Re: What if the link is failed between master/slave

From: "Blason R" > OK - Got it so is there any settings available at master by which it > will keep on probing slave and as soon it is contacted NOTIFY Message is sent. No. The slave will try every REFRESH interval to see if it can contact the master. Confidentiality Notice: This

Re: What if the link is failed between master/slave

-- William Brown Messaging Team Technology Services, WNYRIC, Erie 1 BOCES (716) 821-7285 "bind-users" wrote on 06/29/2018 12:53:07 PM: > From: "Blason R" > I have bind Master server with me and slave is at other remote > location. My query is since I have opted for PUSH update from master >

Re: BIND Server running but not responding

From: "/dev/rob0" > Your OS denies named the permission to create the UDP socket on which > to listen for queries. > > That means, of course, that you're not able to receive queries. It's > Windows doing this, so you need Windows help. I'm unable to provide > that. Good

Re: Separate DNS slaves as internal and external

From: "G.W. Haywood via bind-users" > On Mon, 19 Mar 2018, King, Harold Clyde wrote: > > > I have DNS slaves for internal and external entities. I don't know > > how to work the NS records so that outside users would only get the > > external slave and internal would

Re: Minimum TTL?

From: "Reindl Harald" > To: bind-users@lists.isc.org > the ISP has no business to touch any package bewteen source and me > because he can't know the implications - he even must not know about > them because it#s not his business And yet they do (Supercookies?), and

Re: SOA settings

From: "Alan Clegg" > Wait... who are you guys??!? Alan, you're the only one I've actually met. Are the rest are all Russian bots? Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only

Re: Domain Not Resolving

Does the lone DNS server even respond on the local network? Do you see DNS traffic flowing to that server? Time for the divide and conquer method of troubleshooting to find where the failure is occurring. Good luck. Confidentiality Notice: This electronic message and any attachments may

Re: Need DNS records help for single server (and IP), and multi-domain mail server.

following set of DNS records for a domain look look appropriate: > > # For each domain X.TLD: > X.TLD. INA 142.54.186.2. > *.X.TLD.IN CNAME X.TLD. > X.TLD. INMX 10 142.54.186.2. > X.TLD. INTXT "

Re: designing the DNS from the scratch

> But you do know the approximate speed of light in a vacuum? ~3 x 10**8 m/s More importantly, what is the speed of light in a fiberoptic connection? Speed of electrons in copper wire? Confidentiality Notice: This electronic message and any attachments may contain confidential or

Re: wildcard not working after record deleted

Can you post a copy of the zone file, changing any server names that absolutely must be obscure? Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the

Re: wildcard not working after record deleted

> Thanks for your answer. There are no other records with that name in the > zone, and an ANY query comes back empty but still with status of > NOERROR. Unfortunately, I can't provide the query and zone data, and I > do understand that prevents you from helping. Not even an SOA record?

Re: make AAAA type the default for dig

Mark Andrews wrote on 06/15/2017 12:02:37 AM: > Other ISP's should try to match Google's level of IPv6 commitment. I'll be they would if they had Google's level of cash flow. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged

Re: Enforce EDNS

From: Matthew Pounsett > I fully support breaking resolution for such servers. I'd rather > have a hard failure on my end that I can investigate, and work > around if necessary, than have my server wasting cycles trying to > guess what sort of broken state there is on the

Re: Need feedback on RPZ service setup

From: Tony Finch > BIND will only send NOTIFY to a zone's advertised name servers - "stealth > slaves" like your consumers have to rely on the SOA refresh timer. Why not use also-notify to specify client servers? Confidentiality Notice: This electronic message and any

Re: Sites that points their A Record to localhost

From: Tony Finch d...@dotat.at ;; ANSWER SECTION: www.p3net.net. 0 IN A 199.101.28.20 That IP address indicates that your ISP is lying to you. It belongs to Skye By Nominum which is a cloud DNS service. I guess this is Skye Search since that sounds like a rent-seeking scheme

Re: Sites that points their A Record to localhost

From: Alan Clegg a...@clegg.com Yes, it seems that they have an A record for that label that provides the IP address 127.0.0.1. You probably want to ask the owner of the zone about this, as I?m not sure what the community can do about it. They have an MX record, so perhaps the domain is

Re: Slowing down bind answers ?

someplace they weren't expecting... wbrown@WBrown:~$ dig +short disney.com 199.181.132.249 Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee

Re: Slowing down bind answers

From: Bob McDonald bmcdonal...@gmail.com Of course, anycast would have solved this issue by allowing one to add/remove a server from a properly configured environment without affecting the clients... Unless the goal is to move all DNS services off that subnet. Our network staff would love

Re: Slowing down bind answers ?

From: Mark Andrews ma...@isc.org After that specify a final date for them to fix their machines by after which you will send NXDOMAIN responses. Sometimes sending a poisoned reponse is the only way to get peoples attention. zone . { type master; file empty; }; empty: @ 0 IN SOA

Re: DNS with several ip adessess

From: Barry S. Finkel bsfin...@att.net One caveat with using virtual servers. Make sure that the DNS server on which the host machine relies is NOT the DNS server that is virtualized on that host. The host machine needs to be up before the VMs residing on that host come up. And you should

Re: R: DNS with several ip adessess

Use views Views +1 When were views added to BIND? We started using using multiple servers in BIND 4, and I don't recall views being available back then, but I didn't configure the servers, just maintained the zones. We're still using multiple servers for internal vs. external

Re: Enabing RRL in bind

From: Gaurav Kansal gaurav.kan...@nic.in In bind 9.9.4, Reponse-Rate Limit doesn?t work until you configure bind with ??enable-rrl? option. I was wondering why is it so ? Why not this feature is enabled by default in bind. I tried to find out the same in ARM but didn?t get any

Re: Enabing RRL in bind

I wrote on 12/30/2013 11:17:58 AM: BIND 9.9.4 provides support for Response Rate Limiting (RRL). However it is not enabled by default when building BIND. The reason for this is that BIND 9.9 is an Extended Support Version of BIND and per our policy on mangement of ESVs, we do not

Re: bad owner name - Unable to add forward map from Nintendo Wii U ... REFUSED

From: David C. Rankin drankina...@suddenlinkmail.com I have bind 9.9.1.P1-2 with dynamic updates from dhcp 4.2.3.2-2. It has worked great, but I've run into a problem with a dreaded kids-present that I suspect is due to the game console attempting to provide a hostname containing

Re: Performance Tuning RHEL 5 and Bind

From: Alan Clegg a...@clegg.com Fix your windows clients. You can't fix stupid. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If

Re: how-to configure BIND or any DNS implementation for cloud infrastructure

From: Odimegwu David odimegwuda...@yahoo.fr Is it possible for one to configure BIND or any DNS implementation for the cloud? I was forced to search for this forum because the exigences of my situation necessitates a cloud. But yet, in a cloud: 1. I cannot be systems administrator, even if,

Re: redirecting root hints to fake internal root server

From: Colin Harvey colinedwardhar...@yahoo.com My environment is firewalled from the real world. For queries on zones to which I'm not master, I want to recurse to a corporate server. nslookup some.internal.hostname.com internal.corporate.server works fine. Setting . to use this

Re: Secondary DNS question...

From: SH Development listacco...@starionline.com No, there is definitely something going on. I shut down our ns2.starionhost.net this morning for a while. Sure enough, emails started bouncing from customers even though our ns1.starionhost.net is up and on the faster machine. What

Re: What happens when one out of three NSs are down?

From: Chris Buxton cli...@buxtonfamily.us In practice, though, your best bet is to find out why that small group of customers are having problems. Are they querying the servers directly? Are they behind the routing problem and can get to the isolated name server and not the other two

Re: BIND Configuration

I don't know how it's done, I'm not a networking guru, but here we have 2 upstream providers and somehow we route out through both, and both can route in to our /16 network. No messing with DNS changes depending on which ISP is having problems, As Clarke's third law states, Any sufficiently

Re: architecture question

From: Jeremy P jpcra...@gmail.com In my experience the students who get it and comprehend the concepts are able to heed the warnings of in real life, we would do this a little different. The students who don't get it are gonna misconfigure regardless of what TLD I tell them to use in the

Re: architecture question

From: b...@bitrate.net on a side note, i would strongly discourage you from using .local in dns. .local is a pseudo tld, reserved for use with mdns. This just came up with a site I support. Thanks to this list and the DNS-OARC list, I know better. Hopefully, I can redirect them to use

Re: Mailing list reply-to setting

From: Steven Carr sjc...@gmail.com Any chance someone can correct the settings on this mailing list to reply to the list by default instead of the user posting the message? Why, Are the settings wrong? I have used and later run lists for years, and supported Listserv(tm) servers for others

Re: ISC Courses

From: rohan.he...@cwjamaica.com Can anyone say why Bind course offering appears so expensive? Is something else included in the package that is not specified? 2-Day Introduction to DNS BIND Training Price: $1,795.00 I took this class about 2 years ago. IIRC, the instructor wasn't just

Re: clients-per-query

From: Dwayne Hottinger dhottin...@harrisonburg.k12.va.us I keep seeing messages in my named.log file that say things like clients-per-query increased to 30, then later it says clients- per-query decreased to a lower number. When this happens, lookups seem to not be working.What is an

Re: clients-per-query

Dwayne Hottinger dhottin...@harrisonburg.k12.va.us wrote on 04/10/2013 10:27:24 AM: Sorry, My spambox grabbed your earlier reply, my apologies.My clients are a mixed enviroment of macs,windows 7/xp, androids, etc. At any one time I'll have over 3000 devices connected to the network.

Re: Simple question about zone and CNAME

Warren Kumari war...@kumari.net wrote on 04/05/2013 06:48:08 PM: And then there's theses folks: http://no-www.org/ Oh wow! Gee, thanks for that? And it's always fun when you tell someone to go to a URL that doesn't include the W's and they want to type them in anyways, ie.

Re: Some Server not Resolving certain address

From: Arie L. Putra ari...@smartfren.com Some of my server reported SERVFAIL, i try some reference on http://www.whatsmydns.net/ and some result fail indeed, but why some of my server still resolve ok? or my other server which resolve the domain actually late to see the invalid record?

Re: Simple question about zone and CNAME

Incidentally, we have just been asked for an A record for cam.ac.uk to duplicate www.cam.ac.uk because, and I quote, all the publicity material sent out by the nominator [for an award for the web site] gave the URL as http://cam.ac.uk/ and this has been retweeted around. Yes, sadly I've

Re: Suspecious DNS traffic

babu dheen wrote on 03/25/2013 12:21:30 PM: Still not convinced because if i need to allow 1024 port from our DNS server to external world(internet).. where is the security? Total security requires total isolation. It is a matter of accepting some risks to perform the needed task. I

Re: BIND roadmap

Shane Kerr sh...@isc.org wrote on 02/28/2013 05:37:26 AM: On Thursday, 2013-02-28 11:19:01 +1100, Mark Andrews ma...@isc.org wrote: ISC has no specific plans to end BIND 9 development. As Mark correctly says: Thanks for the clarification. BIND 10 is still a way off being a

Re: BIND roadmap

Doug wrote on 02/28/2013 12:31:21 PM: You probably want to have some discussions with OS vendors that embed BIND to familiarize yourself with how many people are using ESV versions from that channel. Or even older versions. FWIW, Ubuntu 8.04LTS uses bind 9.4.2. They backport critical

BIND roadmap

Congrats to ISC and everyone that has worked on BIND 10! I am building new name servers and redesigning our infrastructure with an eye towards streamlining, improving security and implementing DNSSEC. I had been testing a few things with BIND 9.9.x. Now that BIND 10 is released, I am

Re: disabling lame server logging

Robert wrote on 02/26/2013 02:23:44 PM: There is a logging category for lame-servers. It's in the ARM. So far 2 reads and I am not getting out of it what to do for selective logging based on return codes. I am going to let it stay for now as I move on to other parts of this project.

Re: BIND master , Windows 2008 stub zone not transferring

From: Sowmya Manjanatha sowmy...@gmail.com Well, I have a stub zone on Windows 2008 server set-up to use two different BIND server as its list of IPs to use as masters. In the DNS manager on Windows, you can always right click on the zone and select Transfer zone from Master. With

Re: Cannot create A record issue

Jsilliman wrote on 02/20/2013 01:44:20 PM: No, I think it's only loaded once, but port 53 is listening on Try ps aux |grep named to prove it. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the

Re: Export / Import all zone data

Daniel wrote on 02/14/2013 02:52:55 PM: Just make the new server a slave of the old one, let it do zone transfers of all of the old zones, then change the config on the new one from slave to master. I wonder if that wasn't done once before which is why the zone files don't appear to be

Re: Slaving from DNS masters behind LVS

Nick wrote on 02/12/2013 10:00:27 PM: We have a pair of DNS servers running BIND behind a direct routing LVS director pair running keepalived. Let's call these two DNS servers A and B, and the VIP V. Several years ago I was lucky enough to take the ISC class on bind. One of my questions

Re: Define an internal zone with only a couple of A records, then forward to an external dns server

Alberto wrote on 01/17/2013 10:09:00 AM: - I want to define in my dns server a zone external_partner.com, which is the domain of our partner who manages it with his dns public server dns.external_partner.com. - I need to define into this zone a couple of servers

Re: Logging

Timothe Litt l...@acm.org wrote on 01/08/2013 08:19:56 AM: What I think would be more useful is if named actually reported the issues to where they'd do some good. Perhaps a DNS extension I got an invalid message from you - so it shows up in the log of the server (and administrator) with

Re: Distribute named.conf

How does Puppet compare to Ansible? http://ansible.cc/ -- William Brown Core Hosted Application Technical Team and Messaging Team Technology Services, WNYRIC, Erie 1 BOCES (716) 821-7285 Confidentiality Notice: This electronic message and any attachments may contain confidential or

Re: Distribute named.conf

Mike wrote on 01/03/2013 02:45:29 PM: Thanks for sharing, first I'd heard of it... I read about it on http://jpmens.net/ http://en.wikipedia.org/wiki/Comparison_of_open_source_configuration_manage ment_software It's there today. I highly advise anyone new to configuraton management to

Re: Can we load balance traf[f]ic for CNAME records?

Manis Rane wrote on 12/14/2012 02:12:59 PM: That is true by default rrset-order is cyclic I believe. And even if it replies randomly I guess we will have to NAT the traffic on firewall for particular IPs Your original post made me believe you are running Windows CAS servers. Why not use

Re: Bind not forwarding all requests

Romgo wrote on 12/10/2012 06:36:10 AM: I had 2 old zone with forwarders configured, the forwarders was down. One equipment was still using one of this zone, so bind wasn't able to contact the forwarders and fall back to root zone. I don't really why it try the root zone but since I delete

Re: SPF records in reverse zones?

Dan Mahoney wrote on 12/05/2012 06:52:43 PM: I can't even imagine what spamfilters would think of such an address. :) To quotes some annoying TV ads here in the US: REJECTED! Confidentiality Notice: This electronic message and any attachments may contain confidential or

Re: SPF records in reverse zones?

Karl Auer wrote on 12/05/2012 06:44:01 PM: This may be a silly question, but are SPF records supposed to be supported in reverse zones? I'm thinking of a mail server that has no entry in the DNS. THe SPF query is looking for the sender's domain, not the sender's server, so the record would

Re: OT - Dns test Q/A

I don't have any source of a a DNS exam, but since you seem to be expecting a limited set of skills, how about a few questions of the sort What is an A record? What is an MX record? What does the SOA record contain What does the serial number control Think about what they will be working

Re: Performance tuning

Adamiec, Lawrence ladam...@kentlaw.iit.edu wrote on 11/26/2012 01:12:48 PM: To the best of my knowledge, there are no problems with our DNS. We only host 25 domains. The report must also address these two specific questions: 1. Why does www.kentlaw.iit.edu load quicker than

Delegations

I have a zone file for example.org that has entries for a subdomain l2.example.org like this: vpn.l2 IN A10.1.2.3 Now they want to add a subdomain below l2, ie. ad.l2.eboces.org with hosts such as dc.ad.l2.eboces.org In the zone file for example.org, I can add NS and glue

Re: Delegations

Phil wrote on 10/31/2012 02:15:16 PM: You terminology is a bit confusing here. subdomain is imprecise. Sorry, I meant it as a piece of the FQDN. Specify what *zones* you want, and where you want the delegations, and it should be easy to see what will work and not. Yes, if I've

Re: Glue from Root Servers returns wrong A record, why?

ponga2...@gmail.com wrote on 09/10/2012 03:11:30 PM: SOA points correctly to the DNS provider (zoneedit).. there is no mention of that 216 address anywhere in the registrar :( Is the information below correct? wbrown@wbrown-D630:~$ whois intaq.com Whois Server Version 2.0 Domain names

Re: ho to filter hundeds of domains ?

Russell Jones wrote on 08/30/2012 09:39:17 AM: Normal web filtering software that auto updates is a better approach. Using Bind with a manual list of domains to try to achieve this is like trying to kill an ant hill 1 ant at a time There are several sources of RPZ data such as Spamhaus and

Re: ho to filter hundeds of domains ?

Russell Jones russ...@jonesmail.me wrote on 08/30/2012 10:28:07 AM: Oh I know, I use spamhaus myself for spam filtering - catches a ridiculous amount of spam. It is my understanding though the OP wants to filter domains for NSFW web browsing, not spam - specifically gambling sites.

Re: Typical Bind slave failure scenario - What happens and when?

Russell Jones russ...@jonesmail.me wrote on 08/27/2012 06:39:31 PM: Is there any documentation outlining what will actually occur, and when, with a slave server when it cannot contact a zone's master for updates? The authoritative documentation is the Bind Administrators Reference Manual

Re: What can cause excessive amount of _dns-sd queries?

Elvind wrote on 08/23/2012 09:18:06 AM: Yeah, now I'm just wondering which OS / application / malware / whatever could be responsible for this :) Someone trying to use ZeroCOnf: http://zeroconf.org I believe Macs come configured to use it by default, Linux and Windows can be configured to

Re: 2 dns records for same server

Dwayne wrote on 08/19/2012 07:37:39 PM: My hosts get the ip's of all 3 dns servers when they recieve dhcp information. I think this is the issue. The internal clients should only point to the internal DNS server. They should never be querying the DNS that returns the public IP addresses

RE: 2 dns records for same server

Lightner, Jeff jlight...@water.com wrote on 08/20/2012 08:56:56 AM: That is to say don't put the external servers in /etc/resolv.conf on your clients - only put the internal one there. (Or the Windows equivalent setup should only see your internal DNS server.) Or push via DHCP as in this

Re: SRV query with no domain?

(domain changed to example.org): wbrown@wbrown-D630:~$ host -t srv _sip._tcp _sip._tcp.example.org has SRV record 0 0 5060 tandberg-vcse.example.org. wbrown@wbrown-D630:~$ host -t srv _sip._tcp.example.org _sip._tcp.example.org has SRV record 0 0 5060 tandberg-vcse.example.org. Dig fails on same query

Re: Can't receive emails from another machine

Stayvoid wrote on 07/30/2012 08:22:30 PM: I'm using Postfix. I can send / receive emails from / to localhost via telnet. [1] But I can't receive emails from another machine. I guess that there are three variants: 1. Postfix doesn't work properly; 2. Bind doesn't work properly; 3.

Re: Journal File Question

Chris wrote on 07/25/2012 09:04:49 AM: Is it possible to restore a zone file from its associated journal file? No. The journal file only records updates to the zone. At best you would only recover the changes since last commit to the zone file. The docs seem to indicate that a restart of

Re: Journal File Question

Chris Buxton chris.p.bux...@gmail.com wrote on 07/25/2012 12:07:22 PM: It doesn't sync the files to make two equal copies. It applies all of the outstanding transactions in the journal file to the zone file and then empties the journal. I don't believe that is entirely correct. The

Re: Basic scope question

Gary wrote on 07/10/2012 11:27:24 AM: If I have domain-name-servers configured globally and a different set configured on a subnet DHCP pool, which takes precedence for the client? My understanding is the more specific, or the subnet DHCP pool, but could someone please confirm? Thanks.

Re: bind dies with assertion failure

Oscar Ricardo Silva wrote on 07/02/2012 06:40:51 PM: The reason I'm running is that we're currently running the stock version of BIND available with RHEL6. It's their policy to backport patches and if there's a patch available then they may apply it faster rather than deploying a new

Re: RPM [was: Re: bind dies with assertion failure]

Jan-Piet wrote on 07/03/2012 10:41:20 AM: Building BIND is easy; turning it into an installable RPM not so. I highly recommend fpm [1] which makes building an RPM trivial. :) Any advice or tricks for making a DEB for Ubuntu? So far my plan was to copy the source directory to each server and

Re: Moving DNS out of non-cooperative provider

Did you update your whois information to point to the name servers at NEWprovider.net? After this change is made and any cached data expires, the world will query them (NEWProvider), with the exception of anyone that uses name servers at OLDprovider.net who still thinks they are authoritative

Re: limiting number of requests of a single hosts

bind-users-bounces+wbrown=e1b@lists.isc.org wrote on 06/15/2012 04:25:16 AM: We have a problem with one of our firewalls caused by DNS peaks. Once or twice a day a DNS burst (20K requests/15sec) kills all connections on the firewall. The firewall is due for replacement but in the mean

Re: random-device purpose in DNSSEC

Warren wrote on 05/10/2012 04:14:01 PM: Multiple options: 1: install haveged (http://www.irisa.fr/caps/projects/hipsor/) -- this will provide you with much randomness [0]. 2: buy a USB entropy widget (for example: http://www.entropykey.co.uk/) 3: See if there is a driver for your TPM --

Re: DNSSEC

Jan-Piet wrote on 05/11/2012 02:17:53 AM: Indeed, which brings on the question why BIND (still) doesn't have the a negative trust anchor feature. So how do we implement one? Create a separate caching server with DNSSEC validation turned off and forward all queries for the broken domain to

Re: Secondary Master

John wrote on 05/11/2012 11:05:58 AM: I found this article about setting up a secondary master. This may be useful as we are bringing up a disaster recovery site. The author explains that the zone type should be ?slave?? so it can receive db updates from the normal master. Seems like that

Re: Hi;

William Thierry wrote on 05/10/2012 08:02:57 AM: i'm trying to have a TTL of a zone just by typing a command, but i can't seen which command line i can used to have the solution. Can someone have an idea? is it possible to found that? PS: The zone file is not created by me. For example,

Re: DNSSEC

Warren wrote on 05/10/2012 11:50:30 AM: Nope -- Comcast does a large amount of checking before turning off validation for a failing domain. This is (IMO) more secure than the alternative, which is to simply leave it failing, and have users move to a non-validatiing resolver instead? Does

Question about KSK

We are authoritative for a few dozen small zones. Is it possible to use the same KSK for all of them? I can see where if it gets compromised we would need to resign all zones using the KSK at once. How much effort would I be saving sharing the KSK? I'm sure there are plenty of other good

Re: Question about KSK

Jan-Piet wrote on 04/27/2012 10:22:39 AM: When the shared KSK needed to be rolled over, you would have to process DS records in the parents of your few dozen zones all at the same time. *If* you want to roll the KSK, a.k.a. when did you last roll your SSH keys? :-) Correct. I was

Re: generate a set of request DNSsec

William wrote on 04/18/2012 05:45:21 AM: I'm faced with a big problem, How can i generate a log file for my test? it's a big problem for me, i'm working on Bind 9.8.1-P1 and i'm using dnsperf to inject requests on my servers. Did you have an idea? thank you for your help. What do you want

Re: How to reset the serial number?

-- William Brown Messaging and Core Hosted Application Technical Teams Technology Services, WNYRIC, Erie 1 BOCES (716) 821-7285 Chuck Swiger wrote on 03/26/2012 02:35:24 PM: Shut down the slave server(s). Use scp or rsync to copy over the zone file, one with a corrected serial #. Restart

Re: external view recursion issue

Who will be using this in-house DNS server? Your local users? If yes, then you will need to enable recursion so they can look up outside resources (google.com, etc.) If this server will strictly be an authoritative server for your domain, then it won't need recursion but queries that return

Re: external view recursion issue

Put record.ourdomain.com as a CNAME in both your internal and external views. Internal user will query internal view and get CNAME record to record.client.otherdomain.com. Your recursive name server will look up record.client.otherdomain.com and get the CNAME record to

Re: dig -t txt output variation

sun-guru wrote on 03/09/2012 01:45:33 PM: Is this a BIND bug? Check ARM for RRSet Ordering. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the

Re: dig -t txt output variation

Alan wrote on 03/09/2012 02:38:25 PM: Don't base anything on RRset ordering. Be sure that the application is able to handle the random order -- you never know who owns the intermediate caching servers, so you will never know the order even if you fix it on the authoritative. That prompted

RE: Configuring a domain slave to look up subdomain hosts

Why not set up the zone with its own forward statement like this: zone subdomain.example.com { type forward; forwarders { 10.172.2.50; 10.172.2.51; }; forward only; }; -- bind-users-bounces+wbrown=e1b@lists.isc.org wrote on 02/28/2012 01:04:46 PM: I am simply

RE: Configuring a domain slave to look up subdomain hosts

Perhaps this article from the ISC knowledge base will help: https://kb.isc.org/article/AA-00302/47/I-want-to-forward-all-DNS-queries-from-my-caching-nameserver-to-another-server-but-configure-exceptions-for-some-domains-how.html Confidentiality Notice: This electronic message and any

Adding DS record to parent

Does anyone know how to register a DS record for domains registered through Network Solutions? I submitted a query through their website and got this response below. I find the copyright on the canned response an amusing touch. I called the number shown, and fought my way though a tangle of

Re: dnsmasq+named together (was: Re: Forward Domain)

rob0 wrote on 01/19/2012 04:05:26 PM: ... server=127.0.0.1#1053 # to use nameserver 127.0.0.1 in resolv.conf(5) no-resolv ... listen-on port 1053 { 127.0.0.1; }; Are both of these listening on port 1053? That ain't gonna work. Put one of them back on 53 or on some other port

RE: DNSSEC made simple, is this possible?

is on them. Perhaps other distros/flavors of *nix handle new versions differently. bind-users-bounces+wbrown=e1b@lists.isc.org wrote on 01/11/2012 11:50:01 AM: Now if FreeBSD would just add 9.9 to the ports collection, it would save me from having to build it by hand.. Confidentiality

Re: About root zones

micho...@cisco.com wrote on 01/03/2012 04:54:51 PM: Maybe it's because I started in networking... But TCP/IP (or IPv6 these days) is quite the subsystem to avoid. Really, like it or not, you are actually responsible for understanding interactions with subsystems your managed system must

Re: bind as a service on windows -c option not working

How to tell the named running as a service to read the config file from the path specified with -c option? Try changing path to executable by moving quote: D:\bind9\bin\named.exe -c D:\bind_config\etc\named.conf Confidentiality Notice: This electronic message and any attachments may

Re: bind as a service on windows -c option not working

No luck: The following information is part of the event: none:0: open: C:\WINDOWS\system32\etc\named.conf: file not found So why not put the configuration file there. Then use the directory option to direct BIND to look for all the zone files on the D: drive. options { directory

Re: bind as a service on windows -c option not working

This is not the answer I am looking. If the parameter exists, it's must working. Have you tried issuing the command from a command prompt? Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the

Re: Botnet Malware issue on bind BIND 9.7.1-P2

jagan padhi wrote on 12/05/2011 12:16:19 PM: First of all i would like to know what all these .ws domians.due to this junk domain query CDNS servers load are getting very high. Yes There is a limit set in my CDND server,however out of 100 query 60 queries are coming for these junk

RE: Bind 9.9.0b2 inline signing...

Todd wrote on 11/24/2011 11:29:14 AM: I don't understand why Windows doesn't include dig by default, even now. Free software hate? And grep and logrotate! At least the GnuWin32 project has a good version of grep. Confidentiality Notice: This electronic message and any attachments may

  1   2   >