signing -nsec3param 1 0 10 03F92714 example.net.|
||Thx
CT
On 10/18/18 12:05 PM, CT wrote:
All.
Not much on the subject other than a few posts.
didn't find anything in my last ARM search either..
Thx
CT
___
Please visit https://lists.isc.org/mailman/listinfo
All.
Not much on the subject other than a few posts.
didn't find anything in my last ARM search either..
Thx
CT
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
are published, how do I make 1 standby
Thx
CT
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
are published, how do I make 1 standby
Thx
CT
To be more specific , can I do this with the dnssec-signzone tool versus a
$include/stand-by-key
in the zone file
Thx
CT
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
On 10/01/2011 04:40 AM, Matthew Seaman wrote:
On 01/10/2011 09:25, CT wrote:
I have a few static zones that I sign via script
keydir = directory for both KSK and ZSK
$zone = zone file
/usr/local/sbin/dnssec-signzone -S -g -a -H 10 -3 $SALT -K keydir $zone
Fetching KSK 4054/RSASHA256 from key
On 09/01/2011 11:53 PM, Vbvbrj wrote:
On 01.09.2011 19:01, CT wrote:
so did you end up setting up a slave zone (for the internal AD DNS)
on your public DNS server ?
No, for now I just left the AD DNS (Microsoft DNS) instead of BIND. I
didn't have time to move all DNS servers to BIND and make
On 09/01/2011 07:59 AM, Vbvbrj wrote:
I had the same question a while ago. Using bind with forward only to an
AD DNS will get to errors for infrastructure, because of BIND caching
unable to disable for this forwarded zone. Also BIND does not redirect
all updates queries to AD DNS, while in an AD
xxx.xxx.xxx.2; // ad server 2
};
};
*
Thx
CT
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https
already exists..
The only solution that I have come up with is to manually
put the external PTR records in the AD PTR Zone file.
Not sure if there is a resolution to do in MS DNS but will ask the same
question in that group. Wanted to start here..
Thx
CT
On 7/28/2011 4:58 PM, Kevin Darcy wrote:
On 7/28/2011 12:26 PM, CT wrote:
I am wondering what might be a good workaround for this
legacy setup...
Will do my best to explain..
IP Space
- 1 Class B Global Unique (used Externally and Internally)
- 1 Class B RFC1918
DNS Setup
External DNS
On 05/12/2011 08:15 PM, Mark Andrews wrote:
In message4dcc225f.8000...@obsd.us, CT writes:
Primary Name server
bind- 9.7.3
OS- CentOS 5.6
Authoritative for 2 zones using DNSSEC
This may be an obvious question but I will ask anyway.. :)
I want to change the name of the server
from
to the registrar.
Thx
CT
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On 11/22/2010 01:01 AM, Ben McGinnes wrote:
On 22/11/10 5:05 PM, Doug Barton wrote:
On 11/21/2010 21:58, Ben McGinnes wrote:
On 22/11/10 7:12 AM, Doug Barton wrote:
On Thu, 18 Nov 2010, CT wrote:
- BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
Really old, definitely needs upgrading.
That just
I am looking for a best practices for dns query logging
Versions in use on Linux...
- BIND 9.7.1-P2
- BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
The minimum logging statement in my test named.conf (bind 9.7.1-P2)
logging
{
category lame-servers { null; };
category resolver
Kevin Darcy wrote, On 11/18/2010 02:19 PM:
On 11/18/2010 1:36 PM, CT wrote:
I am looking for a best practices for dns query logging
Versions in use on Linux...
- BIND 9.7.1-P2
- BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
The minimum logging statement in my test named.conf (bind 9.7.1-P2
Sukman wrote, On 10/30/2010 12:42 AM:
Looking to write a script to create the PTR records..
Not much on the Web..
I had some script that may help you... :)
Example of input file to be generated:
InstitutTeknologiBandung192.168.0.154 router2.id192.168.0.153
router1.id
local
Looking to write a script to create the PTR records..
Not much on the Web..
Thx
CT
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On 10/07/2010 05:40 PM, Eivind Olsen wrote:
--On 7. oktober 2010 16.55.54 -0500 groups gro...@obsd.us wrote:
One party thinks that disabling query logging will give enormous
performance gains, while 30% is a lot.. IMHO it is very negligible in CPU
cycles when the named process only is taking up
All..
We have 2008 M$ dns servers (running M$ DNS ) and bind servers on Linux
We are looking to tweak the M$ servers down to the same level as
the bind servers.. if possible..
the bind logging statement
-
category lame-servers { null; };
category resolver { null; };
category
Hardware: Dell PowerEdge 2850
OS: RHEL 5.5 32 bit (no X)
Bind: BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
RAM:2 Gig
Processes: Bind, ntp, ssh
My question(s):
1) How do I deternine the number of threads Bind is currently using ?
per the man page
I just migrated my dns server to bind 9.7.1-P2
KSK
dnssec-keygen -r /dev/urandom -a RSASHA256 -b 2048 -f KSK $zone
ZSK
dnssec-keygen -r /dev/urandom -a RSASHA256 -b 1024 $zone
SIGN
dnssec-signzone -S -C -g -a -H 10 -3 salt -K dir $zone
Per my isc class and the book I received by Jeremy C.
On 08/27/2010 11:32 AM, Alan Clegg wrote:
On 8/27/2010 11:42 AM, CT wrote:
Per my isc class and the book I received by Jeremy C. Reid ..
you still need to include your keys in the zone file either
via
$includedir/KSK
$includedir/ZSK1
$includedir/ZSK2
or
(cat *.key allkeys) which is what I
Overview
- internal DNS server with RFC1918 IP (old ip)
- wish to move to a global unique IP but still remain internal (new ip)
- keep the same name
Clients would still use the old IP until the migration had been completed.
What would be the preferred method to forward all requests from
the old
old zone file
---
$ORIGIN .
$TTL 3600
example.com IN SOA ns.example.com. root.example.com (
2010071402 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
24 matches
Mail list logo