learned.
It *is* on by default, if it can find libxml2. Does yours live in
a nonstandard location?
Perhaps, if libxml2 and libjson-c are both unavailable, we should
disable statistics-channels in the configuration - at least that way
the problem would've been easier to figure out.
--
Ev
On Thu, Feb 29, 2024 at 10:34:42AM +0100, Borja Marcos wrote:
> But bear in mind that this is only guaranteed to work inside your
> network/ASN. It’s not unusual to scrub DSCP at the network border.
Same problem would also apply to DSCP values set internally by named,
of course.
--
Eva
atch before
it was merged.
You do raise a good point - there may be reasons for different sites to
want to teak these settings. Iif so, though, they we should probably
add the tuning to named judiciously, after a proper research and
data-gathering process, instead just accidentally leaving it there.
hey are not thought to be useful in a production environment,
and we know of no operators using them. (Please let us know if this is
incorrect!)
Our plan is to mark these options as deprecated in BIND 9.16 and 9.18,
and to remove them as of BIND 9.20.
--
Evan Hunt -- e...@isc.org
Internet Systems C
s loaded.
In your example, zone cf1 was in view1, so it sent its summary information
to view1. It doesn't know that it's also in view2.
I've been thinking for a while about the best way to address this, and
there might be some news coming in the not-too-distant future, but I don'
ervers, into clusters
for the benefit of servers that only have intermittent connectivity
to the internet. This is no longer a common enough scenario to justify
the added code complexity.
They will be deprecated as of BIND 9.20 and removed in BIND 9.22.
--
Evan Hunt -- e...@isc.org
Interne
On Thu, Jun 08, 2023 at 07:57:12PM +, Evan Hunt wrote:
> So, I'm guessing systemd-resolved is choking on the EDNS COOKIE option.
> This needs to be reported as a bug to the systemd maintainers. And, maybe
> delv should have a +nocookie option.
Hmm, on further inspection, I w
int delv to a
resolver that implements EDNS correctly. It will validate the data it
receives, but it has to receive some.
The newest version of delv, in the BIND 9.19 development release, has
a 'delv +ns' option to do its own resolution internally, without needing
an external server to
em, then can show me the
relevant lines from your log file so I can see what you're referring to
by "key regeneration"?
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
I
ative
configuration working fine (otherwise presumably dnssec-analyzer would've
complained), but recursive isn't working.
Unfortunately, since you haven't provided any configuration info or even
the name of the domain you were trying to set up, I can't make any more
educated guesses
in a feature request at https://gitlab.isc.org/isc-projects/bind9,
and if you submit a patch we'll look at it, but I don't think this is
the right way to do this. Why are you remapping to a blackholed
address, instead of returning NXDOMAIN?
--
Evan Hunt -- e...@isc.org
Internet System
; more preferable way to accomplish what I want, either with 9.18
> itself or otherwise.
It should, the raw file format hasn't changed. (There used to be a
format called "map" that was incompatible between versions, but
you're not using that, and it's been removed from
;t
succeed until the original name is resolved. The two lookups will wait on
each other for ten seconds, and then the whole query times out and issues
that log message.
The log message is new in 9.18, but the 10-second delay and SERVFAIL
response would probably have happened in earlier relea
g a query, but unless your server gets an overwhelming amount
of traffic you won't notice it.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with
ich usually ignore the authority section.
no-auth-recursive is meant for use in mixed-mode servers that
handle both authoritative and recursive queries.
So when recursion is requested in the query, the server omits the NS
records from the authority section, and if there's no NS records
site before turning on DNSSEC validation,
and we no longer consider that to be worthwhile advice. Just keep your
packages up to date and you'll be fine.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
ad of updating BIND, you can pull it from the source tree:
https://gitlab.isc.org/isc-projects/bind9/-/blob/main/bind.keys.)
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the d
until that last reference is released.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www
debug(1), you should see "unloading
plugin" in your log file when this happens.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with pai
akefile? No package requirement checking
> through configure.ac?
Correct.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid suppor
at's what was in configure.ac.
Later we added dlopen-able DLZ modules, which are built separately
and linked in at runtime (see contrib/dlz/modules and subdirectories).
For a long time both methods were available but in (I think?) 9.18 we
finally removed the old-style drivers.
--
Evan Hunt -
something about it that I don't?
It would definitely be easier to *make* dyndb work for the cache;
it has all the necessary API calls, and DLZ doesn't. But I don't
know a way to configure it to take the place of the cache currently.
If you do, please educate me.
--
Evan Hunt -- e...
o this, I'd be happy to
see it. It's always seemed pretty clunky to me but I've never had
the necessary combination of time and brains to improve it.)
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
it
authority and additional section data except when necessary.
The default is "no-auth-recursive", which omits authority section data
when it isn't strictly necessary, but will still add additional data for
records in the answer section.
--
Evan Hunt -- e...@isc.org
Internet Systems
zone example.com {
type primary;
file "example.db";
update-policy {
grant update-key zonesub ANY;
};
};
(Incidentally, the "ddns-confgen" command is a version of tsig-keygen
that, in addition to generating a new key, also prints a
bably related to that. Please
open a bug report at https://gitlab.isc.org/isc-projects/bind9/-/issues,
we'll look into it.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC
dig @localhost unsigned.com | grep flags
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
$ dig @localhost ietf.org | grep flags
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
^^
--
Evan Hunt -- e...@isc.org
Internet Systems Consor
ote that you should
always check whether bind.keys needed to be updated.
In today's world, I don't think it's inmportant anymore.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this li
06
> # SKIP: 0
> # XFAIL: 0
> # FAIL: 0
> # XPASS: 0
> # ERROR: 0
>
> make[7]: Leaving directory '/tmp/bind9/bind-9.18.0/bin/tests/system’
> […]
> $
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
--
Visit https://lists.is
ents; };
zone example.com {
type secondary;
file "example-secondary.db";
primaries { 127.0.0.1 key them-key; };
};
};
view them {
match-clients { any; };
zone example.com {
type primary;
ifferent things (not to mention being documented to mean a third).
Thanks for bringing this to our attention. I've created issue #2918 to track
it in gitlab.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://li
t
> instead. Until the pendulum swings again.
Yep, I think that's how we'll do this, if we do it.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubs
ld be nice not to have to worry about map files when it came to
maintaining feature parity.)
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC
x27;t comply with the RFC, so it kind of had to go.
I'm not sure which of the open-source auth servers currently have ECS
support. PowerDNS maybe? And a quick google search just suggested one
called gdnsd, which I hadn't heard of before.
--
Evan Hunt -- e...@isc.org
Internet Systems Co
documentation. There's a mechanism for flagging
obsolete options in named.conf and logging a useful message about them, but
it's not so straightforward when the option is still valid but the
parameters have changed.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
_
ANAME was that browser vendors were unwilling to use
SRV. If they *are* willing to use HTTPS/SVCB - which looks promising at
the moment - then the remaining use cases for ANAME aren't worth the
complexity.
--
Evan Hunt -- e...@isc.org
Internet Sys
and SVCB records look like a better approach anyway.
BIND will have support for those pretty soon.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this
, in place of both "trusted-keys" and
"managed-keys".
For the moment, using the old syntax only generates a warning, not a fatal
error, but the old options will be removed in a future release (9.20, I
think, but don't quote me on that).
--
E
build under MinGW. (I'd be happy to get help
with that project from anyone who knows windows better than I do - it
wouldn't take much.)
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman
t;sudo sh bin/tests/system/ifconfig.sh up").
I think the message got lost when we switched to automake.
Some tests will be skipped if there are missing dependencies, so you may
also wish to install the Net::DNS, Net::DNS::Nameserver and XML::Simple
modules for perl, and dnspython for pyth
e an example to achieve the same?
match-clients { !geoip country A; !geoip country B; !geoip country C; any; };
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubsc
ia "reconfig" either. Views
don't scale well. Finding the correct view for a query is a linear search,
so your performance will decline quite badly if you have more than a few
views to search through.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
__
.17.11.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact
cally sorted.
"named" can do this automatically if you dynamically update a zone and
remove the DNSKEY rrset. I think "dnssec-signzone -SPRQ" would do it if you
marked the keys as deleted with "dnssec-settime" first; I haven't tested
this, but it should. But I th
r/cache/bind/db.powercraft.nl.signed
You can just regex out all the DNSSEC-related types. Something like
this ought to work:
$ named-compilezone -f raw -F text -s full -o - powercraft.nl | \
awk '$4 ~ /(DNSKEY|DS|RRSIG|NSEC|NSEC3|NSEC3PARAM)/ {next} {print}'
--
Evan Hunt --
her domains listed there will be ignored. So, this would already not
work.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds
reason not to select the strongest - HMAC-SHA512?
No, go ahead. I tend to use sha256, just because it's the default
from rndc-confgen.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/lis
Old syntax will continue working so old named.conf files don't
need to be changed, at least for the next several releases.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo
>1. Can bind support DoH and DoT
>2. If yes Which version of bind support DoH or DoT
It's in development now. The plan is for it to be supported in 9.18 when it
comes out next year, and backported to the 9.16 branch as a compile-time
option.
--
Evan Hunt -- e...@isc.org
Inter
ld system.
The ones in contrib/dlz/drivers ones do need to be linked in at compile
time, so they still turn up as configure options even though they're
kinda obsolete now.
I expect them to go away in 9.17/9.18; the only reason they're still there
now is that a few of them support databas
b.isc.org/docs/aa-01149
Ah, thank you, I hadn't seen that.
The only thing I see in that article that's out of date is that
the "--with-geoip" option is no longer needed, or valid; it's
"--with-maxminddb" now, and it's enabl
be largely unchanged, with the exception that a
couple of very infrequently used keywords like "areacode" and "netspeed"
became unavailable in the new API, and three-letter country codes are
now obsolete. "Country" is definitely st
nfiguration for an nginx proxy in the BIND source tree under
contrib/dnspriv that you can use now, if you wish.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> Does BIND have a DoH plugin official?
> Or is there any guide to customize that one?
Not yet, but we plan to have a DoH implementation in named by the end of
this year.
In the meantime, there are DoH proxies that can run BIND as the back-end.
--
Evan Hunt -- e...@isc.org
Internet S
ample.com in a
> update add example.com in a 192.0.2.1
> update add example.com in a 192.0.2.2
> update add example.com in a 192.0.2.3
> send
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mail
any chance?
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/li
thing unusual in your server configuration?
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.
tomated
> MMDDxx number - date it was last 'modified'. Would be perfect for
> small zones that are rarely updated.
I think the zone option "serial-update-method date;" does this. (I haven't
tested it with dnssec-policy though.)
--
Evan Hunt -- e...@isc.o
On Wed, Apr 08, 2020 at 10:22:55PM +, Evan Hunt wrote:
> You didn't mention what version you're running, but IIRC, this was
> added in 9.16.
My mistake, 9.17.
On most Unices you can specify /dev/stdin as the filename though, and
that should work with any version.
--
On Wed, Apr 08, 2020 at 02:58:12PM -0400, Matthew Pounsett wrote:
> It looks to me like named-checkzone isn't able to read a zone file from
> stdin.
You didn't mention what version you're running, but IIRC, this was
added in 9.16.
--
Evan Hunt -- e...@isc.org
Internet Sy
; view: default
> next scheduled event: Tue, 25 Feb 2020 19:16:47 GMT
>
> name: .
> keyid: 20326
> algorithm: RSASHA256
> flags: SEP
> next refresh: Tue, 25 Feb 2020 19:16:47 GMT
> trusted since: Mon, 03 Feb 2020 18:10:26 GMT
"trusted since" indicates it manag
l module, but views are easier.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists
On Tue, Sep 24, 2019 at 03:15:42AM +, Evan Hunt wrote:
> Six years is a long time, I've probably forgotten a few.
Oh here's one: "dig +sigchase" is dead now, use "delv" to check DNSSEC
validation chains.
--
Evan Hunt -- e...@isc.org
nsecurely when it's
been misconfigured.
In newer releases there's also a configuration option, "validate-except",
which permanently disables validation below specified domains. This can
be used, for example, if you have an internal net
On Thu, Jul 25, 2019 at 09:03:26PM +, Evan Hunt wrote:
> In 9.11, no. In 9.14, you can use "validate-except { local; };"
(Afterthought: In 9.11, you can also use "rndc nta" to suppress validation
on a given domain, but negative trust anchors expire after a while, so yo
On Thu, Jul 25, 2019 at 12:52:18PM -0800, John Thurston wrote:
> Is there any way to tell my resolver it shouldn't be validating
> responses for foo.local?
In 9.11, no. In 9.14, you can use "validate-except { local; };"
--
Evan Hunt -- e...@isc.org
Internet Sy
eload" loads the zone from the master file *plus* the journal file,
if there is one. There's no need to sync the journal file to the master
file before reloading.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please
On Sun, Jun 23, 2019 at 05:01:11PM +, Evan Hunt wrote:
> It's a bug. I see the same result. Thanks for pointing it out, I'm
> looking into it.
Ah, I see the problem. You overrode the default policy by using the name
"default", but you didn't set a "coverag
is may be?
It's a bug. I see the same result. Thanks for pointing it out, I'm
looking into it.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
fr
d probably
be okay with it.
But a standard policy that covers all deprecated options would need
to be stricter than "enh".
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo
the case when an option must
removed, and how to ensure operators aren't blindsided by that.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this l
ew syntax will be available in
BIND 9.15.1, which should be out next week; the old syntax will be
phased out later.)
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to uns
or a private corporate
domain. AIUI, there are some people doing that; I don't know how many.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from th
-minimization relaxed" really ought to be able to work around this,
though, and I thank you for bringing it up. You can file a bug report at
gitlab.isc.org/isc-projects/bind9/issues if you wish.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
On Sun, Apr 14, 2019 at 05:35:42PM -0700, Carl Byington via bind-users wrote:
> named-checkconf likes that, but named gets a segfault in filter-.so.
> Anyone using filter-.so in a working configuation? The log shows:
>
> Apr 14 17:15:18 ns named[29299]: mem.c:1795: INSIST(mpctx->allocated
elevant
code and comments in configure_view() you might see how easy it is to be
misled.)
I actually do still think that *ought* to be the rule for allow-update,
but it wasn't, so when I cleaned things up I cleaned them up wrong, mea
culpa.
--
Evan Hunt -- e...@isc.org
's useful,
but I think Grant was suggesting having named itself dump its current
configuration state, which would be useful in a whole different way.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.o
ot;).
|
| Keys that do not match the root zone name are ignored. An alternate
| key name can be specified using the +root=NAME options.
So if you add +root=newdomain.bell.ca it should load the key.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
_
t; paradigm, so I' not sure if every assertion failure can cause BIND to
> crash and is there any mechanism in BIND that can just drop the event
> which triggers an assertion failure and move on to other events? Thanks.
An assertion failure is always a crash.
--
Evan Hunt -- e...@is
ure, but so
far we've hesitated out of skepticism that ECS is a good idea that will be
needed very much in the long term - we don't want to have to support it
forever if it fizzles. But we do revisit the conversation periodically.
--
Evan Hunt -- e...@isc.org
I
others. I'd need to know what database you're using and
what kind of zones you're serving (big or small, DNSSEC signed or not,
high-traffic or not) to be of much help.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
_
rs not to use
EDNS when talking to that specific server. That option will still be
available after flag day.
An easy way to check would be to install the latest BIND development
release (version 9.13.5) and see if it works. It already has all the flag
day changes in it.
-
re was a reason for the change that I've forgotten,
but I think we intended to leave the "no" behavior alone. Thanks for
bringing it up, I'll open a bug ticket about it.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
_
ct the
> authoritative behavior. But I don't understand, why this happens when
> "minimal-responses no;" is configured.
Authoritative or recursive? Can you give a specific example
of a query that isn't getting an additional section and should
e synth-from-dnssec doesn't exist in 9.11, there must be another cause
in your case. Very sorry for misleading you. How often are you seeing this?
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/
the test -- they would have been deleted
if it had passed but should still be there now -- which can also be
used to work out what went wrong.
If you want to just tar up bin/tests/system and send it to me, I'd be
happy to take a look.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortiu
uot;). It's fixed in the upcoming release.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
of text, but
since "secroots" already existed before that change, we left its default
behavior the same as it had been before, and added a "-" option to return
text over the command channel.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
ds?
If not, run "rndc-confgen" and follow the directions.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing lis
gt; you mentioned below (not that I really want to). Is it a 9.12 onwards
> thing?
No, but Mark's comment may have been confusing. You can set up keys
that way in named.conf ("algorithm hmac-md5-96;" or whatever). At first
I thought he was talking about tsig-keygen; perh
by using "configure --without-openssl".
There will be features you can't use. They're good features, and in my
opinion disabling them is a mistake, but you are allowed to do so.
In BIND 9.13, the option to disable these features no longer exists.
--
Evan Hunt
export
requirements for crypto libraries, which meant openssl wasn't available
on all platforms, and I've always guessed it was because of that.
No longer an issue, anyway.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please
27;t care about opcodes, and "query" is the same
as "request".
I can't think of any reason not to tap update requests, but I do
wonder whether an extension to the type enum would reduce confusion.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
n your internal
and external views, then views are unnecessary. Just use
"allow-recursion { localnets; };" and external queries won't be
allowed to do recursion.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit
isn't transferred at all. There's a
single copy of the zone in memory, and both views have pointers to it.
You can still use the file option.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.
re modified between
9.12.1 and 9.12.1-P2 are:
lib/dns/rbtdb.c
lib/dns/zone.c
lib/ns/include/ns/query.h
lib/ns/query.c
And all other differences are from rebuilding the documentation with the
new version number.
--
Evan Hunt -- e...@isc.org
Internet Syst
On Fri, May 04, 2018 at 04:19:43PM +, Evan Hunt wrote:
> You're right, something's broken. I see it too, and not just on chrome.
> I'll escalate. Thanks for bringing this to our attention.
It's fixed now.
--
Evan Hunt -- e...@isc.org
Intern
ts 'welcome' file, because
> BIND doesn't seem to be distributed from there anymore.
As others have already pointed out, it's still there: 'cd isc/bind9/$version'.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
rk on building BIND packages for various
distributions, and while we're still testing the process and haven't
started publishing them yet, I do have an experimental 9.11.2-P1 RPM
that you can try out if you like.
--
Evan Hunt -- e...@isc.org
Internet
contributions would speed things up.)
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists
1 - 100 of 566 matches
Mail list logo
