Hello,
I think
chmod ug+x /etc/bind/zonas/
should solve the issue by giving the
owner (bind) and the group (bind) permissions to enter the
directory.
Danilo
On
Hello,
in the near future I will have to change NS records for one of my
domains, as DNS servers currently use an old domain (not mine), that
will be phased out. DNS servers will actually remain the same, only the
domain name will change.
So, basically:
* mydomain currently uses
,
Petr
1. https://bind9.readthedocs.io/en/v9_16_27/dnssec-guide.html
2.
https://ftp.isc.org/isc/bind9/cur/9.11/doc/arm/Bv9ARM.ch04.html#dnssec.dynamic.zones
On 4/5/22 09:07, Danilo Godec via
bind-users wrote:
Hello
On 6.4.2022 8:52, Daniel Stirnimann wrote:
Hello Danilo,
A simple schema to change DNSSEC algorithms is as follows:
1. Add new KSK/ZSK and double sign DNSKEY and all zone RRs
with both the new and old algorithm
2. Replace DS at parent
3. Remove old DNSKEY and all RRSIGs from the old
Hello,
I implemented DNSSEC for my personal domain a good while ago with an
older Bind and back then, I used RSASHA1-NSEC3-SHA1 algorithm, which by
now is not recommended... So I'm going to change the algorithm, probably
to ECDSAP256SHA256, which should also be NSEC3 capable.
Since my
Hello,
today I implemented DNSSEC for a domain - by that I mean that the DS
records have been published / added to TLD DNS today, while the zone has
been signed a couple of days ago.
So a couple of hours later I went to https://dnsviz.net to see if
everything seems OK and it reports one
On 29. 12. 21 19:24, tale wrote:
On Wed, Dec 29, 2021 at 5:31 AM Danilo Godec via bind-users
wrote:
I have an authoritative DNS server for a domain, but I was also going to
use the same server as a recursive DNS for my internal network, limiting
recursion by the IP. Apparently, this is a bad
Hello,
I have an authoritative DNS server for a domain, but I was also going to
use the same server as a recursive DNS for my internal network, limiting
recursion by the IP. Apparently, this is a bad idea that can lead to
cache poisoning...
After watching a Computerphile Youtube video
Hello,
I'm noticing some unusual activity where 48 external IPs generated over
2M queries that have all been denied (just today):
15-Dec-2021 00:01:42.023 security: info: client @0x7f96180b3fe0
194.48.217.14#59698 (.): view outside: query (cache) './ANY/IN' denied
15-Dec-2021 00:01:42.023
Don't know if that helps, but if I query my local Bind DNS for a CNAME,
that doesn't exists, dig gives me the SOA record:
> dig cname nonexisting.example.com @mydns
; <<>> DiG 9.16.6 <<>> cname nonexisting.example.com @mydns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,
Hello,
I recently stumbled upon a problem trying to update my root hints file
from *ftp.rs.internic.net*. For some reason, one of my DNS servers
running on Alpine Linux, can't resolve this name properly and always fails:
# ping ftp.rs.internic.net
ping: ftp.rs.internic.net: Try again
nslookup
11 matches
Mail list logo