2011/5/25 Niall O'Reilly :
>
>
> Which of your DNS systems: resolvers or authoritative?
>
> Where is the source of the attack: within your (or your
> customers') networks, or out on the Internet?
>
Thanks. My nameservers are authoritat
Some IPs were continuely attacked my DNS systems.
Saw from the log, lots of requests from those IPs to query for the
non-exist records in the cache.
Is there a way to prevent this instead of just blocking IP with
iptables? I'm running the latest BIND 9.7. thanks.
Regards.
--
Jeff
Hello,
which port is used by BIND for nsupdate?
Is tcp port 53 or 953 on localhost?
Thanks.
--
Jeff Pang
www.DNSbed.com
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
2011/5/6 Matus UHLAR - fantomas :
>
> BIND will search for def.com only for recursive queries, not for iterative,
> and only when the client has recursion allowed on it.
>
you are totally mis-unstanding me.
--
Jeff Pang
www.DNSbed.com
__
nameservers.
One is in Atlanda, another is in Fremont, CA.
Each nameserver has four views.
The zone transfer between them is run with TSIG keys, all goes well.
--
Jeff Pang
www.DNSbed.com
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
2011/5/5 Doug Barton :
> On 05/04/2011 01:22, hugo hugoo wrote:
>>
>> So..no way to check that a zone is expired?
>
> You're asking the wrong question. The correct question is, "How can I make
> sure that a zone is up to date on all of the slaves?" You do that by
> querying the SOA record for the z
om the source.
I have been using Debian 6, the default apt-source for this release is
also BIND 9.7
But I can get the newer BIND 9.8 compiled from the source.
--
Jeff Pang
www.DNSbed.com
___
bind-users mailing list
bind-users@lists.isc.org
https://
2011/5/3 Jeff Pang :
> 2011/5/3 Chris Thompson :
>
>>
>> It will need to know the addresses of ns1.def.com & ns2.def.com to
>> send them NOTIFY packets when the zone is updated (unless that has
>> been suppressed). But it gets those by (if necessary) recursive
servers.
So, I was asking when there is not correct entries in /etc/resolv.conf
if named will find the ns1 and ns2.dnsbed.com correctly from the root
hint.
Now I got it, thank you.
--
Jeff Pang
www.DNSbed.com
___
bind-users mailing list
bind-users@lists
2011/5/2 Jeff Pang :
> 2011/5/2 Torinthiel :
>
>>
>> Authority named never sends queries on it's own, only responds to
>> submitted queries.
>
> Doesn't it execute iterative query from the root server?
>
> For example, given the nameserver is autho
2011/5/2 Torinthiel :
>
> Authority named never sends queries on it's own, only responds to
> submitted queries.
Doesn't it execute iterative query from the root server?
For example, given the nameserver is authority for abc.com.
And abc.com has two NS RRs:
abc.com.IN NS ns1.def.com.
ab
When I run the authority named on a linux/unix like system, but don't
put the reachable public nameservers on /etc/resolv.conf.
What will happen to the authority named? Will it work right?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
http
0/5/7 Peter Laws :
> On 05/07/10 09:22, Jeff Pang wrote:
>>
>> Though this is offtopic, but I'm surprised that msdn.net (microsoft
>> developer networks) has been using google's apps for email hosting.
>> It is not commercial for MS, isn't it?
>
>> msd
Though this is offtopic, but I'm surprised that msdn.net (microsoft
developer networks) has been using google's apps for email hosting.
It is not commercial for MS, isn't it?
> msdn.net
Server: UnKnown
Address: 192.168.1.1
Non-authoritative answer:
msdn.netMX preference = 30, mail excha
2010/5/4 Mark Andrews :
>
> In message ,
> Je
> ff Pang writes:
>>
>> Does this mean our ISP's filrewall block EDNS query/response?
>
Thanks Mark.
Firstly I was very afraid DNSSEC deployment for root DNS will affect
our DNS application (we are a mobile email provider in China), but now
it seems
Hello,
Following the discussions in the list, I made a test on one of our
servers, which is in an ISP's datacenter.
The result is below:
$ dig +short rs.dns-oarc.net txt
rst.x476.rs.dns-oarc.net.
rst.x485.x476.rs.dns-oarc.net.
rst.x490.x485.x476.rs.dns-oarc.net.
"218.204.255.72 DNS reply size li
Hello,
Since the global root DNS servers have deployed dnssec, as a
hostmaster for the common domain like example.com, should we also
deploy dnssec with named? Thanks.
Regards.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/m
reads: 8
> this is right info , however when i try to ps aux | grep named
> i only got one bind process ?
Since you meant threads so ps aux won't find that IMO.
from 'man ps':
To get info about threads:
ps -eLf
ps axms
ps -V
procps version 3.2.7
-
On Thu, Apr 22, 2010 at 10:15 PM, Todd Snyder wrote:
>
> I am working to document/diagram a very complex BIND deployment (multiple
> views, forwards, delegations, servers and environments)
If you can share the document after finishing it we will appreciate
that. Thanks.
--
Jeff
xinpu wang:
Hi
I have one BIND server configured with several views, using acls to let
different clients see different zones.
And now I want to setup a slave server providing the same function, and
do not know how to use AXFR to update zone data.
use TSIG Key.
Seems you know Chinese
> Original Message
> Subject: Re: request timeout
> From: JINMEI Tatuya / 神明達哉
> Date: Wed, April 29, 2009 5:26 pm
> To: "Jeff Pang"
> Cc: bind-users@lists.isc.org
>
>
> At Tue, 28 Apr 2009 00:42:29 -0700,
> "Jeff Pang" wro
When a Bind requests another Bind for a name resolving, what's the
timeout value for this resuest?
I mean, within how many seconds peer Bind doesn't answer it, this Bind
will give up the query?
Thanks.
Regards.
___
bind-users mailing list
bind-users@lis
> Original Message
> Subject: Re: about resolving on a child zone
> From: Chris Buxton
> Date: Mon, April 13, 2009 10:31 am
> To: Tech W.
> Cc: bind-users@lists.isc.org
>
> In this case, the answer is that your main zone (example.com) will
> have an error, because it will
> Original Message
> Subject: Re: slave for views
> From: Barry Margolin
> Date: Sat, April 11, 2009 2:08 pm
> To: comp-protocols-dns-b...@isc.org
>
>
> In article ,
> "Jeff Pang" wrote:
>
> > what's the correct way to se
what's the correct way to set up a slave for a named master which has
multi-views?
thanks.
Regards.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
hello,
I have two bind-9.6 (one master one slave) for product application.
how to set allow-transfer in master's named.conf?
shall it be:
allow-transfer { none; };
or:
allow-transfer { all; };
thanks.
Regards.
___
bind-users mailing list
bind-users
> Original Message
> Subject: IP redirection
> From: "Mohammed Ejaz"
> Date: Wed, April 08, 2009 7:03 am
> To:
>
>
> Dear all,
>
>
>
> It can be done through the bind, Let say if any one trying to browse a
> website by the IP address then DNS redirect him to the domain
> Original Message
> Subject: Re: C/C++ version Load balancer DNS
> From: Chris Buxton
> Date: Fri, April 03, 2009 4:11 pm
> To: Bind Users Mailing List
>
>
> Either way, if it were me, I would start my search at the F5 website.
> http://www.f5.com/solutions/availability/
>
I have a bind server with common installtion (not with DLZ etc).
CPU for this server box is 2.0G (one core), memory is 1G DDR2, OS is
Linux, named version is 9.6.0-P1.
How many requests per second can bind handle under this hardware
environment?
(or please tell me how to calculate request performan
> Original Message
> Subject: How to Create a MX record for a subdomain.
> From: "tzqian"
> Date: Wed, April 01, 2009 2:10 am
> To:
>
>
> I would like to add a MX record for subdomain.
>
>
>
> Such as :
>
> smtpMX 10.0.106.1
>
you need a PRI
30 matches
Mail list logo
