So it looks like my zone config file, not the actual zone, but the
config statement that is in conf was gone. I added it back in and all
is well now.
I have ran rndc reload so many times, I have no idea how it was
deleted, it is all in one file, not separate files, so it seems
unlikely
On Nov 25, 2008, at 10:33 PM, Res wrote:
Aa an after-thought, check yor ACL's...normally, IIRC once you do an
rndc reload and changes are detected the master notifies the slaves
right away, I might be wrong but I'm sure it used to do that.
That is what I thought as well, either way, it
Based on your suggestions, I have made a template zone file to base
all new zones on, do you agree with this?
* When I need to change to a low TTL for migration needs, what would
be the approach to that with this template format?
$TTL 1D
@ IN SOA ns1.hostwizard.com.
Hello, running BIND 9.4.2-P2 on OS X 10.5, this is just what comes
with OS X out of the box. Today, my secondary NS provider could not
zone transfer. I looked into it and could not telnet to port 53,
connection refused.
This happens quite often on my friends machine, but he runs OS X
On Jan 9, 2009, at 9:38 AM, Chris Buxton wrote:
On Jan 9, 2009, at 3:14 AM, Scott Haneda wrote:
It is getting important to know if you are on Mac OS X, if you are,
this may have been solved, and somehow, I overlooked it.
It appears launcd, the cron replacement tool in OS X, can start
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS/IN' denied
20-Jan-2009 15:39:06.790 security: info: client 66.230.128.15#31593:
query (cache) './NS/IN' denied
Repeated over and over,
On Jan 20, 2009, at 3:52 PM, Frank Bulk wrote:
That's being discussed on NANOG, here's one thread:
http://markmail.org/message/ydiqnztzmz5qmusf
See here for more details in blocking them:
http://www.cymru.com/Documents/secure-bind-template.html
specifically:
blackhole {
// Deny
On Jan 20, 2009, at 5:44 PM, Mark Andrews wrote:
In message 232b45f8-acd3-427a-95e9-bc3ca5fc9...@newgeo.com, Scott
Haneda writ
es:
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS
I brought this up a few months back. For me, it is getting worse, and
I am not able to come up with a solution.
I have many clients who reg domains. They all point to my NS.
Sometimes, the client lapses hosting with me, and I delete the zones.
They usually leave the domain reg'd and my
On Jan 21, 2009, at 1:48 AM, Sten Carlsen wrote:
Are you really sure this is ALL the fault of opendns?
Mostly, and in my tests, I believe so. However, it was also why I was
asking here, before I go too far out on a limb.
Seems to me that the addition of www. and other such like stuff is
Hello, I want to do some spring cleaning on my dns. WHOIS seems to
throttle me back with too many checks, how can I use dig to check for
registration of a domains?
If I do `dig NS example.com` and grep out my NS, does that suffice for
making sure my primary and secondary are listed?
On Jan 23, 2009, at 2:01 AM, Stephane Bortzmeyer wrote:
On Thu, Jan 22, 2009 at 01:16:00PM -0800,
Scott Haneda talkli...@newgeo.com wrote
a message of 18 lines which said:
If I do `dig NS example.com` and grep out my NS, does that suffice
for making sure my primary and secondary are listed
On Jan 26, 2009, at 6:17 PM, Mark Andrews wrote:
Which just means you have not ever experienced the problems
causes. MTA are not required to look up the addresses of
all the mail exchangers in the MX RRset to process the MX
RRset. MTA usually learn their name
On Jan 26, 2009, at 7:54 PM, Al Stu wrote:
If you refuse a CNAME then it is your SMTP server that is broken.
The SMTP RFC's clearly state that SMTP servers are to accept and
lookup a CNAME.
[RFC974] explicitly states that MX records shall not point to an alias
defined by a CNAME. That
On Jan 26, 2009, at 10:03 PM, Barry Margolin wrote:
In article gllr91$2vq...@sf1.isc.org,
Scott Haneda talkli...@newgeo.com wrote:
100% right. I refuse MX's that are cnamed, and I get emails from
customers asking what is up. What is strange, and I can not figure
it
out, is that the admins
On Jan 26, 2009, at 10:11 PM, Barry Margolin wrote:
In article gllr91$2vq...@sf1.isc.org,
Scott Haneda talkli...@newgeo.com wrote:
I have never got why this is such a hard thing for email admins to
get
right, but it certainly causes me headaches. I personally wish
CNAME's would just go
On Jan 26, 2009, at 11:27 PM, David Ford wrote:
hand because each line isn't strictly well-formed per RFC. If every
vendor was as utterly asinine about absolutist conformance, sure, we'd
have a lot less mess out there, but we'd have a lot less forward
movement as well as a lot more fractioning
Hello, I am wondering the technical possibility of a DNS change. Even
if it is technically possible, I also want to make sure it is
compliant as well.
I would like to resolve any and all requests to a fixed IP, if there
is no zone in place. While I understand I can create a zone for
Hello, my past post about wildcarding the . in a named server seems
it may be wrought with issues in the long term.
In short, my issues is a auto website creation tool that needs to be
simple for users to change their registrar data, and have their site
be served up.
The old method
On Jan 28, 2009, at 3:34 PM, Mark Andrews wrote:
In message 30e0039f-b0fd-4322-b0e0-52eeefa76...@newgeo.com, Scott
Haneda writ
es:
I can remove the entire DNS management, zone creation, and deltion if
I wildcard. Any domain in which they enter in my clients ns's will
resolve automatically
Damnit, ever time I search this stuff out, I search for named
something-or-other and should use BIND in my search :)
I am going to test deploy on my worksation on OS X. Named comes up
with relative ease, just add a key and I am pretty much up and
running, albeit out of date, but for
How about you show us your current zone, and explain what you are
tying to accomplish. Currently, what you are asking is not making a
lot of sense.
On Mar 11, 2009, at 12:46 AM, tzqian wrote:
Hi ,
How can I config a zone to respose a CNAME record?
Such as
Email cname email.xx.xxx.com
Ok, now please show us your dig command, and the output you are using
to test.
On Mar 12, 2009, at 8:19 PM, tzq tang wrote:
thanks for your response.I do this test between two intranet machine
and
each of them has a local IP.10.0.0.13,additionally the both domain
are in
the same DNS
More data will need to be known. Where is the master and where is the
slave, in the same subnet, or elsewhere?
Were you previously getting any queries against the master at all,
look in your logs?
Are you sure your domains NS records even point to the master server?
If the master is
It should not be too hard. Since you have such a rock solid format,
you can safely assume in your case, the last 2 digits are ints always,
always 2 digits long.
Just find the string of chars you are interested in, and substring the
last two. Now you have a number (int) and you can use a
On Apr 6, 2009, at 3:30 PM, Michelle Konzack wrote:
My hosting contract is running out on 2009-04-16 and now I like to
use
zonedit.com to host my zones. Unfortunately I have not found
the
answer to my qustion on there help page and they do not reply
to my
question per mail
I belive this is the job of a load balancer and not something that can
be done in dns.
DNS has no way of following the resulting answer ip or host, let alone
knowing what protocol to follow on and how to determine what ones
definition of up is.
This type if check could be done in a basic
I have read the other posts here, and it looks like you are setting on
tail, or a pipe, but that log rotation is causing you headaches.
I have had to deal with things like this in the past, and took a
different approach. Here are some ideas to think about.
Since you mentioned below you
On Apr 29, 2009, at 5:03 PM, Barry Margolin wrote:
In article gtamqt$1k...@sf1.isc.org,
Scott Haneda talkli...@newgeo.com wrote:
like my machine, .14 is refusing their refresh request. Do I need to
allow-recursion for their NS0?
No, you shouldn't need allow-recursion. You might need
Someone pointed me to this http://thednsreport.com/?domain=isc.org
I am not a huge fan of these checking tools, this one has me curious.
My domain of course has the same error, which is a little comforting,
sine I am in good company :)
What is this error asking of me, they are wanting in my
On Apr 30, 2009, at 1:43 AM, Kal Feher wrote:
When I clicked on that link the only error was an MNAME error. Did
you see
another error? (I wonder if it was a transient error you observed,
because
it appears different to yours).
The error according to the report (run against isc.org):
On Apr 30, 2009, at 2:44 AM, Noel Butler wrote:
On Thu, 2009-04-30 at 19:38, Scott Haneda wrote:
On Apr 30, 2009, at 1:43 AM, Kal Feher wrote:
When I clicked on that link the only error was an MNAME error. Did
you see
another error? (I wonder if it was a transient error you observed
I client of mine has thousands of DNS zones that will need a ttl
chance and a serial bump. I want to set a relevant ttl to 300 for a
few days.
After that, an IP address change will be made, and I would like to
change the TTL back to something sane. The general format of the zone
looks
On May 2, 2009, at 4:25 PM, Noel Butler wrote:
On Sun, 2009-05-03 at 08:39, Scott Haneda wrote:
I client of mine has thousands of DNS zones that will need a ttl
chance and a serial bump. I want to set a relevant ttl to 300 for a
few days.
After that, an IP address change will be made, and I
On May 7, 2009, at 6:08 PM, Scott Haneda wrote:
What can a core dump tell me to help trace this issue down and solve
it? Named is going deaf/dead for some reason, perhaps related, I need
it to keep up.
I did a little searching and found how to look into the core dumps,
here is what
On May 7, 2009, at 6:51 PM, Mark Andrews wrote:
In message 8b717588-3e36-4596-9b11-de03e1ca4...@newgeo.com, Scott
Haneda writ
es:
On May 7, 2009, at 6:08 PM, Scott Haneda wrote:
What can a core dump tell me to help trace this issue down and solve
it? Named is going deaf/dead for some
On May 7, 2009, at 6:51 PM, Mark Andrews wrote:
(gdb) backtrace
#0 0x2adb2b0e0215 in raise () from /lib64/libc.so.6
#1 0x2adb2b0e1cc0 in abort () from /lib64/libc.so.6
#2 0x2adb27c4c9e0 in assertion_failed (file=0x2adb2922428b
mem.c, line=918, type=value optimized out,
The DLZ users mailing list is pretty quiet, thought to ask here in
case someone can elaborate.
I have MySql query logging on so I can see the queries as they come in
for testing.
dig example.com @localhost
This yields a hit to the database of
090509 5:50:56 2593 Query SELECT zone
Is it still happening? Can you show dig output for dig gdpu.cn ns
On May 11, 2009, at 2:56 AM, Tech W. wrote:
Hello,
For this domain, gdpu.cn, I tried to find its ns record:
dig gdpu.cn ns
with no results.
But I can dig its www record as below.
why this happened? I can't understand
On May 11, 2009, at 2:56 AM, Tech W. wrote:
For this domain, gdpu.cn, I tried to find its ns record:
dig gdpu.cn ns
with no results.
But I can dig its www record as below.
why this happened? I can't understand entirely..
Thanks.
Actually, here is what I get back:
$dig gdpu.cn ns
; DiG
You may also want to take this to the DLZ users mailing list, I am
really not sure the correct channel for these questions. I end up
cross posting, which is probably not a good idea.
On May 11, 2009, at 3:25 PM, Mike Toler wrote:
What there is of it. It seems VERY outdated since, if I
On May 20, 2009, at 11:33 PM, Tech W. tech...@yahoo.com.cn wrote:
What will be happened if a MX is an numeric IP?
From a DNS perspective, You may or may not get an error in reload. I
have seen both cases where I do a lookup and get an ip.
I have seen cases where the DNS server will
On May 22, 2009, at 3:52 PM, David Forrest wrote:
I have searched for dig return codes and also looked at the man
page, leading me to nothing definitive.
Does `dig` have return codes that I can use to make some form of
automated tests?
foo=`dig NS example.com @ns2.example.com
On May 26, 2009, at 6:19 AM, Stephane Bortzmeyer wrote:
On Fri, May 22, 2009 at 03:15:56PM -0700,
Scott Haneda talkli...@newgeo.com wrote
a message of 32 lines which said:
I do not know, nor would I want to have to know, all the possible
return strings I may get back. My needs are simple, I
Hoping I can get a walk through in simple terms, but also a pointer to
some docs where I can dive into the details. I think I am finding
what I want in the docs, but those docs come up 404 since the isc site
changed things a bit, from there, I generally can not locate the old
doc file.
On Jun 3, 2009, at 11:53 AM, Scott Haneda wrote:
Hoping I can get a walk through in simple terms, but also a pointer
to some docs where I can dive into the details. I think I am
finding what I want in the docs, but those docs come up 404 since
the isc site changed things a bit, from
Thank you for your other answers, I will read those and test them
after this reply..
On Jun 3, 2009, at 12:02 PM, Jeremy C. Reed wrote:
Hoping I can get a walk through in simple terms, but also a pointer
to
some docs where I can dive into the details. I think I am finding
what
I want in
Maybe cheat with round robin? Add 3 copies of one record and 1 of the
other. That should give you 75/25 roughly.
I don't think it's a dead on exact thing bit it may be close enough
for your needs.
--
Scott
Iphone says hello.
On Jun 4, 2009, at 7:09 PM, Tech W. tech...@yahoo.com.cn wrote:
On Jun 23, 2009, at 3:01 PM, Hauke Lampe wrote:
Scott Haneda wrote:
$dig sugardimplesdesigns.com SOA @ns1.hostwizard.com +short
Do you block 53/tcp anywhere on the path to your nameserver?
It rejects TCP queries:
| dig +tcp sugardimplesdesigns.com SOA @ns1.hostwizard.com +short
On Jun 23, 2009, at 11:57 PM, Chris Buxton wrote:
No, we have not. However, it appears to be related to the port being
idle for some time. Servers that use their TCP port more frequently,
usually due to having lots of zone updates that need to be
replicated to slaves, don't appear to be
I have been using the below command to determine if a domain is
registered. I use this for an internal audit of what clients have
come and gone, and what DNS records I need to clean up.
dig example.com NS +trace -4 @4.2.2.1 | grep -i ns1.example.com
I run it also with ns2.example.com in
On Jun 29, 2009, at 5:08 PM, Mark Andrews wrote:
In message 76610622-42ba-4ed3-b945-14f6c6796...@newgeo.com, Scott
Haneda writ
es:
I have been using the below command to determine if a domain is
registered. I use this for an internal audit of what clients have
come and gone, and what DNS
On Jun 29, 2009, at 6:57 PM, Mark Andrews wrote:
Though I am not understanding the versions, you were using 9.3.6
and I
am using
DiG 9.6.0-P1-RedHat-9.6.0-2.P1
Since I am more current than you, I would estimate that the one bug
is
fixed if it is in your version, of course, that is not the
On Jul 15, 2009, at 12:29 PM, Dave Sparro wrote:
Scott Haneda wrote:
... However, I would like to just get DNS response times.
Perhaps take the list of hosts and feed them to a iterative script
calling dig, and fish out the response time? This does add the
problem of redirects of course
On Jul 15, 2009, at 12:59 PM, Dave Sparro wrote:
Scott Haneda wrote:
On Jul 15, 2009, at 12:29 PM, Dave Sparro wrote:
Scott Haneda wrote:
... However, I would like to just get DNS response times.
Perhaps take the list of hosts and feed them to a iterative
script calling dig, and fish out
99% of the time openDNS works by just pointing some agent to their ip
space.
That 1% of the time, openDNS tries to make DNS responses that are
modified in a way to try to help you.
Maybe this is your issue?
Googl.com being common enough they elect to return the google.com's
answer
Hello, I believe I understand what a glue record is, and why I would
need one. I would like some clarification if possible.
While I am not the hugest fan of the dns report services, this report
was brought to my attention:
http://www.intodns.com/hostwizard.com
It says I am missing glue
On Oct 1, 2009, at 3:25 PM, Matthew Pounsett wrote:
On 01-Oct-2009, at 16:03, Scott Haneda wrote:
Is it also correct, I only need a NS glue record for the actual NS
itself. There does not need to be a glue record for very zone that
I am providing DNS for?
The only case where glue *must
Yeah, I just ran a few queries and can't figure out what exactly it's
complaining about.
Matt
It's making a observation (i in a blue circle) that there were
not additional records for ns1.nacio.com being returned by
ns1.hostwizard.com presumable because ns1.hostwizard.com doesn't
serve the
On Sep 1, 2010, at 11:26 AM, Josh Miller wrote:
On 08/31/2010 12:10 PM, Scott Haneda wrote:
If anyone can point me to a simple tutorial, or explain how they managed to
get this up and running on RHEL with a current version of BIND, I would
appreciate any and all information that can
Hello, I have set up a new BIND/named server, being backed by DLZ in this case,
though I don't think that will have any bearing on my question.
This NS is not publicly known or listed as an NS anywhere as of yet, so it is
only my own testing that has hit the machine. If I perform a dig
list and step back for all of
the reasons this isn't a good idea, at least not using what Apple give you.
Bill Larson
and sorry about the top posting, but this was ...
Sent from Garminfone by T-Mobile.
Scott Haneda talkli...@newgeo.com wrote:
Hello, I have set up a new BIND/named server
On Sep 24, 2010, at 12:51 PM, Tony Finch d...@dotat.at wrote:
A default build of bind expects to find it in /etc/named.conf
If you are running chrooted it needs to be copied into the chroot.
Most systems these days have packages of BIND. Those that do tend to have
BIND-chroot as an option for
63 matches
Mail list logo