rams wrote:
>
> On the CAA record iodef filed, do we force this to be unique or can it
> match a CNAME?
The specification says the iodef field contains a URL so normal URL
resolution applies.
https://tools.ietf.org/html/rfc8659#section-4.4
Questions about CNAMEs are at the wrong layer. HTTP
Hi
On the CAA record iodef filed, do we force this to be unique or can it
match a CNAME?
Thanks,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
will issue a security
> patch even though we are no longer issuing regular maintenance on that
> branch. So, effectively there is a quarter, 3 months, of overlap.
>
> Thanks for the clarification, Vicky. It sounds like ISC and I have
different definitions of "no longer sup
> On Apr 26, 2018, at 5:53 AM, Matthew Pounsett <m...@conundrum.com> wrote:
>
> This is a question for ISC about the new BIND release plan which I thought
> might be a useful clarification for others as well.
>
> I didn't notice this when the new plan was
This is a question for ISC about the new BIND release plan which I thought
might be a useful clarification for others as well.
I didn't notice this when the new plan was first presented in March, but
the key text in the legend of the Example Release Plan[0] for the red
blocks is "a re
.
- Kevin
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
Nicholas Miller
Sent: Friday, March 23, 2018 4:16 PM
To: bind-users@lists.isc.org
Subject: Re: GSS-TSIG update-policy clarification
Thats well and good for an organization that controls
e
>>> (host/machine@REALM).
>>>
>>>> On 23 Mar 2018, at 2:50 am, Nicholas Miller <nicholas.mil...@colorado.edu>
>>>> wrote:
>>>>
>>>> With the latest update to bind our named.conf started reporting errors. I
>>
...@colorado.edu>
>>> wrote:
>>>
>>> With the latest update to bind our named.conf started reporting errors. I
>>> have figured it out but wanted to get clarification about the syntax.
>>>
>>> We had been using:
>>>
>>>
ado.edu>
>> wrote:
>>
>> With the latest update to bind our named.conf started reporting errors. I
>> have figured it out but wanted to get clarification about the syntax.
>>
>> We had been using:
>>
>> deny DOMAIN.EDU krb5-subdomain DOM
ng errors. I
> have figured it out but wanted to get clarification about the syntax.
>
> We had been using:
>
> deny DOMAIN.EDU krb5-subdomain DOMAIN.EDU CNAME MX SRV TXT;
>
> We are now using:
>
> deny DOMAIN.EDU krb5-subdomain . CNAME MX SRV TXT;
>
>
With the latest update to bind our named.conf started reporting errors. I have
figured it out but wanted to get clarification about the syntax.
We had been using:
deny DOMAIN.EDU krb5-subdomain DOMAIN.EDU CNAME MX SRV TXT;
We are now using:
deny DOMAIN.EDU krb5-subdomain
Veaceslav Revutchi wrote:
> I see the server forwarding the query and it gets the answer below:
>
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> ;;
> ;; ANSWER SECTION:
> aaa.example.org. 200 IN CNAME bbb.example.net.
> bbb.example.net. 60 IN
Hi, I have a statement in my recursive resolver (rr-server) similar to this:
zone "example.org" { type forward; forward only; forwarders {
10.64.1.1; 10.64.1.2; } ; };
When clients ask for "aaa.example.org" I would expect it to send the
same query to one of the IPs above and return the answer to
Should I install bind 9.9.0 first and then update to bind 9.9.1 then update to
bind 9.9.2?
This excerpt from the README file is a little confusing:
BIND 9.9.2
BIND 9.9.2 is a maintenance release and patches the security
flaw described in CVE-2012-4244.
BIND 9.9.1
BIND
You can install 9.9.2 directly.
Doug
On 11/01/2012 01:30 PM, Manson, John wrote:
Should I install bind 9.9.0 first and then update to bind 9.9.1 then
update to bind 9.9.2?
This excerpt from the README file is a little confusing:
BIND 9.9.2
BIND 9.9.2 is a maintenance release
Just spent a bit of time on missing a subtle rndc issue with Bind 9.9.1's
control block -- either I'm missing a better way to do this, or perhaps
bind should more appropriately issue a warning or fail to load instead of
silently accepted my bad control block.
I did RTFM, and until I'd spent a
Hi,
I have NS record points a record [A/] which is falls into wildcard .
But when I query for NS record against bind, we are not getting these
records as glue records.
ex:
*.a.example.com A 1.1.1.1
example.com. NS abc.a.example.com.
Querying example.com with any or ns.
don't we get glue
Hi Ramesh,
When you query for rd1.ramesh40finalround.com. then you will get answer for
all records but it will show minimum TTL value.
-Ashok
On Tue, May 15, 2012 at 3:00 PM, rams brames...@gmail.com wrote:
Hi ,
I have a setup as follows:
rd1.ramesh40finalround.com. 98400 INA
rd1.ramesh40finalround.com. 98400 INA 11.11.11.11
rd1.ramesh40finalround.com. 96400 INA 12.12.12.12
rd1.ramesh40finalround.com. 99 IN A 13.13.13.13
rd1.ramesh40finalround.com. 1 INA 14.14.14.14
RFC 2181, section 5.2 specifies:
the use of
You should NOT get A records. Wildcard works only for hostnames
that have NO records of ANY type.
From wikipedia:
To quote RFC 1912, A common mistake is thinking that a wildcard
MX for a zone will apply to all hosts in the zone. A wildcard MX will
apply only to names in the zone which aren't
In article mailman.797.1337090936.63724.bind-us...@lists.isc.org,
Alexander Gurvitz a...@net-me.net wrote:
You should NOT get A records. Wildcard works only for hostnames
that have NO records of ANY type.
Excuse me while I delirk, but this is interesting. Is a name on the RHS
of an RR
Sam Wilson sam.wil...@ed.ac.uk wrote:
Is a name on the RHS of an RR regarded as existing enough to prevent
wildcard lookup?
No, only RR owner names.
In this I would have expected the NS lookup to be followed by an A
lookup for abc.a.example.com which would match the wildcard, assuming no
In article mailman.800.1337093642.63724.bind-us...@lists.isc.org,
Tony Finch d...@dotat.at wrote:
Sam Wilson sam.wil...@ed.ac.uk wrote:
Is a name on the RHS of an RR regarded as existing enough to prevent
wildcard lookup?
No, only RR owner names.
In this I would have expected the
Sam Wilson sam.wil...@ed.ac.uk wrote:
Not I - another poster.
Sorry!
Tony.
--
f.anthony.n.finch d...@dotat.at http://dotat.at/
Forties, Cromarty, Forth, Tyne, Dogger: Northwest 5 to 7, occasionally 4 in
Forth and Tyne. Moderate or rough, occasionally very rough in Forties and
Dogger.
At 07:08 15-05-2012, Alexander Gurvitz wrote:
From wikipedia:
To quote RFC 1912, A common mistake is thinking that a wildcard
Using Wikipedia to quote RFC 1912 is odd ...
Regards,
-sm
___
Please visit
http://www.ietf.org/rfc/rfc4343.txt
Some resolvers use 0x20 tricks to encode additional entropy into queries.
This works by randomly adding 0x20 to characters in the qname and then making
sure they are the same when they come back (e.g: example.com - eXAmpLe.coM)...
W
On Apr 10, 2012, at
On Tue, Apr 10, 2012 at 2:56 AM, rams brames...@gmail.com wrote:
Hi,
When i queried domain with capital letters , In answer section domain name
is displaying small letters. Is it expected? any RFC for this?
dig @localhost D.ashwintrail.com
; DiG 9.2.4 @localhost D.ashwintrail.com
; (1
In message CANYqYkMfOGp30KgS4_X=bw2qzBOwencNJ5706VKvfu9o+=s...@mail.gmail.com
, rams writes:
Hi,
When I queried a domain with type DNSKEY, I am getting only ANSWER section
and not returned Authority section. Is it expected?
Yes.
It would be helpful if you give the RFC number for reference .
On 17.08.11 14:31, Morgan Toal wrote:
I would like to clarify something. I have 14 locations each using a
private class c address, and a single dns server which I have just
moved from bind8 to bind9.
I am getting a lot of these:
Aug 17 13:33:13 mail2 named[18610]: client 192.168.16.3#55546:
Hi bind-users,
I would like to clarify something. I have 14 locations each using a
private class c address, and a single dns server which I have just moved
from bind8 to bind9.
I am getting a lot of these:
Aug 17 13:33:13 mail2 named[18610]: client 192.168.16.3#55546: RFC 1918
response
Hi,
I have zone as follows in bind.
$ORIGIN joshfeb1.com.
@ IN SOA rboddeti.yahoo.com. rboddeti.gmail.com. (
2011013101 ; serial
10800 ; refresh
3600 ; retry
2592000 ;
In message AANLkTi=mms6aghguqyt1pmllyqfz2zp0su6yqwqmx...@mail.gmail.com, rams
w
rites:
Hi,
I have zone as follows in bind.
$ORIGIN joshfeb1.com.
@ IN SOA rboddeti.yahoo.com. rboddeti.gmail.com. (
2011013101 ; serial
10800 ;
Hi Mark,
Thank You for quick clarify. I have included trailing dot and restart bind.
Now when i queired for domain www.joshfeb1.com with type A, I am getting
NOERROR and NOANSWER.
[root@ zones]# dig www.joshfeb1.com. A
; DiG 9.6.1-P3 www.joshfeb1.com. A
; (1 server found)
;; global options:
I must admit, I'm kinda confused by what you are actually trying to achieve
?A foo.joshfeb1.com. should be getting returning 1.1.1.1
?A www.joshfeb1.com. should be returning noerror / nodata because:
1: There is a record at www.joshfeb1.com (so it's not NXDOMAIN), but
2: the record is not an
Hi,
I have zone as follows in bind.
$ORIGIN joshfeb1.com.
@ IN SOA rboddeti.yahoo.com. rboddeti.gmail.com. (
2011013101 ; serial
10800 ; refresh
3600 ; retry
2592000 ; expire
In message AANLkTin+PmzXYUVbCVX3D=Mh1S75ddpMwhjuE9r5zk2=@mail.gmail.com, rams
w
rites:
Hi,
I have zone as follows in bind.
$ORIGIN joshfeb1.com.
@ IN SOA rboddeti.yahoo.com. rboddeti.gmail.com. (
2011013101 ; serial
10800 ; refresh
In article mailman.1454.1295874574.555.bind-us...@lists.isc.org,
Matus UHLAR - fantomas uh...@fantomas.sk wrote:
On 24.01.11 17:13, rams wrote:
y resolver is returning multiple CNAMEs for same hostname. But I believe
CNAME should not return same hostname with multiple values.
correct.
y resolver is returning multiple CNAMEs for same hostname. But I believe
CNAME should not return same hostname with multiple values.
Ex: Configured GEOIP records as follows:
ramesh.com CNAME a.ramesh.com.
ramesh.com CNAME az.ramesh.com. Arizone configured
ramesh.com CNAME va.ramesh.com.
On 24.01.11 17:13, rams wrote:
y resolver is returning multiple CNAMEs for same hostname. But I believe
CNAME should not return same hostname with multiple values.
correct.
Is this behavior is correct. Could you please clarify me.
it's not. CNAME may be the only record type for a domain,
On Wed, 2010-12-01 at 19:05 +0530, rams wrote:
I have one SOA record as follows in zone.
qa.com. 86400 IN SOA ramesh.com. qa.com. (
2009111903 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
On 01.12.10 19:05, rams wrote:
I have one SOA record as follows in zone.
qa.com. 86400 IN SOA ramesh.com. qa.com. (
2009111903 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
2592000
Hi,
What is the bind response when queried MX record. The MX record is having
prefernce value is greater than maximum of preference value [ex: 65536].
Thanks Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
On Fri, Oct 22, 2010 at 05:05:06PM +0530,
rams brames...@gmail.com wrote
a message of 38 lines which said:
What is the bind response when queried MX record.
% dig @ns3.nic.fr MX nic.fr
; DiG 9.7.1-P2 @ns3.nic.fr MX nic.fr
; (2 servers found)
;; global options: +cmd
;; Got answer:
;;
Hi,
I have a record in BIND as follows:
mxdomain.com. 86400 IN MX 65536 gmail.com.
When I query mxdomain.com. with type MX. What is the bind response. Is
there any RFC mentioned about this .
Thanks Regards,
Ramesh
___
bind-users mailing list
On Fri, Oct 22, 2010 at 06:01:22PM +0530,
rams brames...@gmail.com wrote
a message of 42 lines which said:
I have a record in BIND as follows:
mxdomain.com. 86400 IN MX 65536 gmail.com.
I don't think you tell us the truth. Because BIND refuses to load it:
% named-checkzone example
https://www.isc.org/files/arm96.html#types_of_resource_records_and_when_to_use_them
Scroll down to the data type MX and it says:
Identifies a mail exchange for the domain with a 16-bit preference value
(lower is better) followed by the host name of the mail exchange.
Described in RFC 974,
On Fri, 22 Oct 2010, rams wrote:
I have a record in BIND as follows:
mxdomain.com. 86400 IN MX 65536 gmail.com.
How did you get named to load this?
If your named does load it, what version of BIND are you using?
You should get out of range. (See named-checkzone too.)
When I query
On Fri, Oct 22, 2010 at 09:02:49AM -0500,
Jeremy C. Reed jr...@isc.org wrote
a message of 8 lines which said:
Because subject was replaced I didn't find it before my response :)
You should really used a threaded mail client software (which
understands the In-Reply-To: header) :-)
On Oct 22, 2010, at 8:31 AM, rams wrote:
I have a record in BIND as follows:
mxdomain.com. 86400 IN MX 65536 gmail.com.
When I query mxdomain.com. with type MX. What is the bind
response. Is there any RFC mentioned about this .
On the wire, the MX preference is carried in a 16-bit field,
In message aanlkti=nfu6avy5tnbcc2wyrp0fckh1gskgzl4o8a...@mail.gmail.com, rams
writes:
Hi ,
When I created delegated NS record. Bind 9.7.1 p3 is giving SERVFAIL , when
i queried for NS delegated record with NS.
Could you please clarify me or is it bug in 9.7?
To see the delegation you
Hi ,
When I created delegated NS record. Bind 9.7.1 p3 is giving SERVFAIL , when
i queried for NS delegated record with NS.
Could you please clarify me or is it bug in 9.7?
Thanks Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
In message aanlkti=nfu6avy5tnbcc2wyrp0fckh1gskgzl4o8a...@mail.gmail.com, rams
writes:
Hi ,
When I created delegated NS record. Bind 9.7.1 p3 is giving SERVFAIL , when
i queried for NS delegated record with NS.
Could you please clarify me or is it bug in 9.7?
To see a delegation you need
Hey Guys,
I have an issue which need some help.
I have two master DNS servers, say A B.
A is running freebsd B is running centos. B is running BIND 9 also.
Now, I want to add one more to this cluster say C.
I have installed centos in C with BIND 9. Now, I have copied
/etc/named.conf
Am Fri, 10 Sep 2010 12:51:11 +0530
schrieb Sherin George l...@sheringeorge.co.cc:
Hey Guys,
I have an issue which need some help.
I have two master DNS servers, say A B.
A is running freebsd B is running centos. B is running BIND 9 also.
Now, I want to add one more to this cluster
Hello Torsten,
Thanks for looking into this.
Basically, my previous question came from my ignorance. But, I learned
more and I think found the answer.
The SOA MNAME field is used by NOTIFY and by dynamic update.
Authoritative name servers send NOTIFY messages to all name servers in
NS records
Hi,
I have set up data as follows in bind.
Zone: rameshops5526old.com
maint.rameshops5526old.com. 300 IN CNAME
maint.global.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS dns5.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS
In message aanlktinrcdo9eetozjb4xsxcp309jaedtza7wxfeh...@mail.gmail.com, rams
writes:
Hi,
I have set up data as follows in bind.
Zone: rameshops5526old.com
maint.rameshops5526old.com. 300 IN CNAME
maint.global.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS
Hi ,
Please tell me the correct answer for the below set up:
*Zone: rameshops5526old.com
*
maint.rameshops5526old.com. 300 IN CNAME
maint.global.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS dns5.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS
On 24.08.10 12:48, rams wrote:
Please tell me the correct answer for the below set up:
this is not set up, this is the answer.
*Zone: rameshops5526old.com
*
maint.rameshops5526old.com. 300 IN CNAME
maint.global.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS
Hi
When we have data as follows queried domain maint.rameshops5526old.com.
against bind and my own resolver. Bind and my resolver response are same but
only mismatching with flags. bind is returning AA flag but my resolver is
not returning AA flag. in this case wihcih is correct bind or my
On 24.08.10 17:48, rams wrote:
When we have data as follows queried domain maint.rameshops5526old.com.
against bind and my own resolver. Bind and my resolver response are same but
only mismatching with flags. bind is returning AA flag but my resolver is
not returning AA flag. in this case
On 8/24/2010 2:25 AM, rams wrote:
Hi,
I have set up data as follows in bind.
Zone: rameshops5526old.com http://rameshops5526old.com
maint.rameshops5526old.com http://maint.rameshops5526old.com. 300
IN CNAME maint.global.rameshops5526old.com
http://maint.global.rameshops5526old.com.
On 8/24/2010 8:18 AM, rams wrote:
Hi
When we have data as follows queried domain
maint.rameshops5526old.com http://maint.rameshops5526old.com/.
against bind and my own resolver. Bind and my resolver response are
same but only mismatching with flags. bind is returning AA flag but my
resolver
It might be worth pointing out
a) that you're trying to recursively query a non-recursive nameserver
b) that the MX record is technically superfluous, since its target is
the same as the owner name, and all mail clients will fail over to doing
an A query of the same name if no MX record is
Hi ,
I have data as follows
a.rameshops5446.com. 86400 IN A 1.2.3.1
a.rameshops5446.com. 86400 IN MX 10 a.rameshops5446.com.
I queried domain a.rameshops5446.com with type ANY against bind9.6 .
Actual Result:
Bind is returning above two records in answer section and also returning A
record in
Here my doubt is A record already returned in answer section why the same A
record is returning in additional section. I know if MX pointed record have
any A/ records will return in additional section. but in above case
already the same A record returned in answer section. Is bind result
Hi,
During AXFR of a zone, the zone.dbfile is not created till the AXFR
completes. Till AXFR completes, the file name will be some value as
456eefwfc. Is it correct behavior?
Thanks Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
At Thu, 3 Jun 2010 11:39:30 +0530,
rams brames...@gmail.com wrote:
During AXFR of a zone, the zone.dbfile is not created till the AXFR
completes. Till AXFR completes, the file name will be some value as
456eefwfc. Is it correct behavior?
Yes, that's the intended behavior.
---
JINMEI, Tatuya
What exactly are you expecting to see there? NS records for the root
zone? Is this *non-recursive* nameserver obligated to give out NS and/or
SOA records for the root zone in the Authority Section? I think not.
Is there any update on the following issue.
On Mon, May 31, 2010 at 2:16 PM, rams brames...@gmail.com wrote:
Hi ,
I have the following zone file:
$ORIGIN td3497.com.
@ IN SOA udns1.ultradns.net. ppk.yahoo.com. (
2010052610 ; serial
10800 ; refresh
3600 ; retry
2592000 ; expire
Hi ,
I have the following zone file:
$ORIGIN td3497.com.
@ IN SOA udns1.ultradns.net. ppk.yahoo.com. (
2010052610 ; serial
10800 ; refresh
3600 ; retry
2592000 ; expire
86400 ; minimum
)
cname.chain.td3497.com. 86400 IN CNAME mx.chain.td3497.com.
mx.chain.td3497.com. 86400 IN MX 34
Hi list,
In an attempt to wrap my head around the statistics gathered and
presented by the statistics-channel I created the following visio
drawing:
http://bildr.no/image/593944.jpeg
I would be happy if someone with more knowledge of both DNS protocols
and BIND in specific could verify what I
72 matches
Mail list logo