Re: forums.iobit.com

Please ignore the message I mistakenly sent to bind-users. Thanks. --Barry Finkel. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support

Re: how two dns bind master sync?

On 8/23/2018 9:21 AM, Bob McDonald wrote: This may be an unpopular opinion, especially on the BIND-Users mailing list (sometimes BIND is not the best answer). It sounds like you might want something like multi-master DNS servers that Active Directory (with AD integrated zones) provides.

Re: Max slaves limit?

On Sun, 17 Dec 2017 22:06:58 +0530, vijay bommareddy wrote: Hello folks, I'm trying to find more information on the practical limitations of adding more slaves. Can someone tell me, how many number of slaves does BIND technically support? Is there a maximum limit per

Re: Issue with AT IPs?

On 12/5/2017 "Lightner, Jeffrey" wrote: We're having issues send email to a user @SIDDHAFLOWERS.COM Investigation here shows that the issue we have is querying your name servers (both by name and by IP) are refusing to respond to our name servers. Their name

Re: BIND and Windows DNS logging and archiving

On 7/22/2017 ,7:33 AM, Mick Lee wrote: Hi Guys, Can anyone offer any advice based on their experience? Thanks Mick On 19 Jul 2017 2:16 p.m., "Mick Lee" wrote: Hi All, I wonder if I could get some advice and guidance based on everyones experience.

Re: DNS forwarding

On 5/22/2017 10:48 AM, bind-users-requ...@lists.isc.org wrote: On 05/22/2017 07:16 AM, Barry S. Finkel wrote: Maybe I am misinterpreting the problem. When I was managing a mixed AD-BIND DNS scenario, ALL of the computers used the BIND servers for their DNS resolution; none used the AD servers

Re: DNS forwarding

On Wed, 17 May 2017 17:44:12, Elias Pereira wrote: Hello, Our scenario today consists of one: - DNS Server (Authoritative to our subdomains. Ex: www.mydomain.com*, moodle.mydomain.com, etc) - samba3 PDC server - Openldap server (user base for samba) All our IPs are

Re: Enterprise DNS Architecture - AD and BIND

On 12/15/2016 8:16 AM, Bob Harold wrote: On Wed, Dec 14, 2016 at 1:41 PM, Veaceslav Revutchi <slavarevut...@gmail.com <mailto:slavarevut...@gmail.com>> wrote: On Wed, Dec 14, 2016 at 10:35 AM, Barry S. Finkel <bsfin...@att.net <mailto:bsfin...@att.net>> wr

Re: Enterprise DNS Architecture - AD and BIND

On 12/14/2016 Veaceslav Revutchi wrote: Since this thread is still fresh, what is the current best practice when slaving from AD? Do you pick one DC and list it as master or is it safe to list multiple? We are looking to do the same and just started the conversation

Re: Enterprise DNS Architecture - AD and BIND

On Tue, 8 Nov 2016 16:09:36 -0800 Ray Van Dolson wrote: Greetings; Am reviewing our DNS setup which has organically evolved over the years and most certainly is due for an update: - We have AD servers responsible for our primary domain (internally). - We have other

Re: Delegation questions

On 8/11/2016 12:22 PM, bind-users-requ...@lists.isc.org wrote: I have a child domain that is delegated to a second site. Pretty straightforward situation. In the parent zone I have NS records that point to the DNS servers at the second site. The issue comes up when a slaved copy of the parent

Re: Maintain task frequency

On Mon, 9 May 2016 17:54:22 -0500, Jorge Alberto Mart?nez Melo wrote: Hello bind users, I am preparing some scripts to maintain some cache dns servers and I am thinking about the most appropriate frequency of these tasks: - to generate the root hints file (root

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

On 3/17/2016 12:36:31 +0100 Ron wrote: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive? Hi, subject says all. Read manpages, could not find this in the FAQ's. Hope this is possible. If not does anyone know of other

Re: About query response on a view

Okan Bostan wrote: Hello List, We are planning to migrate to Bind dns, I'm a bit newbie. In our design we have two views; int and ext. As internal view, recursion is on and we have our internal zones & forwarders. I have no problem with internal view. In external view,

Re: subdomain with domain

On 4/1/2015, Jeff Sadowski jeff.sadow...@gmail.com wrote The other day I found that my secondary name servers running bind where not dishing out _msdcs.domain SRV records This was causing join issues. It turned out that the Domain controller had 2 different scopes one for _msdcs.domain and

Re: Different answer when querying @server from different clients

On 3/6/2015 4:52 PM, bind-users-requ...@lists.isc.org wrote: I don't think it is views. The same thing happens against Google's public DNS. The two hosts route to the Internet differently and that seems to at the root of the issue somehow. [root@dc01 ~]# dig +short ns1.mediture.com

Re: In BIND 8.2 running on Solaris 8, how to start logging

On 6/27/2014, Samad Agha samad.agha2...@gmail.com wrote: Hi All, I have two Solaris 8 servers running BIND 8.2. I'd like to retire them both and transfer everything to a couple of RHEL 7 boxes. The City (I work for a mid-size California city) has outsourced different aspects of our DNS that I

Re: Multi-master (HA)

On 2014-05-07 15:06, Lawrence K. Chen, P.Eng. wrote: OTOH, the idea of multi-master is intriguing.the only down side I see, is hat I have one really powerful server for my current master(Sun Fire X4170)and my other servers are weak leftoversjust passed EOL last year. And,

Re: Help with DKIM record

Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: Hi everybody, I have set up a bind9 server, and everything works fine except when I try to request some fields (e.g., TXT) for any server. If I do host -t txt host I get host has no TXT record whereas if I do

Re: bind-users Digest, Vol 1773, Issue 1

Lawrence K. Chen, P.Eng. lkc...@ksu.edu wrote: Hmmm, so that explains what I'm seeing in my logs of my nameservers getting hammered by AD. Should I be worried? Is there anything that could be done on my end to help reduce the impact? On our campus, we have always allowed delegation of

Re: bind-users Digest, Vol 1766, Issue 2

markus weber bumpemacve...@googlemail.com wrote: Hey Guys, I am new to administer a Bind server and after a few problems i ran into i need to monitor the zonefile transfers of my slave server. I have searched on google and nagios plugin sites but could not find anything that fits my needs

Re: Re: Monitoring Zonefiletransfer

A few problems i discovered: - sometimes have a higher serial then all masters have, is this normal on an AD DNS? or am I doing something wrong i thought this could not happen. Only transfer from one AD master. Microsoft AD doesn't maintain consistent serials across the

Re: Monitoring Zonefiletransfer

Only transfer from one AD master. Microsoft AD doesn't maintain consistent serials across the servers. The serials should be monotonically increasing from a individual server. Oh, i didn't know that. Thats weird behavior isn't it? I will give it definitely a try, I just added 3

Re: Monitoring Zonefiletransfer

On 2014-02-19 16:06, Barry S. Finkel wrote: See MS KB article 282826, where MS documents the handling of zone serial numbers in an AD environment. And Dave Warren replied: My experience is that it tends to work pretty well if BIND only points to one particular MS DNS server at a time

Re: DNS with several ip adessess

With today's hardware (virtualization, etc) it?s not very expensive to build out new servers. One caveat with using virtual servers. Make sure that the DNS server on which the host machine relies is NOT the DNS server that is virtualized on that host. The host machine needs to be up before

Re: Internernal view is answering to external ping

Post your*full* config not half of it. How the hell do you expect people to identify problems unless you give them the neccessary details. Do you give you car mechanic only access to the boot when you have a engine problem? You said you created views yet you didn't send anything that

Re: New warning message...

This was discussed here already, and imho this is anti-spf bullshit like all those spf breaks forwarding FUD. The SPF RR is already here and is preferred over TXT that is generik RR type, unlike SPF. It is not Fear, Uncertainty, and Doubt that SPF breaks forwarding. SPF *DOES* break

Re: NAMED LOGS

Date: Mon, 22 Jul 2013 14:21:51 +0200 From: Grace Ingabiregrac...@ricta.org.rw Dear Team, Does anyone know what is going on here? As I can't understand why we do receive a lot of these messages in our logs. Jul 22 14:18:21 ns1 named[13045]: client 200.222.123.108#43576: query (cache)

Re: New warning message...

On 7/22/2013 11:17 AM, bind-users-requ...@lists.isc.org wrote: This was discussed here already, and imho this is anti-spf bullshit like all those spf breaks forwarding FUD. The SPF RR is already here and is preferred over TXT that is generik RR type, unlike SPF. On 22.07.13 08:50, Barry S

Re: Troubleshooting DNSSEC issue w/ ic.fbi.gov

The SOA RNAME should work: fbi.gov.600INSOAns1.fbi.gov. dns-admin.fbi.gov. 2013071601 7200 3600 2592000 43200 In my years as a DNS administrator, about 50% of the time I tried to send e-mail to the SOA RNAME, that mail was returned as undeliverable. I never have trusted

Re:: BIND 9.4.x and check-names

Ben-Eliezer, Tal (ITS)tal.ben-elie...@its.ny.gov wrote: Good Morning, I recently implemented a change in our DNS environment with the intention of suppressing the log events related to AD-integrated zones, and their Non-RFC compliant nature. In the global configuration I added the following

Re: Simple question about zone and CNAME

On 4/8/2013 9:10 AM, bind-users-requ...@lists.isc.org wrote: In article mailman.59.1365230565.20661.bind-us...@lists.isc.org, Phil Mayers p.may...@imperial.ac.uk wrote: Sam Wilsonsam.wil...@ed.ac.uk wrote: [adding an A record for ed.ac.uk.] If your AD realm is also called ed.ac.uk then

Re: Overriding Included Zone File Entries

On 3/5/2013 1:08 PM, Pat Suwalskip...@suwalski.net wrote: Hello everyone, I have a question about using the $INCLUDE directive in my zone files. We run DNS for a moderately large number of domains, largely pointing at the same servers. So, I'd really like to have the following setup:

Re: question about dns query distribution

HI Lawrence, We have recursive / caching name server for our Broadband internet services. And we have 60-40 traffic ratio. I mean 60 % queries comes on primary and 40% on secondary. Why primary does not getting 100% ? Is there any way to do it ? or what is the reason behind it that both

Re: DNS Blackholing

On 12/4/2012 6:00 AM, John Hascall j...@iastate.edu wrote: We have found that RPZ works quite well for us. We have 366825 names in our RPZ zone at present and scaling thus far has been a non-issue. A question from the OP that has not yet been answered - Make the zones masters on all servers.

Re: BIND and DNSSEC

On 11/1/2012 3:31 PM, Sten Carlsen st...@s-carlsen.dk wrote: The typical server setup (for own servers) is that one name is used for setting up e.g. the mail server, the ideal situation for everybody is that whether I am in house or visiting you, if I have any internet access, I can read and

Re: ISC Bind in Active Directory

On 10/18/2012 3:17 PM, bind-users-requ...@lists.isc.org wrote: Hi All, I'm hopping to get some feedback from people who use ISC Bind and DHCPD in Active Directory environments. Currently we use Bind/DHCPD for dynamic DNS and DHCP. It's been a pretty stable service, redundant and we are

Re: ho to filter hundeds of domains ?

Rick Colocciacoloc...@geneseo.edu wrote: add this line to /etc/named.conf include locallyblockeddomains.zones; contents of locallyblockeddomains.zones: // This bind zone is intended to be included in a running dns server f a local net // // It will return a 127.0.0.1 for the domains listed

Re: VMware Bind

On Jun 5, 2012, at 9:58 AM, Manson, John wrote: Will bind run on VMware? There may be two problems: 1) Will there be problems when the server is rebooted? If the server relies on the DNS server running in a VM, there could be problems. 2) When I tried a test master BIND in a VM, there