Re: record PTR

197.242.181.69', it works. Do I need to request a > delegation of 197.242.181.69 to the name servers ns1.sami.tn? > > > > *De :* Ben Croswell > *Envoyé :* jeudi 14 mars 2024 13:10 > *À :* RAHAL Sami SOFRECOM ; ML BIND Users < > bind-users@lists.isc.org> > *Objet :

Re: record PTR

The in-addr.arpa domain for your IP space will need to be delegated to your DNS servers. That generally happens at the entity that assigned the block. For instance ARIN, RIPE, or APNIC. On Thu, Mar 14, 2024, 8:06 AM wrote: > Hello, please, I want to know if I need to delegate a range of IP >

Re: Determining Which Authoritative Sever to Use

I will say edge DNS servers reduce client config complexity, even if you have DHCP, and increase resiliency of the initial resolver. Where it's true with DHCP you can change the DHCP server options it doesn't help if someone just got a 4 day lease and then the DNS server dies. Additionally the

Re: Determining Which Authoritative Sever to Use (Bob McDonald)

b McDonald wrote: > Thanks for the answers. A couple more questions and then I'll stand down. > > First, it's Ben Croswell. Just pointing that out. > > Second, my reading of the definition of a static-stub zone in the Bvarm > indicates that its use is to allow a local copy of th

Re: Determining Which Authoritative Sever to Use

I would concur that internally Anycast is best for client facing edge nodes to reduce client configuration complexity as well as reducing impact of a first resolver outage. On Sun, May 8, 2022, 7:59 AM Tony Finch wrote: > Bob McDonald wrote: > > > > My question is this; how do the recursive

Re: Determining Which Authoritative Sever to Use

bscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bi

Re: Forwarding zone, setup

Are you loading the parent domain and trying to zone forward a child domain on the same DNS server? I.e. loading somedomain.local and trying to forward ab.somedomain.local If so an NS delegation is required in every instance I have done in my environment. The NS doesn't need to be "right" but it

BIND OS tuning

Does BIND take advantage of net.core.rmem_max on Linux boxes? If I set the rmem_max to 12.5mb but leave the rmem_default as the OS default will I see a benefit on a high QPS DNS server? Or does BIND look to the rmem_default and ignore the rmem_max? -- -Ben Croswell

Re: CNAME / TXT

If you uncomment that mg CNAME you end up with a CNAME mx and TXT at the same node in to the DNS tree and that is illegal. That is why you get the error "cname and other data". The mx and txt are the other data. On Sat, Aug 22, 2020, 8:19 PM Jukka Pakkanen wrote: > Cannot figure out what is

Re:

In this case a zone level forwarder takes priority over the global forwarder. Abc.com would go to 1.1.1.1 On Sat, Jun 27, 2020, 11:44 PM baalchina wrote: > Hi all, > > I had a bind 9.16.4 as recursive name server. I want to forward all > queries to a specific dns server out of my net such as

Re: Question about at zone transfer behaviour on slave

You are looking for the refresh timer in the SOA if you mean the timer for a slave to check the serial with the master. On Wed, Jun 5, 2019, 10:09 PM Techs-yama wrote: > Hi all, > > Have a question about at zone transfer behaviour on slave server. > > In case of slave zone configure and

Re: Change DNS records automatically when a link is DOWN

If you can craft the monitor for the link it could call nsupdate to make the change On Wed, Jun 5, 2019, 11:16 AM Roberto Carna wrote: > Dear people, I have two sites: > > - Main site with an Internet link and two BIND services (DNS1 y DNS2) and > a /28 block, and web and mail services

Re: DNS Flag Day: I had to open the TCP/53 port

El lun., 4 feb. 2019 a las 10:50, Ben Croswell () > escribió: > >> BIND has always required UDP and TCP 53 for proper functionality. It >> sometimes mistakenly believed that TCP is only for zone transfers but that >> is not the case. >> >> On Mon, Feb 4, 2019,

Re: DNS Flag Day: I had to open the TCP/53 port

BIND has always required UDP and TCP 53 for proper functionality. It sometimes mistakenly believed that TCP is only for zone transfers but that is not the case. On Mon, Feb 4, 2019, 8:46 AM Roberto Carna Dear, I have a BIND 9.10 public server and I have delegated some public > domains. > > When

Re: DNS flag day

I would imagine "its a hoax" is code for we dont want to bother remediating. On Fri, Jan 18, 2019, 3:20 PM Warren Kumari > > On Fri, Jan 18, 2019 at 2:58 PM Ben Croswell > wrote: > >> I would say we had one provider go as far as saying this whole flag day >&

Re: DNS flag day

I’ll not hear > back from them. > > Is there a list of known edns compliant Registrar name severs for the > larger Registrars? > > Is it possible the failures seen are false? If so, are there alternate > edns compliance checkers that might show different responses than > dnsf

Re: EDNS Compliance

ytes? > > Regards, > Max > > On Fri, Jan 18, 2019 at 11:07 AM Ben Croswell > wrote: > >> As long as all 4 DNS servers are running the same version, my first >> suggestion would be to check firewalls for dropped packets. >> >> Some FW/IPS drop packets with edns ve

Re: DNS flag day

Risk > On Jan 18, 2019, at 9:09 AM, Ben Croswell wrote: > > Has ISC released minimum viable BIND version for flag day? > > > Most versions of BIND authoritative servers, going back years, are EDNS > compatible. Certainly ALL currently supported versions are compatible. I >

DNS flag day

Has ISC released minimum viable BIND version for flag day? I looked around and couldn't find anything. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org

Re: EDNS Compliance

As long as all 4 DNS servers are running the same version, my first suggestion would be to check firewalls for dropped packets. Some FW/IPS drop packets with edns versions other 0 because they see it as an attack. On Fri, Jan 18, 2019, 12:02 PM N. Max Pierson Hi List, > > I am trying to ensure

Re: BIND and UDP tuning

When we ran into UDP tuning issues on high traffic devices it presented as silent discards rather than SERVFAIL. On Thu, Sep 27, 2018, 12:04 PM Alex wrote: > Hi, > > > On Thu, Sep 27, 2018 at 10:53:25AM -0400, Alex wrote: > > > Many of these values I've already tweaked and have had no effect on

Re: Max slaves limit?

That is a valid consideration but being a slave doesn't always mean being in the NS records. On Dec 18, 2017 9:47 AM, "Barry S. Finkel" wrote: > On Sun, 17 Dec 2017 22:06:58 +0530, vijay bommareddy > wrote: > >> Hello folks, >> >> I'm trying to find more

Re: EDNS0 client subnet in BIND 9.10

The use case i am looking at is using ECS or some other mechanism to pass the IP of client making the query to the global load-balancer. This information could then be used by the global load-balancer in making proximity decisions when crafting its response. I.e. GLB sees 10.1.1.1 and returns a

EDNS0 client subnet in BIND 9.10

I would like to use the client subnet option to overcome some hurdles related to proximity load-balancing. I have looked through the ARM and found references to setting the option in a dig. However I was not able locate options for sourcing that option on the DNS server. Is anyone using ECS

RE: Forwarding from delegated zone not working

:bind-users-boun...@lists.isc.org] *On Behalf Of *Ben Croswell *Sent:* Tuesday, October 10, 2017 11:38 AM *To:* seanliam73 <sean.orei...@landg.com> *Cc:* bind-users@lists.isc.org *Subject:* Re: Forwarding from delegated zone not working If the AD environment loads company.com you need to make sure

Re: Forwarding from delegated zone not working

If the AD environment loads company.com you need to make sure it has NS delegations. The nameserver will ignore the zone forwarded if it knows the child doesn't exist. On Oct 10, 2017 11:22 AM, "seanliam73" wrote: > Hi > > I have a subdomain delegated from AD to a bind9

Re: strange problem with query being dropped/ignored by the BIND process

Have you checked deeper at the OS level? I have seen on Linux DNS servers silent drops of queries on very busy servers that were exhausting UDP receive buffers. On Jun 28, 2017 10:26 AM, "Marc Richter" wrote: Hi, we have a setup here consisting of a recursive DNS

Re: Why would a master zone use forwarders ?

ub.mydomain.com ns.sub.mydomain.com A 1.1.1.1 What's the difference between the global forward for delegated child domains and the delegation I do ? Thank you Le Vendredi 12 mai 2017 15h34, Ben Croswell <ben.crosw...@gmail.com> a écrit : This would only change behavior if the server has global f

Re: Why would a master zone use forwarders ?

This would only change behavior if the server has global forwarding. If it is master for a foo.com and also has global forwarding it will use the global forward for any delegated child domains under foo.com unless they are also loaded locally. The forward{} turns off global forwarding for that

Re: Bind master keeps saying it is not authoritative

Ensure that the allow-query clause on the master includes the slave. If the slave can't query for the SOA on the zone it can't do an xfer. On Mar 2, 2017 6:34 AM, "Xavier Humbert" wrote: > The whole configuration, comments removed : > > -- Master

Re: The DDOS attack on DYN & RRL ?

In article <mailman.546.1477931391.7.bind-us...@lists.isc.org>, > Ben Croswell <ben.crosw...@gmail.com> wrote: > > > I think what we see as a result of this attack is DNS provider diversity > > being the new buzz phrase. The same as not relying on a single ISP link i > > see

Re: The DDOS attack on DYN & RRL ?

I think what we see as a result of this attack is DNS provider diversity being the new buzz phrase. The same as not relying on a single ISP link i see more people using multiple DNS providers. The size of these attacks will grow as IoT continues to grow. It makes sense to have diverse providers to

Re: CVE-2015-7547: getaddrinfo() stack-based buffer overflow

Cyber folks asked if there was any way for the DNS servers to "protect" the vulnerable clients. The only thing i could see from the explanation was disabling or limiting edns0 sizes. That is obviously not a long term option. On Feb 17, 2016 11:39 AM, "Alan Clegg" wrote: > On

Re: About CVE-2015-5477 (An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure)

Is it safe to say the only vulnerable hosts would be those accepting queries from the outside world, or would this also pertain servers getting responses from the outside world with no inbound queries? On Jul 28, 2015 5:42 PM, Michael McNally mcna...@isc.org wrote: As the security incident

Re: Diagnostic help

The default for allow query is local host local nets. Basically the server itself and directly connected networks On Sep 29, 2014 8:03 PM, Bill Christensen billc_li...@greenbuilder.com wrote: Hi folks, Something got sideways on one of my DNS servers, and I would appreciate some help in

Re: Slave zero-TTL on CNAMES

Cisco routers do have the ability to doctor DNS packets when doing NAT. When it doctors it sets the TTL to 0 but I dont know why it would only do it on CNAME records. On Jun 5, 2014 12:43 PM, Reindl Harald h.rei...@thelounge.net wrote: Am 05.06.2014 17:58, schrieb /dev/rob0: On Thu, Jun 05,

Re: Bind 9.9.1 forward zone local

I would imagine your issue is a lack of an NS delegation in the root zone you are slaving. If you load a parent and then try to forward a child of that parent you must have a delegation in the parent. The delegation doesn't have to match the forwarders but it must exist. On Mar 25, 2014 1:57 PM,

Re: which Name sever is selected?

to being slower. On Mar 3, 2014 8:24 AM, houguanghua houguang...@hotmail.com wrote: Hi Ben, What's the meaning of bind decaying? Where can I find the detailed description? Thanks! Guanghua Date: Fri, 28 Feb 2014 11:39:54 -0500 From: Ben Croswell

Re: which Name sever is selected?

RTT banding was removed in early versions of 9.8 due to the performance hit being larger than any security benefit. So it would depend what version of bind is being used in this case. https://www.isc.org/blogs/rtt-banding-removal-from-bind-9/ It is important to note that all ns records will take

Re: Bind vs flood

I guess I am missing why anyone on the internet should be able to open queries against your caching resolver. Why would in bound queries be allowed to servers that are for your people to get out? On Feb 27, 2014 10:13 AM, Ivo i...@nic.lv wrote: Hi Dmitry, We observed that similar requests

Re: Bind vs flood

like Zyxel or similar which may have open resolver by default. Ivo On 2/27/14 5:18 PM, Ben Croswell wrote: I guess I am missing why anyone on the internet should be able to open queries against your caching resolver. Why would in bound queries be allowed to servers that are for your people

Re: how to modify the cache

You can't modify cache. If that was allowed you could cache poison any domain you wanted. On Feb 14, 2014 8:52 AM, houguanghua houguang...@hotmail.com wrote: Hi all, Bind provides rndc tools to operate the cache. But how to change a record in the cache. For example: to modify origin record

Re: how to modify the cache

.bind-us...@lists.isc.org, Ben Croswell ben.crosw...@gmail.com wrote: You can't modify cache. If that was allowed you could cache poison any domain you wanted. poisoning refers to putting incorrect records into the cache of some *other* server. If you operate the server itself, you can put

Re: I may be confused regarding sub delegated zone

A freshly started server with no cache will be directed to nd1 first which will give a referral to ns2 for the subdomain. After that it will go to ns2 directly until the ns records time out in cache. On Jan 23, 2014 12:30 PM, Blason R blaso...@gmail.com wrote: Hello friends, I may sound like

Re: Delegation and Forwarding

The basic answer is that you use null forwarders for any domains that you want to turn off the global forwarders. If you have a global forwarder and then you have bob.com with a null forwarder, bob.com and the domains below is will follow delegation. On Dec 11, 2013 7:10 AM, Bob McDonald

Re: Confused about a basic concept

@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- -Ben Croswell ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org

Re: Most specific match on PTR records

You need to ensure if the resolver that is doing the forwarding also loads the blank 10/8 that you have the smaller /24 delegated in the 10/8. The reason being if it loads the /8 with no /24 delegation it will ignore the forward because it believes the /24 doesn't exist. On Feb 21, 2013 1:21 PM,

Re: What causes 'zone transfer setup failed' ?

A common issue is the secondary not being allowed to query the master for the SOA of the zone. Ensure the master has an allow-query that includes the secondary. On Jan 25, 2013 6:06 AM, Jan-Piet Mens jpmens@gmail.com wrote: Hello, I'm seeing quite a number of messages like

Re: Define an internal zone with only a couple of A records, then forward to an external dns server

If you load the zone your server will believe it knows everything about the zone and not forward anything below it. If you load foo.com with two records, nothing but those two records will ever resolve on that server for foo.com. One way to make it work would be to load two zones. Vpn1.foo.com

Re: MNAME not a listed NS record

There is no issue with a configuration like this. It is the very definition of a stealth master and is a very common configuration. Any DDNS updates will continue to reach the stealth master via the mname and no resolvers will find the master via NS records so it won't be queried. On Jan 16, 2013

Re: Name resolution fails if not forwarding

My first thought would be lack of firewall rules and connectivity to the Internet. On Jan 8, 2013 9:35 AM, Daniele d.imbrog...@gmail.com wrote: If I use BIND9 forwarding all the queries not belonging to my local zones, it works. But if I don't forward those queries, `dig` sometimes (and this

Re: Bind not forwarding all requests

It is probably related to forward first versus forward only. Forward first is default but will fall back to no forwarding if the forwarders fail. On Dec 7, 2012 12:06 PM, Romgo ro...@free.fr wrote: Hello, I am currently running two bind9 server on Debian Squeeze. 1:9.7.3.dfsg-1~squeeze8

RE: Performance tuning

I did digs to both names from my work DNS infrastructure. The response was 58ms to resolve the WWW entry and 44ms for the non WWW entry. Would not appear to be a resolution related slow down. -Ben Croswell On Nov 26, 2012 1:25 PM, Lightner, Jeff jlight...@water.com wrote: For question 1

Re: forwarder is ignored when authoritative zone is added

assume the logic is, why would I forward a subdomain I know doesn't exist. -Ben Croswell On Oct 26, 2012 2:17 AM, Frank Even lists+isc@elitists.org wrote: I've recently had an issue that I'm having some issues finding information on solving. I have internal DNS resolvers...they act

Re: forwarder is ignored when authoritative zone is added

The thing that brings me back to a delegation issue is the statement of slaving an external version of the second level domain the internal DNS server. I know if I was splitting a domain I would not put internal only delegations external. -Ben Croswell On Oct 26, 2012 7:23 AM, Sten Carlsen st

Re: global forwarders - current BIND9 behaviour documentation

the method for retrying a forwarder after it was set high due to a timeout etc. -Ben Croswell On Jul 25, 2012 2:36 PM, ip admin ipm...@googlemail.com wrote: Hi, anybody there who can provide a definitive answer on the current BIND 9.7 (or higher) global forwarder behaviour? I did find

Re: How does a child find its parent?

The child doesn't know it's parent and goes up to the root like any other server would. -Ben Croswell On May 8, 2012 2:13 PM, Mike Bernhardt bernha...@bart.gov wrote: Reading the section on delegation in the O'Reilly book, I'm confused about something: The parent is configured to delegate

RE: How does a child find its parent?

Another option would be zone level forwarding on the child to point at the parent or stub zones. -Ben Croswell On May 8, 2012 3:59 PM, Mike Bernhardt bernha...@bart.gov wrote: In this case, the root only knows the external public server, not the internal parent who is doing the delegating. So

Re: Why does a non-delegated sub-domain work?

the subdomain will disappear. -Ben Croswell On May 7, 2012 1:08 PM, M. Meadows sun-g...@live.com wrote: So ... if we have exacttarget.com delegated to ns1 and ns2.exacttarget.com nameservers and ... we manage the s6.exacttarget.com zone file from ns1 and ns2.exacttarget.com but we don't delegate

Re: new here

than you are loading it as. You load 104.16.98.in-addr.arpa. they are transferring 104-22.16.98.in-addr.arpa. -Ben Croswell On May 2, 2012 1:18 PM, David dmilho...@wletc.com wrote: ** Hello All, I am new here but have been watching the list for a while. I run a small WISP and we have just moved

Re: How to influence forwarder selection BIND 9.7.3

A certain percentage of queries will always go to all of the forwarders listed. If you have servers A B and C and A is the fastest SRTT, whenever A answers the SRTT for B and C will be decremented by a small percentage. Eventually they will be lower than A and get used. The likely result is that

Re: new here

You set a listen-on that does not include 127.0.0.1. On Apr 22, 2012 11:08 PM, David Milholen dmilho...@wletc.com wrote: I am a Wisp admin and I have just configured a couple of new Bind9 servers. They will resolve using dig google.com @9x.1xx.104.14 I am having some trouble getting them to

RE: Configuring CNAME for nosslsearch.google.com

This is incorrect. It is illegal to have a cname and any other record on the same name in dns. The ns and soa count as records. On Apr 16, 2012 9:41 AM, Matthew Huff mh...@ox.com wrote: Actually, this can be done. Create a zone file for www.google.com, not google.com. The zone file should

Re: Configuring CNAME for nosslsearch.google.com

What you are asking for can't be done. If you load the google.com zone everything you don't load in the zone will be black holed and not resolve. If you try to load WWW.Google.com you will not be able to make WWW a cname due to the no cname and other data rule. On Apr 15, 2012 5:39 PM, Tobias

Re: TC Flag

The TC flag is set when the response is larger than your max udp packet size. 512 bytes with no edns0 and up to 4096 bytes with edns0 fully functioning. On Apr 10, 2012 9:55 AM, rams brames...@gmail.com wrote: When I get TC flag for UDP query? ___

Re: external view recursion issue

If you are authoritative for a cname that points to an A elsewhere, your server will resolve the cname and leave it to the client dns server to go get the A from the server that hosts it. On Mar 16, 2012 10:14 AM, Samantha Steers sam.fait...@gmail.com wrote: Hi, I am getting prepped to migrate

RE:

If you do not delegate the subdomains with NS records you are not fully delegating the subdomain. It will work fine in the short term, but are setting up a landmine for someone to step on later. If decide to move that subdomain to other dns servers later it will disappear without the NS records.

Re: log for one domain

We rip the logs apart put them into a database with a web front end. We watch for 6 months then remove ones with no traffic. On Mar 11, 2012 6:12 PM, hugo hugoo hugo...@hotmail.com wrote: Dear all, Is it possible to logs queries to a specific domain? I have a domain configured in my system

Re: zone update to slave

You can freeze thaw or use nsupdate to dynamically add the static entries. rndc freeze Edit zone rndc thaw You will lose any ddns updates during the freeze. -Ben Croswell On Jan 11, 2012 3:52 PM, Dan Letkeman danletke...@gmail.com wrote: Ah, I did not know that. So then my scenario must

Re: forwarding @ to a different domain?

You can't cnane mydomain.com to anything because it has, at the minimum, ns and soa records. -Ben Croswell On Jan 8, 2012 1:11 PM, Jukka Pakkanen jukka.pakka...@qnet.fi wrote: www in cname mydomain.myshopify.com. mydomain.com. in cname mydomain.myshopify.com. Is this what you are looking

Re: Problem at loading advert in Squid 2.7 3.1

Not sure how this is a BIND related issue. -Ben Croswell On Dec 26, 2011 11:55 AM, feralert feral...@gmail.com wrote: Dear all, Squid is not loading an advert in a web page frame which loads fine when using a direct connection to the internet. The versions used are 2.7.STABLE9-2.1 and 3.1.6

Re: New problem with lame-server after Dist-Upgrade

Did the BIND version change with the OS upgrade? -Ben Croswell On Dec 24, 2011 6:38 PM, Michelle Konzack linux4miche...@tamay-dogan.net wrote: Hello *, my Inttranet NameServer (my DNS-Master) was running Debian Lenny/5.0 and is now upgraded to Debian Squeeze/6.0 and et I get per day very

Re: What does this mean ? INSIST(zone-type == dns_zone_stub) failed

I don't see the desired outcome of making them both master and the trying to have one transfer from the other. Have one be master and one be slave from the master. No reason to alter code and query responses will be the same to your clients. -Ben Croswell On Dec 8, 2011 8:57 PM, 蔡火胜 hx

Re: Zone Transfer Query

I would imagine the IP you trying to transfer on is not in the allow-query acl of the master. You have to be to do soa queries to the master. -Ben Croswell On Dec 5, 2011 7:34 AM, Gaurav Kansal gaurav.kan...@nic.in wrote: Dear All, ** ** I have a master DNS on IPv4 AND slave DNS on IPv6

Re: Switching from forwarding to recursion

the delay in exhausting the forwarders before attempting the roots. -Ben Croswell On Nov 1, 2011 9:23 AM, Will Lists listsw...@gmail.com wrote: We recently tried a test to see how our internal servers would react to a loss of their external peers, with the goal being that the internal servers would

Re: Switching from forwarding to recursion

going to NS or there is no way of knowing when the forwarders are back. In your case if you have a limited number of servers a quick removal of the forwarders may be the quickest way to restore service. -Ben Croswell On Nov 1, 2011 10:03 AM, Will Lists listsw...@gmail.com wrote: Ben, I seem

Re: what's a valid domain name?

Actually a . is not part of a host name. It separates all the parts of FQDN. If you put one in a host name you have an undelegated subdomain as I stated before. -Ben Croswell On Oct 31, 2011 6:59 AM, Kristen Eisenberg kristen.eisenb...@yahoo.com wrote: Ben Croswell writes: In that case

Re: CNAME or A record?

Either is fine. Using the cname would require a single update if your ip changes, but prevents other records at the same level. So you couldn't attach mx for instance at example.com and www.example.com if you wanted to. Neither is wrong and both have pros and cons -Ben Croswell On Sep 28, 2011

Re: CNAME or A record?

That makes no sense. If he didn't have a dns entry for both sites, how does the user get to site without the dns entry to be rewritten by Apache? -Ben Croswell On Sep 28, 2011 10:52 AM, 风河 short...@gmail.com wrote: this is the stuff what should be done by webserver rather than by DNS. i,e

Re: servfail are not cached!

Actually he said the DNS protocol allows for it and ISC had been considering adding it. -Ben Croswell On Sep 27, 2011 11:38 AM, Issam Harrathi issam...@gmail.com wrote: As i test it's not cached at all, and you say here it's cached for 30 seconds?! i'm using 9.7.2-P3. 2011/9/27 Evan Hunt e

Re: bind weighted round robin not working

That doesn't work with recent versions. BIND discards the duplicates. -Ben Croswell On Jul 16, 2011 4:28 PM, d...@cornholio.nl wrote: Hi, I’ve got a problem getting weighted round robin dns to work. What I need is ip adress 1 getting twice the hits of ip address 2, however making multiple

Re: monitoring BIND

Nagios is a very move tool for synthetic transaction monitoring. You put in whatever hosts and host names to resolve and it does it. -Ben Croswell On Jul 13, 2011 11:01 AM, Karl Auer ka...@biplane.com.au wrote: We have some nameservers :-) that are used by quite a few thousands of people

Re: Strange behaviour resolving CNAME's via a forwarder.

point of the cname chain. If you specifically ask for cname first, it caches the cname and then further queries don't go to the second box and your first box just resolves the end of the chain. -Ben Croswell On Apr 20, 2011 7:23 AM, Adam Goodall adam.good...@gmail.com wrote: On 20 April 2011 10:42

Re: multiple IP address in Address Record in BIND

In the bind 8 days people would put the same address multiple times and then other addresses as well to weight the responses. -Ben Croswell On Apr 17, 2011 2:45 PM, Eivind Olsen eiv...@aminor.no wrote: Hi, we have internal domain called sva.com and address record for this sva.com is pointed

Re: dns RR method is not equal balanced?

First and foremost you shouldn't be running any version of BIND 8. That is way out of date and open to a lot of exploits. That being said if by some -Ben Croswell On Mar 29, 2011 4:55 AM, Kay ch...@daumcorp.com wrote: Dear my friends. I use bind 8.4.7-REL on RHEL 4.4 OS and have thousands

Re: dns RR method is not equal balanced?

is load balancing so you would see a more even load across the 12 servers. -Ben Croswell On Mar 29, 2011 4:55 AM, Kay ch...@daumcorp.com wrote: Dear my friends. I use bind 8.4.7-REL on RHEL 4.4 OS and have thousands of domains. In my case ; some domain has 12 IPs but traffic of the server

Re: RE: what's a valid domain name?

In that case technically you are creating undelegated subdomains for each router. The dot is a delimiter and can't be part of a hostname. -Ben Croswell On Jan 31, 2011 11:19 AM, Vyto Grigaliunas v...@fnal.gov wrote: ___ bind-users mailing list bind

Re: what's a valid domain name?

The rfc you quote clearly states when used as a delimiter of a domain as I stated. -Ben Croswell On Jan 31, 2011 8:58 PM, p...@mail.nsbeta.info wrote: Ben Croswell writes: In that case technically you are creating undelegated subdomains for each router. The dot is a delimiter and can't

Re: cache server with authoritative answer

That is no longer the case. It doesn't respond authoritative on the first query. -Ben Croswell On Jan 30, 2011 10:01 AM, Kevin Oberman ober...@es.net wrote: On Sat, 2011-01-29 at 14:49 +0800, p...@mail.nsbeta.info wrote: The book Pro DNS and BIND says: If the caching server obtains its data

Re: Master server offline

___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- -Ben Croswell ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: Master server offline

If your secondaries can't reach the primary for the period of time you have in your SOAs for refresh the secondaries wills top answering. -- -Ben Croswell On Thu, May 6, 2010 at 10:37 PM, Dave Filchak sub...@zuka.net wrote: Our master server machine had a drive failure and looks like

Re: Poblem with ZONE (subdomain)

(irc.icq.com) Tel. DE: +49 177 9351947 ICQ#328449886 Tel. FR: +33 6 61925193 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- -Ben

Re: New BIND user

is appreciated. *Martin* ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- -Ben Croswell ___ bind-users mailing list bind-users@lists.isc.org

Re: SIBLING GLUE address records (A or AAAA)

mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- -Ben Croswell ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: FW: Blocking top level domain

-- -Ben Croswell ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: Need help on delegation to subdomain/external servers

answer it should failover fairly quickly. If both answer then you will be at the mercy of the RTT as to which answer you will get. -- -Ben Croswell On Thu, Sep 17, 2009 at 12:27 PM, Kevin Darcy k...@chrysler.com wrote: RUOFF LARS wrote: [mailto:bind-users-boun...@lists.isc.org] On Behalf

Re: Delegating reverse DNS to a customer

subdomain of a domain you load. If you want to delegate foo.bar.com to someone you put the NS records in bar.com not foo.bar.com. -- -Ben Croswell On Tue, Aug 18, 2009 at 8:31 AM, Tim Huffman t...@bobbroadband.com wrote: Guys, We’re a smallish (but growing) ISP, and we’ve been asked by one

Re: tcp versus udp

Also if EDNS0 is in effect theoretically the max size would be 4096 bytes before a truncate happened. -- -Ben Croswell On Mon, May 4, 2009 at 8:55 PM, Martin McCormick mar...@dc.cis.okstate.eduwrote: Matt Baxter writes: When a response can not fit in a single UDP packet the server will mark

Re: Using TCP for checking

My one caution on this would be you may run into false negatives with TCP if people have misconfigured firewalls. It's surprising the number of people out there that believe TCP is only for xfers. -- -Ben Croswell On Tue, Apr 7, 2009 at 3:17 PM, Mark Elkins m...@posix.co.za wrote: I'm

Re: time.windows.com and download.windowsupdate.com

. someotherhost.time.windows.com won't work 2) Everything under windowsupdate.com will not be resolvable other than download.windowsupdate.com i.e. someotherhost.windowsupdate.com As long as you are aware of and ok with those caveats you should be fine. -- -Ben Croswell On Sun, Feb 8, 2009 at 6:03 PM, patate...@gmail.com

  1   2   >