R <blaso...@gmail.com> wrote:
>
>> Hi,
>>
>> I have RPZ installed on server and its acting as a master server but
>> somehow port setting is not working
Thats correct taht worked for me and checking further now.
On Fri, May 18, 2018 at 1:23 PM, Warren Kumari <war...@kumari.net> wrote:
> On Fri, May 18, 2018 at 9:41 AM Blason R <blaso...@gmail.com> wrote:
>
> > Hi there,
>
> > Thanks for the update and here is
Hi,
I have RPZ installed on server and its acting as a master server but
somehow port setting is not working on master
## Master Server configuration
response-policy { zone "malware.trap"; };
zone "malware.trap" {
type master;
file "/var/lib/bind/malware.trap.db";
notify explicit;
Hi Team,
Wondering if anyone have a working How-To guide for implementing nsupdate
with RPZ? I mean do we need to configure any specific settings in zone of
Options?
Please advise
TIA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users
Hey,
Thanks a lot for your crisp and short answer!!
On Wed, May 23, 2018 at 6:31 PM, Matthew Pounsett <m...@conundrum.com>
wrote:
>
>
> On 23 May 2018 at 07:37, Blason R <blaso...@gmail.com> wrote:
>
>> Hi Guys,
>>
>> Can we define masters as h
Hi Guys,
Can we define masters as hostname instead of IP address? I guess its not
possible but wondering if community can shed come light on this?
zone "test.update" {
type slave;
masters { cloud.dns.net; };
file "/var/lib/bind/test.update.db";
allow-notify {
why? is there any logic in this?
yeah management does not want to allow direct syncing with master as they
dont want to expose any info to them.
On Fri, May 18, 2018 at 7:32 PM, Matus UHLAR - fantomas <uh...@fantomas.sk>
wrote:
> On 18.05.18 19:29, Blason R wrote:
>
>> I hav
Nah that is not my query; instead I wanted updates to be sent on other
port and not TCP/53. Queries let it happen on UDP 53
On Fri, May 18, 2018 at 3:02 PM, Matus UHLAR - fantomas <uh...@fantomas.sk>
wrote:
> On 17.05.18 23:00, Blason R wrote:
>
>> I have RPZ installed on ser
Hi Guys,
I have this other query on RPZ; I have one master server [lets say
masterns.test.com.] on cloud. One slave [slavens.test.com] in my
organization and our partner would also want to sync with slave but not
with master server.
How can one slave can sync with other slave? Can someone please
Okies so zone xfer would happen on TCP/53 correct and notify would be sent
on udp/53?
On Fri, May 18, 2018, 7:31 PM Matus UHLAR - fantomas <uh...@fantomas.sk>
wrote:
> >> On 17.05.18 23:00, Blason R wrote:
> >>> So here I am sending notification to 192.168.5.49 on
, May 23, 2018 at 8:43 PM, Chris Buxton <cli...@buxtonfamily.us>
wrote:
> On May 22, 2018, at 7:35 PM, Blason R <blaso...@gmail.com> wrote:
>
> > Wondering if anyone have a working How-To guide for implementing
> nsupdate with RPZ? I mean do we need to configure any
Thanks!
Any particular use case or configuration you would like to suggest?
On Sun, Jun 10, 2018 at 10:25 AM Vadim Pavlov wrote:
> Hi Blason,
>
> You can use MaxMind GeoIP DB and enrich logs with data you need.
>
> Vadim
> > On 09 Jun 2018, at 17:33, Blason
Hi There,
I have DNS RPZ server runnnig and have configured logstatsh on the same to
parse the DNS RPZ logs.
My requirement is I need to build Geo Map basis on the DNS responses; Any
idea how can that be achieved? Or need to know the requests made from which
country and any other idea community
Excellent Inputs guys and thanks a ton for your feedbacks. RPS is quite
interesting and which one is commercial offering for the same?
On Sun, Jun 17, 2018 at 10:56 PM Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 06/17/2018 11:18 AM, Vadim Pavlov via bind-users wrote:
> >
Hi Team,
Can someone please guide if DNS exfiltration techniques can be identified
using DNS RPZ? Or do I need to install any other third party tool like IDS
to identify the the DNS beacon channels.
Has anyone used DNS RPZ to block/detect data exfiltration?
Hi there,
I am writing a RPZ zone and here is my zone file. RPZ is working fine but
somehow A records are not getting resovled hence I am unable to do the
wall-gardening.
Can someone please help
$TTL 3h
@ IN SOA ns1.malware.trap. admin.malware.trap.(
Well this is I am getting in network.log what could be the issue?
01-Jun-2018 23:27:42.274 client 192.168.5.103#58425 (wg.block.tld): query
'wg.block.tld/A/IN' denied
On Fri, Jun 1, 2018 at 11:27 PM, Bob Harold wrote:
>
> On Fri, Jun 1, 2018 at 1:36 PM Blason R wrote:
>
>> Hi
I guess this could be the issue
zone "malware.trap" {
type master;
file "/var/lib/bind/zones/malware.trap.db";
allow-query { localhost;};
On Fri, Jun 1, 2018 at 11:28 PM, Blason R wrote:
> Well this is I am getting in network.log what could b
Yes that was the issue :) and got resolved.
On Fri, Jun 1, 2018 at 11:29 PM, Blason R wrote:
> I guess this could be the issue
>
> zone "malware.trap" {
> type master;
> file "/var/lib/bind/zones/malware.trap.db";
> allow-query {
Hi There,
I have bind Master server with me and slave is at other remote location. My
query is since I have opted for PUSH update from master to slave over
random port.
What if the link at slave is down and NOTFY message is not reached? When
will slave then pull the update?
Lets take an example
(716) 821-7285
>
> "bind-users" wrote on 06/29/2018
> 12:53:07 PM:
>
> > From: "Blason R"
>
> > I have bind Master server with me and slave is at other remote
> > location. My query is since I have opted for PUSH update from master
> > to s
Excellent..Thanks!
On Fri, Jun 29, 2018 at 10:52 PM wrote:
> From: "Blason R"
>
> > OK - Got it so is there any settings available at master by which it
> > will keep on probing slave and as soon it is contacted NOTIFY Message is
> sent.
>
> No. The
Hi,
I am trying to write a zone for policy-ip-trigger and trying to reverse the
IP which I have done with below command
cat test | awk -F. '{print $4"."$3"."$2"."$1".rpz-ip"}'
Does any one have any other idea?
Also with policy-ip-trigger is it mandatory to provide subnet mask in
reverse
, Blason R <blaso...@gmail.com> wrote:
> Hi,
>
> I am trying to write a zone for policy-ip-trigger and trying to reverse
> the IP which I have done with below command
>
> cat test | awk -F. '{print $4"."$3"."$2"."$1".rpz-ip"}'
>
of
resources hence wondering if natively can we configure anything like that?
On Thu, May 3, 2018 at 12:20 AM, Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 05/02/2018 12:23 PM, Blason R wrote:
>
>> I would really appreciate if someone can shed light; if DNS based
&
Hi,
I would really appreciate if someone can shed light; if DNS based advanced
attacks can be stopped using DNS RPZ? Like DNS beacon channels or Data
Exfiltration through DNS queries.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
9.12 is not yet stable; i believe?
On Thu, Apr 26, 2018 at 1:23 PM, Daniel Stirnimann <
daniel.stirnim...@switch.ch> wrote:
> On 26.04.18 09:46, Blason R wrote:
> > Oh thats great...in that case general practice would be always whitelist
> > the zones first then bla
Oh thats great...in that case general practice would be always whitelist
the zones first then blacklist?
On Thu, Apr 26, 2018 at 11:53 AM, Daniel Stirnimann <
daniel.stirnim...@switch.ch> wrote:
> > response-policy { zone "malware.trap"; zone "whitelist.allow" policy
> > passthru; };
>
> ...
>
I do not have IPv6 disable its just a plain CentOS where I am compiling.
Thanks for the info though.
On Thu, Apr 26, 2018 at 2:32 AM, Carl Byington <c...@byington.org> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Wed, 2018-04-25 at 19:30 +0530, Blason R
Hi team,
In RPZ since we can build up to 32 zones can I create blacklist and
whitelist policies like this?
response-policy { zone "malware.trap"; zone "whitelist.allow" policy
passthru; };
zone "malware.trap" {
type master;
file "/etc/bind/malware.trap.db";
};
zone
Hi Team,
Just been looking around about using mapping in my DNS RPZ server but didnt
find any relevant documentation. Can somone please help me understanding
mapping in RPZ and how that can be beneficial? performance wise/storage
wise/faster loading of zones?
PM, Blason R <blaso...@gmail.com> wrote:
> Hi there,
>
> Can someone please guide me on working configuration of Mater/Slave zone
> in DNS RPZ for reference?
>
> Is that available with someone? And does it work exactly as master/sla
Hi there,
Can someone please guide me on working configuration of Mater/Slave zone in
DNS RPZ for reference?
Is that available with someone? And does it work exactly as master/slave
like any other zone?
___
Please visit
Again unicast could be any IP address or normal IP address given on server?
There is no such specification like multicast
On Thu, May 3, 2018 at 7:46 PM, Blason R <blaso...@gmail.com> wrote:
> Thanks I got it, Below link helped me understand.
>
> https://deepthought.isc.org/art
Hi Folks,
I have been struggligng with exact RPZ/Bind option/statement which enables
the logging for RPZ and shows if the query matches RPZ zone.
Can someone please help me?
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
Hi Team,
Can someone please confirm if below stuff I found pertaining to BIND can be
implemented with DNS RPZ? If yes can someone please point me to the
appropriate document?
Domain Based Reputational Data
With the release of BIND 9.8.1 a *new* reputational mechanism is available,
this time for
hmm..ok let me try. Since I am also wrting parsers in logstash wondering
what exactly would be the log setting I need to pick up.
On Sun, Apr 29, 2018 at 9:12 AM, Bob Harold <rharo...@umich.edu> wrote:
>
> On Sat, Apr 28, 2018 at 11:29 PM, Blason R <blaso...@gmail.com> wr
Yep; thanks that worked!!
On Sun, Apr 29, 2018 at 10:38 AM, Blason R <blaso...@gmail.com> wrote:
> hmm..ok let me try. Since I am also wrting parsers in logstash wondering
> what exactly would be the log setting I need to pick up.
>
> On Sun, Apr 29, 2018 at 9:12 AM,
Oh I see.. I thought this a kind of feature of BIND.
I got it now.
On Sun, Apr 29, 2018 at 8:38 AM, Mukund Sivaraman <m...@isc.org> wrote:
> On Sun, Apr 29, 2018 at 08:27:34AM +0530, Blason R wrote:
> > Hi Team,
> > Can someone please confirm if below stuff I found p
Hi,
So I was playing with these two statements and wanted to know something on
also-notify.
also-notify by default will update slaves about delta changes on port
TCP/53 if not explicitly set right?
e.g.
also-notify {10.0.1.2; "notify-them" port 2034;};
Hi there,
I have little confusion about bind and Windows AD/DNS Setup and woudl
appreciate if someone can shed some light on my query.
Well, I have BIND/RPZ setup in my environment and I have AD/DNS server,
users are configured to talk to Windows DNS server and it has forwarder set
to my
Well I was working on the same but you really need to have good RPZ feeds.
I subscribed to third party feeds and have worked on my RPZ but later you
need to have good reporting engine. Hence better to have a dedicated RPZ
server instead and that's what I could suggest.
This is not marketing talk
n Wed, Aug 8, 2018 at 10:26 PM Matus UHLAR - fantomas
wrote:
> On 08.08.18 19:32, Blason R wrote:
> >I am bit confused about DNS forwarders. I have two BIND Servers one is
> >being used as Authoritative DNS server which has forwarder set
>
> why?
>
> > to ot
Hi Bind-Users,
I would really appreciate if someone can help me understanding my issue
with BIND RPZ server?
I have one windows server say 192.168.1.42 and then RPZ server with
192.168.1.179. I noticed that there are certain domains which are not
getting resolved from end users.
Ideally since
For example this one.
18:59:26.905177 IP 192.168.1.120.65049 > 192.168.1.42.53: 42074+ A?
0351dag.com. (29)
18:59:26.905299 IP 192.168.1.42.53 > 192.168.1.120.65049: 42074 NXDomain
0/1/0 (102)
On Thu, Aug 9, 2018 at 6:59 PM Blason R wrote:
> Hi Bind-Users,
>
> I would re
Ok - Now I added like this and it disappeared.
response-policy { zone "whitelist.allow" policy passthru;
zone "malware.trap";
zone "ransomwareips.block"; } qname-wait-recurse no
break-dnssec no;
On Sat, Au
ot;malware.trap";
zone "ransomwareips.block"; } qname-wait-recurse no
break-dnssec no; };
On Sat, Aug 11, 2018 at 1:17 AM Carl Byington wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Fri, 2018-08-10 at 13:17 +0530, Blason R wrote:
> > Na
a.gtld-servers.net
<http://a.gtld-servers.net>. nstld.verisign-grs.com
<http://nstld.verisign-grs.com>. 1533954938 1800 900 604800 86400*
;; Query time: 0 msec
;; SERVER: 192.168.3.15#53(192.168.3.15)
;; WHEN: Sat Aug 11 08:12:17 IST 2018
;; MSG SIZE rcvd: 114
On Sat, Aug 11, 2018 at 7
hether
> your RPZ configuration is supposed to change that.
>
> Sam
>
>
> > On 9 Aug 2018, at 18:25, Blason R wrote:
> >
> > Is it a big?? I mean certain domains from my rpz feeds are properly
> getting resolved while few are giving nxdomain though they appear in
Hi there,
I am bit confused about DNS forwarders. I have two BIND Servers one is
being used as Authoritative DNS server which has forwarder set to other
server like this
Auth Server for xvyz.com 192.168.3.15
Recursive Server 192.168.3.44
Now if I am debugging from client side using -debug
to 192.168.3.78.
PS: I guess there are certain folks are on list from commercial RPZ
services, are they facing same issue?
On Sun, Aug 12, 2018 at 10:12 AM Bob Harold wrote:
>
> On Fri, Aug 10, 2018 at 10:53 PM Blason R wrote:
>
>> Infact what I observed that the intermedi
Its there!!!
On Mon, Aug 13, 2018 at 6:58 PM Bob Harold wrote:
>
>
> --
> Bob Harold
> hostmaster, UMnet, ITcom
> Information and Technology Services (ITS)
> rharo...@umich.edu
> 734-647-6524 desk
>
>
> On Sun, Aug 12, 2018 at 2:38 AM Blason R wrote:
>
zone "malware.trap";
> zone "ransomwareips.block";
> } qname-wait-recurse no break-dnssec no;
>
> Vadim
>
> On 09 Aug 2018, at 20:50, Blason R wrote:
>
> This is the error I am getting
>
> /etc/bind/named.conf.options:24: expected 'zo
server are
not at all getting resolved. When I captured packets on BIND/RPZ server I
see that those domains are getting NXdomain by RPZ and not sure why.
Thanks and Regards,
Lionel F
On Thu, Aug 9, 2018 at 11:08 PM Bob Harold wrote:
>
> On Thu, Aug 9, 2018 at 9:31 AM Blason R
an
provide the logs and config.
Or if someone has a similar setup can try simulating at their end and
confirm, plz?
On Fri, Aug 10, 2018 at 1:17 PM Blason R wrote:
> Nah I dont think that is the answer since you need a termination after
> clause.
>
>
> Thanks and Regards,
> Lione
Is it a big?? I mean certain domains from my rpz feeds are properly getting
resolved while few are giving nxdomain though they appear in zone.
On Thu, Aug 9, 2018, 8:57 PM Sam Wilson wrote:
> On 2018-08-09 14:00:55 +0000, Blason R said:
>
> > For example this one.
> >
>
This is the error I am getting
/etc/bind/named.conf.options:24: expected 'zone' near 'qname-wait-recurse'
On Fri, Aug 10, 2018 at 9:10 AM Blason R wrote:
> Hi there,
>
> Where it should appear? ARM says it should appear inl Global-section of
> response-policy which I tried but g
"ransomwareips.block";
};
qname-wait-recurse no;
break-dnssec no;
On Fri, Aug 10, 2018 at 8:09 AM Blason R wrote:
> Well mine is bit different. I have RPZ and almost 40+ RPZ entries wall
> gardened. And in my scenario users are talking to windows based
Well this is valid when users are directly talking to RPZ servers. What if
there is one more resolver in between like Active Directory which itself
acts as a DNS server? In that case I believe you don't need to do that,
right?
On Fri, Aug 10, 2018 at 12:33 AM Grant Taylor via bind-users <
What exactly are those? Well what I wated to achieve here is to rotate the
logs daily and start new file; then compress
On Thu, Jul 5, 2018 at 6:21 AM Rohan Henry wrote:
> Why not use Bind logging option?
>
> On Jul 4, 2018 8:51 AM, "Blason R" wrote:
>
>> Hi T
_log {
>
> file "/var/log/named/named.log";
>
> severity dynamic;
>
> print-time yes;
>
> print-severity yes;
>
> print-category yes;
>
> };
>
> ...
>
> categ
Hi Team,
Any clue how do I troubleshoot why master to Slave IXFR/AXFR stopped? It
was working before even my logs shows notifies..I can connect to my slave
on customised port that NOTIFY messages are sent but then PULL from slave
to master is not working.
Master
zone "block.now" {
type
:11.521 client xx.xx.xx.xx#16129 (immediate.block):
transfer of 'block.now/IN': AXFR ended
On Sat, Jul 7, 2018 at 9:07 AM Blason R wrote:
> Yes Anand is right; I didnt diclose the full config at Slave but its been
> configured to listen on port 15455 and that UDP port is listening and
Well after numerous try I could not succeed hence then I had to delete the
block.now.db file and had to restart the service
it then done the AXFR and later IXFR started as well.
On Sat, Jul 7, 2018 at 9:55 AM Blason R wrote:
> Well, I just tried transferring zone using dig and it was success
Yes Anand is right; I didnt diclose the full config at Slave but its been
configured to listen on port 15455 and that UDP port is listening and I can
connect to that port using nc.
It was in fact working absolutely fine but suddenly it stopped.
@Ananad - can you confirm what command should I run
.
Even after zone refresh time it always shows 1 record transferred in fact
some time I even add added or deleted more than 1 records. Hence finally I
deleted the file from slave
and restarted the daemon and it done the trick.
On Sat, Jul 7, 2018 at 9:30 PM Matus UHLAR - fantomas
wrote:
> On 0
Hi There,
I am not getting appropriate results for my custom daily logrorate for
bind9 logs on Ubuntu.
Can someone please help me with the settings which would include below
stuff
1. Should rotate daily
2. Compress
3. create new file
4. keep last 180 entries
Do I need stop bind9
Is this list spammed? I am receiving lot of SPAM mails.
On Tue, Apr 17, 2018 at 8:52 AM, Blason R <blaso...@gmail.com> wrote:
> Hi All,
>
> I am building DNS RPZ and I am complete no-vice. I will be having around
> 10-20k zones which my DNS will be wallgardening.
>
> Jus
And would please share your Options para for response-zone rpz.zone.db
On Tue, Apr 17, 2018 at 5:43 PM, Philippe Maechler wrote:
> Hello blason
>
>
>
> I'm not an RPZ expert, but we have a running RPZ configuration
>
>
>
> From named.conf
>
>
>
> zone "rpz.zone" {
ren Kumari <war...@kumari.net> wrote:
> On Wed, Apr 18, 2018 at 5:13 AM, Daniel Stirnimann
> <daniel.stirnim...@switch.ch> wrote:
> > On 18.04.18 10:57, Blason R wrote:
> >> Well it just loads fine when I run from command line i.e. named -u named
> >> -n 4 -c
Will the performance be same, considering the number of zones I have or
will have??
On Thu, Apr 19, 2018 at 12:16 AM, Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 04/18/2018 11:52 AM, Blason R wrote:
>
>> Pertaining to my other thread since I am buildi
Hi,
Pertaining to my other thread since I am building sinkhole server which
will eventually have around 0.5 million zones or may be 1 Million which one
would you think will perform better?
RPZ or include statements? I have 8 Core Processor and 32 GB of RAM
Please advise!!
tStartSec= from the manager configuration file, except when
> Type=oneshot is used, in which case the timeout is disabled by default
> (see systemd-system.conf(5)).
>
> Am 18.04.2018 um 09:47 schrieb Blason R:
> > Not sure what is gone wrong but my DNS is not starting up. an
Hi Team,
Not sure what is gone wrong but my DNS is not starting up. and I am getting
below error. I have around 362086 zones with 4 core CPU and 8 GB RAM.
This is a sinkhole DNS server
Apr 18 13:09:02 dnsfw named[1644]: command channel listening on
127.0.0.1#953
Apr 18 13:09:02 dnsfw
Hey thanks for it. Which the latest earlier version available than that?
On Fri, Apr 20, 2018 at 9:51 PM, Evan Hunt <e...@isc.org> wrote:
> On Fri, Apr 20, 2018 at 01:29:33PM +0530, Blason R wrote:
> > I am looking for BIND rpm 9.11.3 for CentOS 7.4 with pre-compiled. Is
> >
ers@lists.isc.org> wrote:
> On 04/18/2018 11:37 PM, Blason R wrote:
>
>> I need to wall garden the malicious Domain request and instead route to
>> that server itself.
>>
>
> I assume that you are saying that you need to 1) filter malicious domains
> and 2) you want r
Hi Team,
I am looking for BIND rpm 9.11.3 for CentOS 7.4 with pre-compiled. Is
anyone aware of any link where I could download ready made RPM? Since
compiling from source is pretty time consuming.
___
Please visit
, Mukund Sivaraman <m...@isc.org> wrote:
> On Tue, Apr 24, 2018 at 07:25:45PM -0700, Ray Van Dolson wrote:
> > On Tue, Apr 24, 2018 at 07:21:34PM -0700, Mukund Sivaraman wrote:
> > > On Tue, Apr 24, 2018 at 06:03:43PM +0530, Blason R wrote:
> > > > I am buildin
*BIND 9.10.3-P4-Ubuntu *
On Wed, Apr 25, 2018 at 8:52 AM, Blason R <blaso...@gmail.com> wrote:
> Unfortunately neither RHEL nor CentOS gives RPM for 9.10+ and really
> compiling and building is really pain and time consuming.
> Hence I decided to give a try with Ubuntu 16.04 and
1 - 100 of 130 matches
Mail list logo