On 7 Oct 2014 22:35, "Alan Clegg" wrote:
>
> On 10/7/2014 2:03 PM, Terry Burton wrote:
>>
>> On 7 Oct 2014 18:42, "Alan Clegg" > <mailto:a...@clegg.com>> wrote:
>> >
>> > On 10/7/2014 9:49 AM, Terry Burton wrote:
>>
On 7 Oct 2014 21:44, "Doug Barton" wrote:
>
> On 10/7/14 11:03 AM, Terry Burton wrote:
>
>> With inline signing you have a hidden serial number in the unsigned zone
>> and an exposed serial number in the signed versions which your slaves
>> track. After
On 7 Oct 2014 18:42, "Alan Clegg" wrote:
>
> On 10/7/2014 9:49 AM, Terry Burton wrote:
> > This is especially useful in bootstrapping scenarios where the zone
> > data is held under strict revision control or generated by some
> > provisioning system that "
e
unsigned zone files.
This is especially useful in bootstrapping scenarios where the zone
data is held under strict revision control or generated by some
provisioning system that "owns" the serial number.
Am I on my own with this or would others find this usef
On 14 February 2014 12:01, Tony Finch wrote:
> Terry Burton wrote:
>> Is the following expected or is it a bug?
>
> It is correct. See RFC 4592 for the full explanation of how wildcards work.
For sake of Google...
RFC 4592 3.3.1 defines "The closest encloser is the node i
Hi,
Is the following expected or is it a bug?
All the best,
Terry
; This wildcard allows the lookup of "test.domain A":
;
*.domain IN A 1.2.3.4
;
; This TLSA record breaks the lookup of "test.domain A":
;
_443._tcp.test.dom
alive nameserver so your doman
names will be resolved without much problem.
--
terry - te...@geekmail.de
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
于 2011-4-12 11:55, Parashar Singh 写道:
* IN NS ns1.GLB.com <http://ns1.GLB.com>
but it's not working. Can anyone suggest, how to configure this in bind?
I was thinking you need a forward zone rather than the wild.
--
terry - te...@
BIND master sends the notify message with TCP or UDP protocal?
Thanks.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hello,
I have only one nameserver for a domain.
Can I set the second nameserver for this domain to a public dns cache?
for example:
abc.com. IN NS ns1.abc.com.
abc.com. IN NS ns2.abc.com.
ns2.abc.com. IN A 8.8.8.8 # 8.8.8.8 is google's public dns server
Since DNS cache does a rec-re
How will "rndc status" take something good for you?
2011/3/20 babu dheen
> Hi,
>
> Can anyone let me know is there any open source software available to
> generate report for DNS service based on DNS BIND query logs.
>
> We have BIND DNS running RHEL 5.0. Would like to generate report based on
2011/3/20 Evan Hunt :
>> My BIND has been using dynamic updates for zone update.
>> My question is, how to force to flush updated data from the *.jnl
>> files to zone files?
>> I know restarting bind can do that, but is there another better way?
>
> "rndc freeze " will do that. Run "rndc thaw" aft
Hello,
My BIND has been using dynamic updates for zone update.
My question is, how to force to flush updated data from the *.jnl
files to zone files?
I know restarting bind can do that, but is there another better way?
Thanks.
Regards.
___
bind-users m
Hello,
How do I know that my name servers, ns1.dnsbed.com and
ns2.dnsbed.com, have been registered in ICANN?
Thanks.
--
www.DNSbed.com
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
2011/3/5 Mark Andrews :
>> So why does ns33.domaincontrol.com answer with ANSWER SECTION rather
>> than AUTHORITY SECTION?
>
> If you ask with rd=0 (+norec), which is what nameservers do, you
> get the referral. Presumably ns33.domaincontrol.com is running
> BIND 8 which didn't fully comply the R
2011/3/5 Chris Buxton :
>
> On Mar 4, 2011, at 8:46 AM, John Wobus wrote:
>
>> Hi,
>>
>> Can a zone file a slave in one view and the same zone file
>> be served by another view?
>
> You can do this for static master zones, but it's not a good idea for slaves.
>
> Depending on the use case for your
>
> But in this case, you're asking the authotrative server. Authorative server
> answers in answer section, as it knows the answer. Authorative section is
> for 'I don't know, ask ...'
> The rule above goes for servers which are not authorative for a given zone.
> Torinthiel
>
2011/3/4 Mark Andrews :
>
> In message ,
> terr
> y writes:
>> Hello,
>>
>> When I delegate a subdomain in a zone example.com, the config in
>> named.conf is like:
>>
>> test.example.com. 3600 IN NS ns1.another.com.
>> test.example.com. 3600 IN NS ns2.another.com.
>>
>> Then I dig to the aut
Hello,
When I delegate a subdomain in a zone example.com, the config in
named.conf is like:
test.example.com. 3600 IN NS ns1.another.com.
test.example.com. 3600 IN NS ns2.another.com.
Then I dig to the auth-server of the example zone:
dig test.example.com ns @ns1.example.com
I found some
>
> +short instructs dig to only write extract of ANSWER section. your reply
> is in authorative section.
> Torinthiel
>
>
Thanks. That's right.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
server1:/var/cache/bind# dig ox.test.nsbeta.info ns @localhost +short
# got nothing here
server1:/var/cache/bind# dig ox.test.nsbeta.info ns @localhost
; <<>> DiG 9.6-ESV-R3 <<>> ox.test.nsbeta.info ns @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOER
I was thinking this is most likely the network problem, so you'd better
setup a good network with redundancy and high availability.
2011/2/23 babu dheen
>
> is there any option in BIND to give priority to HOST file before connecting
> it to internet ISP or local zone?
>
>
--
Free SmartDNS Hosti
Hello,
Given I have these MX records:
example.com.3600IN MX 10 m1.example.com.
example.com.3600IN MX 10 m2.example.com.
example.com.3600IN MX 20 m3.example.com.
My question is, when m1.example.com is failed to communicate with
urrent versions of BIND (probably stretching back to somewhere in the
> 8.2 series) will disregard it and resolve it separately.
>
> Chris Buxton
> BlueCat Networks
>
>
> On 2/21/11, Terry. wrote:
>> Hello,
>>
>> Please see the dig info below. ns1.dns-diy.com
Hello,
Please see the dig info below. ns1.dns-diy.com is the auth-server of
duowan.com domain.
My question is, when ns1.dns-diy.com answer with a CNAME for
"udb.duowan.com", and the answer also include an A RR for that alias,
how will the public DNS cache servers handle this answer?
Will the DNS c
2011/2/15 donovan jeffrey j :
>
> On Feb 14, 2011, at 8:31 PM, Terry. wrote:
>
>> check your configure especially for:
>>
>> * notify/ also-notify/ allow-notify
>> * allow-transfer
>> * does slave named have the permittion to write to data dir?
>
2011/2/15 Mark Andrews :
>
> 9.7.3
>
> * BIND now builds with threads disabled in versions of NetBSD earlier
> than 5.0 and with pthreads enabled by default in NetBSD versions
> 5.0 and higher. Also removes support for unproven-pthreads,
> mit-pthreads and ptl2. [RT #19203]
L
check your configure especially for:
* notify/ also-notify/ allow-notify
* allow-transfer
* does slave named have the permittion to write to data dir?
Regards.
2011/2/15 donovan jeffrey j :
> Greetings
>
> I have a new slave server. I edited my master, incremented the serial number
> and reload
Hello gurus,
Thanks firstly since I have got many helps from the list before.
Now I'm designing a open DNS service, say I have three views as below:
view "uni" {
match-clients {
key "unikey";
UNI;
};
allow-update {key "unikey";};
zone "test.nsbeta.info"
2011/2/13 Walter Alejandro Iglesias :
> Hello,
>
> I read bind howto, several tutorials, mailing lists. After
> two months trying to get this working without success I must
> bother you.
>
> I am running a Slackware in a vps server, it provides me two
> IPs (I can ask for more if needed).
>
> I ha
2011/2/12 Matus UHLAR - fantomas :
> Hello,
>
> Is it possible to add additional zones as empty?
depends on what is "empty".
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
2011/2/11 Joshua Frugé :
> running bind 9.6.3 installed from ports on Freebsd 7.3 (amd64)
>
> Getting this error in my local log
>
> 10-Feb-2011 21:12:13.711 general: rbtdb.c:1506: INSIST(((unsigned
> int)((&(node)->references)->refs)) == 0 && node->data == ((void *)0)) failed
>
could you try to c
2011/2/9 Torinthiel :
> Or, if you need to be able to modify records from both servers than maybe
> multi-master with rsync'ing to the other server will work?
Mysql Active-Active replication could do that easily.
AFAIK, mysql backend BIND doesn't have the feature "notify", so
database replication
2011/2/8 Matus UHLAR - fantomas :
> On 08.02.11 17:40, Terry. wrote:
>> Can BIND's "file" command referer to more than one zone file?
>> For example,
>>
>> zone "test.nsbeta.info" {
>> type master;
>>
ist archive:
https://lists.isc.org/pipermail/bind-users/2008-April/069884.html
Terry.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hi list,
Can BIND's "file" command referer to more than one zone file?
For example,
zone "test.nsbeta.info" {
type master;
file "a.db";
file "b.db";
};
When a record doesn't exist in a.db, BIND will continue to look for it in b.db.
Thanks.
__
Byung-Hee HWANG wrote:
Terry writes:
Hi I have setup exim to sign my emails as per documentation here
http://wiki.exim.org/DomainKeys
The mails are getting domainkeys=pass (ok); from=bluelight.org.uk;
from yahoo
so that bit is ok.
But I am failing the policy test here
http
41Hys3tMWYktahv+pksDZ0CAwEAAQ=="
une dkimproxy
work fine in my box centos 5.3
Le samedi 20 juin 2009 à 15:12 +0100, Terry a écrit :
Thanks for your assistance I now have what you have
_domainkey.bluelight.org.uk. IN TXT "t=y; o=-;"
bluelight._domainkey.bluelight.o
swilting wrote:
Le samedi 20 juin 2009 à 14:45 +0100, Terry a écrit :
Hi I have setup exim to sign my emails as per documentation here
http://wiki.exim.org/DomainKeys
The mails are getting domainkeys=pass (ok); from=bluelight.org.uk; from
yahoo
so that bit is ok.
But I am failing the
this in my zone file. Any advice or pointers welcome
_domainkey.bluelight.org.uk. IN TXT "k=rsa; t=y; o=-;"
myselector._domainkey.bluelight.org.uk. IN TXT "k=rsa; t=y;
p=MHwwDQYJKoZIhvcNAQEBBQADawAw
Thanks
Terry
___
bind-use
On Fri, Apr 24, 2009 at 12:11 PM, Jeremy C. Reed wrote:
> On Fri, 24 Apr 2009, Terry wrote:
>
>> I am a bit confused about what exactly applying a key to the servers
>> part of the config does:
>>
>> server 10.25.1.11 {
>> keys {
&g
Hello,
I am a bit confused about what exactly applying a key to the servers
part of the config does:
server 10.25.1.11 {
keys {
omajelns01.omajelns02;
};
};
key omajelns01.omajelns02 {
algorithm hmac-md5;
secret "asdfasdfasdfasdfasdf
Hello,
I am trying to get bind in to replace a simpledns implementation due
to the "viewing" capability with bind. However, we also have a need
to be able to give our customers access to modify zones that they own.
I only see one that comes close to allowing this named "DNS Control"
or "RocketCo
internal or customer views) and the server
answered queries for the zones it hosted regardless of whether it was set
to "allow-query { internal; customer; };" or "allow-query { any; };".
Terry Kennedy http://www.tmk.com
te...@tmk.com New York, NY USA
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
niall.orei...@ucd.ie wrote:
> On Thu, 2009-03-26 at 19:46 -0400, terry+bindus...@tmk.com wrote:
> > Importantly, neither the masters nor ns1/2/3 have different zone data in
> > different views - the answers are always the same.
>
> If you don't have different z
{ any; };
recursion no;
additional-from-auth no;
additional-from-cache no;
// Root hints
//
zone "." {
type hint;
file "named.root";
};
// Cu
46 matches
Mail list logo
