sign your data without enabling validation, it does
nothing, as far as I can tell.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B
Date: Mon, 28 Dec 2009 18:02:29 -0800 (PST)
From: Pamela Rock prock...@yahoo.com
--- On Mon, 12/28/09, Mark Andrews ma...@isc.org wrote:
From: Mark Andrews ma...@isc.org
Subject: Re: IPv6 TCP
To: Pamela Rock prock...@yahoo.com
Cc: Kevin Oberman ober...@es.net, Chuck Anderson c
is the only good
way to protect a server.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
space. The second is loopback.
The configuration is intended for a local server answering
authoritatively for internal, NATed addresses and forwarding all other
queries to servers in public space.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley
will match these
recommendations.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
need to.
More specifically, I don't WANT to encrypt the data for either DNS or
NTP. In both cases I want the data to always be signed clear-text and
that is what DNSSEC does.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory
explain it.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
urge you to get copy of NIST SP800-81r1, an excellent overview
and how-to on DNS security that goes well beyond DNSSEC. It is at:
http://csrc.nist.gov/publications/drafts/800-81-rev1/nist_draft_sp800-81r1-round2.pdf.
It is still in draft, but is close to being finalized.
--
R. Kevin Oberman, Network
=text%2Fplain
You can add the unassigned space to those fairly easily, but make sure
that you update it as space is assigned.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net
queries to the root. I'll leave why there are as
an exercise for network researchers and those who write really stupid,
often broken software, that uses DNS.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober
IS a bad
idea. Or, maybe I got it right.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
that they will be accepting them immediately.
Until then, dlv.isc.org is the best (only?) option.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint
. And, yes, we still have stateless
firewalls in front of our DNS servers and other public servers as well
as an aggressive IDS/IPS system.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net
and DNSSEC stuff
has really not been hard.
In the time it took me to send my reply, I could have updated BIND on
all of our public servers and I don't have to upgrade all that often. I
think running 9.3 is false economy. DNS is just too important.
--
R. Kevin Oberman, Network Engineer
Energy Sciences
to shoot oneself in
the foot. This has little or no link to how often your data changes
(unless you are very confident that new entries will never be made.
Note! This is not an argument for a short SOA TTL, but for a short
minimum TTL in the SOA.
--
R. Kevin Oberman, Network Engineer
Energy Sciences
Section 9.4 for details.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
if you are on Solaris, or a Solaris based
distro.
While both are pretty simple to do on BSD, jail is far more secure, but
I certainly find setting up jails more complex than chrooting. (Besides,
the FreeBSD BIND is chrooted by default, so there is nothing to set up.)
--
R. Kevin Oberman, Network
in the RFCs.
Again, get the @#$% firewall fixed! As time goes on, more and more
queries will be blocked by it as DNSSEC moves to the mainstream.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net
to
hijack DNS. Once DNSSEC is in place, it will become feasible to do
this, but I would seriously discourage anyone from holding his or her
breath while waiting (for technical, economic and political reasons).
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence
would go away since back in BIND-v4
days. I could save a lot of troubleshooting time if I didn't get trouble
reports based on the use of nslookup that is misleading or not
completely bogus.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National
Date: Thu, 07 Oct 2010 01:53:29 +1100
From: Ben McGinnes b...@adversary.org
On 7/10/10 1:47 AM, Kevin Oberman wrote:
I keep hoping for a BIND distro that upgrades nslookup(1) to:
print STDERR, nslookup(1) has been replaced by host(1)\n; exit 0;
Wasn't nslookup already deprecated
nslookup(1) output. I don;t know
that this would be easy, but it LOOKS like it would be easy.
Yes, I am sure that some script somewhere depends on some wrong
response from nslookup, but I can't see keeping nslookup(1) alive as is
for that amazingly unlikely case.
--
R. Kevin Oberman, Network
that this is unfortunate, but there is too much software out
there (including many standard libraries) that make the same silly
assumption to things it can be changed. There is even an RFC saying
approximately this. Sorry, but I don't recall which one.
--
R. Kevin Oberman, Network Engineer
Energy
managed-keys. 9.3 does not really support dnssec at all, if
that is what you have. Useful DNSSEC shoed up somewhere in 9.6 and rally
became usable in 9.7.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober
and
'sysctl net.inet6.ip6.fw.enable=0' for IPv6. I suspect other OSes may
have similar capabilities.
Can these complaining system ping the DNS server?
It almost sounds like something has a bad subnet mask, but that is less
likely if the host is in the same /24 as the server.
--
R. Kevin Oberman
this
is recommended.
This was just discussed on the list.
If you are doing dynamic updates, having 2 views using the same zone
file will not work right. It looks to me like you have demonstrated
this.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley
: +505 2277-4411
See RFC2317, Classless IN-ADDR.ARPA delegation.
http://www.ietf.org/rfc/rfc1035.txt
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486
for an expiring key will always expire first
so that the new key will be fetched before the old one expires. I thing
the heading in the RFC is TTL Considerations, but I am working from
memory.
I don't use BIND to sign my data, so I am not sure how smart BIND is
about these numbers.
--
R. Kevin Oberman
Date: Fri, 03 Dec 2010 13:08:23 -0800
From: Kevin Oberman ober...@es.net
Sender: bind-users-bounces+oberman=es@lists.isc.org
I would really like to get the huge number of rejected recursive
quieries out of my logs, but I have failed, so far. I am referring to:
Dec 3 13:04:58 nsx named
syslog works great. So I wondering is this a
intended behavior, or it's a bug. This was not mentioned in arm9.7, so
I'm asking here.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
R. Kevin
From: Mark Andrews ma...@isc.org
Date: Thu, 09 Dec 2010 09:07:53 +1100
In message 20101208214221.566771c...@ptavv.es.net, Kevin Oberman writes:
I just ran into an odd issue with a TSIG signed zone transfer.
On occasion I was logging a clocks are unsynchronized message doing
and be sure that
it really works and gives you a chance to fix problems before the
outside world can see them.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
is
failing on BIND 9.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
On Sat, 2011-01-29 at 14:49 +0800, p...@mail.nsbeta.info wrote:
The book Pro DNS and BIND says:
If the caching server obtains its data directly from an authoritative DNS,
then it too will respond as authoritative. Ohterwise, if the data is
supplied from its cache, the response is
. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
-Original Message-
From: bind
with
a GOOD reason for it. Most people move their trust anchors out of the
DLV when they are confident that the keys are properly located in the
parent zone.
In other words, I think that this should be considered a feature and
not a bug.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet
that it does not exist until the
negative cache TTL expires.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4
is
now at 8.2 and includes 9.6-ESV-R4. 7.4 is also fully supported and has
9.4-ESV.
Of course, as you mention, the ports are more current. It has several
versions including 9.7.3 and 9.8.0. (Lots of people avoid .0 releases of
anything.)
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network
.
I know that if bind is installed via apt-get install (I am using
debian linux version), there is automatically a bind9 startup script
in /etc/init.d/ directory.
It would help a bit if you gave us a hint as to what OS and OS version
as well as the version of BIND.
--
R. Kevin Oberman
suggest changing it. (See
the ARM Chapter 6
Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net Phone: +1 510 486
it in 32-bit mode on the
same hardware. This is mostly because of the added data that must be
moved for 64-bit operations. It also means the 64-bit binaries are
larger, often by a significant amount.
I recommend sticking with 32-bit systems unless you have a specific
need for 64-bit capacity.
--
R. Kevin
generate the volume of queries you are seeing.
The query rate is really not that high.
My first guess is some sort of logging tool, but there are a great many
other possibilities.
R. Kevin Oberman, Network Engineer
Retired
kob6...@gmail.com
___
Please visit
of BIND v4.3(?) were four grad students
at UC.
See BIND on Wikipedia
(https://secure.wikimedia.org/wikipedia/en/wiki/BIND) for more
details.
--
R. Kevin Oberman, Network Engineer - Retired
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org
. dns.jomax.net. 2011080600 28800 7200
604800 86400 from server 216.69.185.42 in 75 ms.
SOA ns63.domaincontrol.com. dns.jomax.net. 2011080600 28800 7200
604800 86400 from server 208.109.255.42 in 75 ms.
--
R. Kevin Oberman, Network Engineer - Retired
E-mail: kob6...@gmail.com
On Tue, Aug 30, 2011 at 11:33 AM, mfla kona_i...@yahoo.fr wrote:
Dears,
I use ProBIND to administrate my BIND servers.
I would like to know which other possibities be available for DNS central
management ?
At my former employer, we used Nixu Namesurfer.
--
R. Kevin Oberman, Network Engineer
servers, all answering and all having identical data for queries from
any particular
source.
Kevin Oberman
Network Engineer -- Retired
kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
checks and I think dnscheck is broken. I get the same error for
several different domains that I am pretty confident are NOT broken and have
confirmed the glue for all of them is correct.
--
R. Kevin Oberman, Network Engineer - Retired
E-mail: kob6...@gmail.com
that .com had the glue for water.com.
R. Kevin Oberman, Network Engineer
Retired
kob6...@gmail.com LCR Computer Services, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
On Wed, Sep 21, 2011 at 2:25 AM, Niall O'Reilly niall.orei...@ucd.ie wrote:
On 21 Sep 2011, at 02:08, Kevin Oberman wrote:
dig confirms that .com had the glue for water.com.
As does dnscheck.iis.se.
Indeed, none of the test history (5 tests, today and yasterday
.
Depending on exactly what you are trying to accomplish, you might get there by:
1. A DNAME in the parent. This aliases the entire domain, so this
might or might not do what you want.
2. Use a A (and other records as needed) instead of a CNAME.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
should be able to read
the named.conf file, but should not own it or have write access to it.
named must have read access to all zone files as well as both read and
write to the directory where they are located.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
is a band-aid that will just keep breaking
things.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
on the other side of the tunnel must talk IPv6.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
was not yet
ready to accept DS keys in any standard way.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
details when DNSSEC is added. It simply can't be the set and forget
DNS of the past, at least not until and unless tools become far more
bullet-proof.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org
that it is
possible and I suspect that BIND 10 will move closer to that point.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing
'interesting'.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman
DNSSEC
software that does not support SHA256 at this time, but I suspect
someone, somewhere is running it.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
at it.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind
sensitive. That means that a query with differences in case will
return a match with the appropriate data, just the same as when case
matches, but will return the case of the authoritative record.
See RFC1034 3.1 for a general description or RFC1035, section 2.3.3 for detail.
--
R. Kevin Oberman
really
can't edit a zone that is subject to any operation that makes use of
journal files (dynamic updates, in-line signing) while the zone may be
changing during the edit.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit
this or let you move on to
other options.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https
things into RFCs that are simply
not there. That said the example you provide is silly, but I believe
it is valid.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users
proprietary service is quite unlikely to register it or want
to do so. After all, it would serve no purpose at all, even if the SRV
records were used between enterprise facilities over the wider
Internet.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
that you are trying to, but it looked quite possible.)
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
On Mon, Sep 3, 2012 at 5:24 PM, Mohsen Pahlevanzadeh
moh...@pahlevanzadeh.org wrote:
On Mon, 2012-09-03 at 15:42 -0700, Kevin Oberman wrote:
On Sun, Sep 2, 2012 at 10:12 AM, Mohsen Pahlevanzadeh
moh...@pahlevanzadeh.org wrote:
Dear all,
I installed bind in Debian/lenny, and i run
easily
maintained to use an ACL with the 'allow-recursion' option. Views
provide a lot of benefits for more complex cases, but to just control
recursion strikes my as over-kill.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please
named restart' for
newer versions of FreeBSD. If the service command is not available,
you can use '/etc/rc.d/named restart'. It wil properly stop named and
then restart it.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
___
Please visit
at the delta
after enabling validation might be interesting, but in my experience
you are unlikely to see any difference beyond the jitter that will
always be there. Except for a couple of major goofs early on by a few
large orgs (e.g. NASA), the impact of validation is about zip.
--
R. Kevin Oberman
that will
always be there. Except for a couple of major goofs early on by a few
large orgs (e.g. NASA), the impact of validation is about zip.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6...@gmail.com
I heard a presentation from NIST on the .gov DNSSEC deployment last
month...which was quite
short... A few
minutes.
The TTL on most stable RRs should be hours or even days. You shorten the
TTL when you plan some change in a permanent record.
--
R. Kevin Oberman, Network Engineer
E-mail: rkober...@gmail.com
___
Please visit https://lists.isc.org
is
delegated to your server.
--
R. Kevin Oberman, Network Engineer
E-mail: rkober...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https
communication? The list of possibilities just goes on and on.
If you want help, you have to tell us something more than that it failed.
--
R. Kevin Oberman, Network Engineer
E-mail: rkober...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo
. There is no information to provide any clue as to whether the
PC or the server is at fault.
I would suggest packet capture. On a Windows system, I suggest wireshark.
The same for the server, if it is yours. If the server is Unix and you have
access to do so, just simple tcpdump will work well.
--
R. Kevin Oberman
Don't forget that Google will white-list domains with known (by them)
broken DNSSEC and reply even though validation is broken, so using 8.8.8.8
for checking on whether validation is broken is not the best idea.
--
R. Kevin Oberman, Network Engineer
E-mail: rkober...@gmail.com
is the ncache time. One day is
very, very long. Times like 1 minute are more appropriate, but again, this
is a maximum, so the large value may not be an issue.
Sorry.
--
R. Kevin Oberman, Network Engineer, Retired
E-mail: rkober...@gmail.com
___
Please visit
add the new zone to the slave's configuration (usually named.conf)?
I assume so, or it would never load. But named.conf is only read when named
is started or a 'reload' command is sent to it (rndc reload). Until then,
hte slave has no way of knowing that the zone was added.
--
R. Kevin Oberman
.
The standard tool for this on FreeBSD is fetch(1). E.g. fetch -o FILE URL
In a script I usually also use '-q' to eliminate noise, but YMMV.
I suspect most systems have wget and/or curl installed, but fetch is always
present on FreeBSD.
--
R. Kevin Oberman, Network Engineer, Retired
E-mail: rkober
-January. That should mean about now.
--
R. Kevin Oberman, Network Engineer, Retired
E-mail: rkober...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
in testing, so we
considered it useful and happily supported it. :-)
SRV records are almost essential for some applications. I can't imagine not
supporting them.
HINFO is getting pretty rare. The security issues are pretty obvious and
its advantages are rather limited.
--
Kevin Oberman
.
--
Kevin Oberman, Network Engineer, Retired
E-mail: rkober...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo
no longer have
access to the trivial script since I retired.
It's really harder than it looks to do right and I don't think my code was
adequately rigorous, but was capable of responding to most issues. I'm sure
more heuristics really needed to be added.
--
Kevin Oberman, Network Engineer, Retired
E
admit to being unfamiliar with the algorithm used
to make these periodic checks.
--
Kevin Oberman, Network Engineer, Retired
E-mail: rkober...@gmail.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
to see any
documentation on the algorithm used to detect the closest root server as
well as the log of someone else running a similar setup.
--
Kevin Oberman, Network Engineer, Retired
E-mail: rkober...@gmail.com
On Monday, June 15, 2015 6:14 AM, Gaurav Kansal gaurav.kan...@nic.in
wrote
.
--
Kevin Oberman, Network Engineer, Retired
E-mail: rkober...@gmail.com
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
the firewall is fixed.
Sent from my Treo:
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
E. O. Lawrence Berkeley National Laboratory (LBNL)
ober...@es.net +1 510-486-8634
-Original Message-
From: Paul Wouters p...@xelerance.com
Date: Friday, Jun 4
87 matches
Mail list logo
