Are you sure that the new system has exactly the same jail configuration as the
old one? That's the easiest thing to overlook when hurrying; I did that once
myself replicating a system with an underlying OS change which ruled out my
preferred dump/restore method.
Hth,Len
On Thursday,
The hints hopefully point eventually to an authoritative server for ..
Whatever that authoritative server says overrides any hints, just like any
other zone's authoritative NS. It does not matter how obsolete a delegation
is, so long as some authoritative NS replies, the data from the
I think you meant to say: WWW and any other server/service -- zone
db.internalOtherfwise have your cogent explanation ready for the executive of
your choice complains loudly Our web site is down Our customers MUST have
reliable access to our site!
(Many executives will not think to
Let me take a step back. The original problem is dig .
would give SERVFAIL instead of NOERROR.
The . is pointed to named.ca which looks normal.
Without source code changes to your tools and/or replacement
hints files . invariably points to the root servers to be used by the
(possibly
At about 3:26 AM on 07 AUG 2014 Gaurav Kansal asked:
...
Is there any way out to figure out the same ?
Here are two easy approaches:
Create a simple database or sequence of files containing the results of an all
star crontab entry. The persistent storage entries coming over the statistics
The never changes TTLs are from zones for which the server is authoritative.
Otherwise, the TTL is the decrementing time-in-cash-before-required-refetchng.
hth,
Len
On Thursday, July 31, 2014 12:56 PM, Ray Van Dolson rvandol...@esri.com wrote:
Not BIND-related specifically... (though the
Taking the CNAME line in the response, please notice that the published TTL is
60 seconds. Prefetch does not cause named to ignore TTLs.
hth,
Len
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
Easy fix.. These two records can not coexist:
www.espersunited.com. IN CNAME carter.espersunited.com.
www.espersunited.com. IN A 192.168.0.2
The error message was completely correct in saying:
failed: CNAME and other data
In this particular case, the other data was
not pegging the CPU? I'm aware that there will be a difference
in qps between auth-only and recursive, but the recursive server seems
to be working a lot less hard than the auth server, and I can't figure
out why.
Doug
On 01/12/2014 06:07 PM, Leonard Mills wrote:
Are you allowing long answers
You previously showed your unsuccessful rndc command. It contained:
'type slave; file slaves/zone.local;
Unless you override the defaults, that says:
use the file /var/named/slaves/zone.local.
So it appears that the directory /var/named/slaves was not writable.
Hth,
Len
On
Are you allowing long answers when authoritative? Performance measurements
with and without additional data in responses is measurable (imo around 12%
more network traffic from the replies on auth-only servers).
hth,
Len
On Sunday, January 12, 2014 5:54 PM, Doug Barton do...@dougbarton.us
Not with a CNAME, but you can get what you want with two zone definitions and
one $INCLUDE directive in each zone below the appropriate $ORIGIN statements.
That way will allow all of your, for example, RRs to be the same in each
domain but only be maintained in one entry.
hth,
Len
AIUI, it is not their name servers (which clearly support the records when
secondary), it's their hefty customer UI and their support/helpdesk folks that
would require a non-cheap upgrade.
That said, I have spent most of a decade as a happy customer of register.com,
which was recently Borged
At about Monday, September 16, 2013 6:54 PMDan McDaniel d...@dm3.us wrote:
querying the
failed fedora NS. Then it came back with a not found. My company's
networking group said it's the fault of the bad fedora NS.
If the fedora NS had returned SERVFAIL or if it was not reachable,
your company's
That appears to be a strange desire. If you need such high levels of never
allow a normal retry you might look at using either Prolexic or Akami services
to create a geographically-diverse network topology. Or even a simple 3DNS or
router package at your borders with a few inner-DMZ systems
Sorry for top-post.
Your expectation is incorrect.
zone 0/24.110.252.173.in-addr.arpa
is not the same as
zone 173.252.110.24.in-addr.arpa
hth,
Len
From: sumsum 2000 sum2h...@gmail.com
To: bind-users@lists.isc.org
Sent: Monday, July 8, 2013 11:21 PM
At about Friday, June 28, 2013 10:54 AM Ward, Mike S mw...@ssfcu.org wrote:
Hello all, is there any reason to setup reverse address entries
for a zone?
It very much depends on the reasons for the forward entries.
For example:
Commercial backup software for Microsoft servers require
Hello Alok,
Something may have changed at the name servers for
bvt-rhe63-32s.ipv6domain.com.
Right now, both ns.addpac.co.kr (61.33.161.2) and ns.addpac.com (61.33.161.2)
are returning NXDOMAIN for bvt-rhe63-32s.ipv6domain.com. The IP happily returns
the SOA for ipv6domain.com using either NS
OK, Jeff, would it be possible for you to share the entire non-delivery
notification as seen by one of your customers? (You might have to establish an
account at Y!, gmail, etc. for your customer to use in sending the NDN, in
which case have the customer include the full headers from the NDN
Hi Brian,
I don't understand why you would expect to see errors, when nslint says:
nslint: 0/131072 items used, 0 errors
Zero items used/checked strongly implies zero errors can be detected.
hth,
Len
From: Brian Cuttler br...@wadsworth.org
To:
If your some of your clients are SMTP relays, then ANY is the default lookup
for an MX and is perfectly normal.
Much better from the point of view of the mail servers to do one lookup instead
of several.
Len
From: hugo hugoo hugo...@hotmail.com
To: Vernon
As I understand AUTHORITATIVE trumps anything. For example, from an inside
intranet name server forward the root (.) to somewhere on your edge, sprinkle
in a few internal-only authoritative zones, and enjoy. This is certainly not
the only choice, but it functions pretty well.
Len
Novosielski, Ryan novos...@umdnj.edu wrote on about Friday, April 5,
2013 10:31 PM
$INCLUDE db.example.com
@ IN A 192.168.50.50
It may be obvious, but one needs to be aware that any $ORIGIN
statements in the included file may cause unexpected
Moving registration away from NetSol is documented at
http://www.networksolutions.com/support/preparing-a-domain-name-for-a-transfer-out-of-network-solutions/
If you have a good number of domains, and that number changes frequently, you
might want to consider CSC
Packet dumps at your edge would likely be helpful to your diagnosis.
At your firewall (or other edge appliance) you are seeing successful UDP from a
high port on your system (DNS client) to port 53 on the server and a reply in
the opposite direction. You are not seeing success from an external
From: Rajiv bra...@mercantile.com.np wrote at about Sunday, December 4, 2011
12:24 AM
Subject: bind
...
I am getting below error while updating the new Name server
to IANA.
The NS RR-set returned by the authoritative name server [xxx.xxx.xxx] are not
the
same as the
Actually, they have dozens scattered around the planet
(they happen to have a local headquarters that I've visited),
so there are always support folks working in their local daylight. :-)
Len
From: John D. Vo j...@eagle.net
To: Steve Lancaster
27 matches
Mail list logo