Response Policy Zone on forward-only nameserver

2017-04-13 Thread Mark Elsen
Ref : bind-9.9.7-P2 Can I use the RPZ mechanism on a forward only nameserver too ,without abonding the forward only setup ? M. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list

Re: forward only recursive server doesn't forward

2016-10-20 Thread Alex
Hi, >> zone "96/28.104.104.66.in-addr.arpa" { >>type slave; >>file "slaves/db.104.104.66"; >>masters { 64.1.1.3; }; >>allow-query { any; }; >>allow-transfer { trusted; }; >> }; > > >> I set up the reverse zone a long time ago, and I don't think the "zone >>

Re: forward only recursive server doesn't forward

2016-10-20 Thread Alex
Hi, >> >> I have a bind-9.10.3 server on fedora22 that is authoritative for a >> >> few domains and their corresponding IP ranges. I'd like to set up >> >> another domain server (rbldnsd) on a host in one of those domains as a >> >> forw

Re: forward only recursive server doesn't forward

2016-10-20 Thread Reindl Harald
Am 20.10.2016 um 03:27 schrieb Alex: I have a bind-9.10.3 server on fedora22 that is authoritative for a few domains and their corresponding IP ranges. I'd like to set up another domain server (rbldnsd) on a host in one of those domains as a forward-only server why on another host? it just

Re: forward only recursive server doesn't forward

2016-10-20 Thread Matus UHLAR - fantomas
On 19.10.16 21:27, Alex wrote: I have a bind-9.10.3 server on fedora22 that is authoritative for a few domains and their corresponding IP ranges. I'd like to set up another domain server (rbldnsd) on a host in one of those domains as a forward-only server. The problem appears

Re: forward only recursive server doesn't forward

2016-10-19 Thread Mark Andrews
In message

Re: forward only recursive server doesn't forward

2016-10-19 Thread Alex
that is authoritative for a >> few domains and their corresponding IP ranges. I'd like to set up >> another domain server (rbldnsd) on a host in one of those domains as a >> forward-only server. >> >> The problem appears to be that the queries from the local box to the >> subdoma

Re: forward only recursive server doesn't forward

2016-10-19 Thread Mark Andrews
nsd) on a host in one of those domains as a > forward-only server. > > The problem appears to be that the queries from the local box to the > subdomain being managed by the rbldnsd server are being answered by > the local bind instead of being sent to the remote machine

forward only recursive server doesn't forward

2016-10-19 Thread Alex
Hi, I have a bind-9.10.3 server on fedora22 that is authoritative for a few domains and their corresponding IP ranges. I'd like to set up another domain server (rbldnsd) on a host in one of those domains as a forward-only server. The problem appears to be that the queries from the local box

Re: forward only single zone

2016-03-08 Thread Oto BREZINA
include "slave zones"; }; I need to add zone "calc.example.com" { type forward; forward only; forwarders { local_machine; }; }; adding it to local wont let external client to get access, but works from internals adding i

Re: forward only single zone

2016-03-08 Thread Oto BREZINA
- Kevin -Original Message- From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Oto BREZINA Sent: Friday, March 04, 2016 6:09 PM To: bind-users@lists.isc.org Subject: forward only single zone I got successfuly set schizophrenic bind based DNS. It is v

RE: forward only single zone

2016-03-07 Thread Darcy Kevin (FCA)
lf Of Oto BREZINA Sent: Friday, March 04, 2016 6:09 PM To: bind-users@lists.isc.org Subject: forward only single zone I got successfuly set schizophrenic bind based DNS. It is version 9.9.5 running on Ubuntu . I got local zones : serving internal side. public zones master and slaves (s

Re: forward only single zone

2016-03-07 Thread Tony Finch
include "public zones"; // contains example.com with clue to same > server > include "slave zones"; > }; > > I need to add > > zone "calc.example.com" { > type forward; > forward only; >

forward only single zone

2016-03-04 Thread Oto BREZINA
.com with clue to same server include "slave zones"; }; I need to add zone "calc.example.com" { type forward; forward only; forwarders { local_machine; }; }; adding it to local wont let external client to get acces

Re: Forward only zones.

2011-07-27 Thread Matus UHLAR - fantomas
On 26.07.2011 00:48, Kevin Darcy wrote: Correct. That's the distinction which is typically made between a DNS *forwarder* (which caches) and a DNS *proxy* (which doesn't). As far as I know, BIND cannot be configured to be a DNS proxy. On 26.07.11 11:11, Vbvbrj wrote: But I don't want BIND as

Re: Forward only zones.

2011-07-26 Thread Vbvbrj
On 25.07.2011 10:15, Matus UHLAR - fantomas wrote: This is how BIND is supposed to work. If you _need_ such setup, why don't you setup your AD servers as recursive point clients directly to them? you can teoretically configure maximum cache time in BIND but that would be useless server. I

Re: Forward only zones.

2011-07-26 Thread Mark Andrews
In message 4e2de4bb.6050...@chrysler.com, Kevin Darcy writes: On 7/24/2011 2:15 AM, Vbvbrj wrote: options { allow-transfer { none; }; recursion yes; forward first; forwarders { a.b.c.d; }; // Forward to providers dns. }; zone my_domain.com IN { type forward; forward

Re: Forward only zones.

2011-07-26 Thread Matus UHLAR - fantomas
On 24.07.2011 18:40, Matus UHLAR - fantomas wrote: This is how BIND is supposed to work. If you _need_ such setup, why don't you setup your AD servers as recursive point clients directly to them? you can teoretically configure maximum cache time in BIND but that would be useless server. On

Re: Forward only zones.

2011-07-26 Thread Vbvbrj
On 26.07.2011 00:48, Kevin Darcy wrote: Correct. That's the distinction which is typically made between a DNS *forwarder* (which caches) and a DNS *proxy* (which doesn't). As far as I know, BIND cannot be configured to be a DNS proxy. But I don't want BIND as a proxy. ) Answers from its

Re: Forward only zones.

2011-07-26 Thread harish badrinath
On Mon, Jul 25, 2011 at 7:53 PM, Vbvbrj vbv...@gmail.com wrote: I just can't for now move active directory's dns database to BIND. You could use something much simpler like dnsmasq (http://thekelleys.org.uk/dnsmasq/doc.html). Setting it up as a DNS forwarder is a breeze, while you migrate DNS

Re: Forward only zones.

2011-07-26 Thread Peter Andreev
2011/7/25 Vbvbrj vbv...@gmail.com: On 25.07.2011 10:15, Matus UHLAR - fantomas wrote: This is how BIND is supposed to work. If you _need_ such setup, why don't you setup your AD servers as recursive point clients directly to them? you can teoretically configure maximum cache time in BIND

Re: Forward only zones.

2011-07-25 Thread Vbvbrj
On 24.07.2011 18:40, Matus UHLAR - fantomas wrote: On 24.07.11 09:15, Vbvbrj wrote: forwarders { a.b.c.d; }; // Forward to providers dns. }; zone my_domain.com IN { I would prefer not to using underscores in domain names. While they are allowed, they may cause some stuff not to work. Why

Re: Forward only zones.

2011-07-25 Thread Matus UHLAR - fantomas
On 24.07.11 09:15, Vbvbrj wrote: zone my_domain.com IN { On 24.07.2011 18:40, Matus UHLAR - fantomas wrote: I would prefer not to using underscores in domain names. While they are allowed, they may cause some stuff not to work. Why do you have underscore here? On 25.07.11 09:24, Vbvbrj

Re: Forward only zones.

2011-07-25 Thread Warren Kumari
On Jul 25, 2011, at 3:15 AM, Matus UHLAR - fantomas wrote: On 24.07.11 09:15, Vbvbrj wrote: zone my_domain.com IN { On 24.07.2011 18:40, Matus UHLAR - fantomas wrote: I would prefer not to using underscores in domain names. While they are allowed, they may cause some stuff not to work.

Re: Forward only zones.

2011-07-25 Thread Kevin Darcy
On 7/24/2011 2:15 AM, Vbvbrj wrote: options { allow-transfer { none; }; recursion yes; forward first; forwarders { a.b.c.d; }; // Forward to providers dns. }; zone my_domain.com IN { type forward; forward only; forwarders { a.b.c.d; }; // Forward to Windows DNS. }; I would like

Re: Forward only zones.

2011-07-24 Thread Matus UHLAR - fantomas
On 24.07.11 09:15, Vbvbrj wrote: forwarders { a.b.c.d; }; // Forward to providers dns. }; zone my_domain.com IN { I would prefer not to using underscores in domain names. While they are allowed, they may cause some stuff not to work. Why do you have underscore here? forwarders {

forward only not

2010-09-29 Thread Len Conrad
. dig @10.1.60.1 or .2 d.c.b.a.zen.dnsbld.domain.net works. named.conf: zone zen.dnsbld.domain.net { type forward; forwarders { 10.1.60.1 ; 10.1.60.2 ; }; forward only; }; and no other forwarding statements. named query logging shows client 127.0.0.1 (postfix/postscreen) sending queries

Re: forward only not

2010-09-29 Thread Len Conrad
; forwarders { 10.1.60.1 ; 10.1.60.2 ; }; forward only; }; and no other forwarding statements. named query logging shows client 127.0.0.1 (postfix/postscreen) sending queries to 127.0.0.1 tshark capture shows the BIND machine sending queries to the NSs authoritative for domain.net, rather than

weird bind cache server behaviour - unexpected root hint delegation on forward only zone

2009-06-15 Thread Paul Sherratt
in the 'dnsbl' zone return root hints if the forwarded request comes back positive! If the forwarded request returns NXDOMAIN there are no root hints returned, expected as it is configured 'forward only'. Am I missing something obvious or anyone have an idea what might be going on? Again, the configs