Am 18.01.2012 um 23:54 schrieb Evan Hunt:
I tried the example from page 23 with a local zone, a trusted key and
inline-signing, like:
[...]
But I'm getting no ad-flag:
That's normal; authoritative servers don't set the AD bit, validating
resolvers do. (There's not much point in having
On Thu, 19 Jan 2012, Axel Rau wrote:
Am 18.01.2012 um 23:54 schrieb Evan Hunt:
I tried the example from page 23 with a local zone, a trusted key and
inline-signing, like:
[...]
But I'm getting no ad-flag:
That's normal; authoritative servers don't set the AD bit, validating
resolvers do.
Hi,
My resolvers seem to be having problems resolving ed.gov hosts. Others
have reported similar problems, but I am having trouble figuring out
where the problem lies. Some other resolvers seem to be resolving
ed.gov correctly. I am able to query their authoritative servers
directly from the
Ugly fix, but it does work. I already had that in place as a band-aid
anyways.
Josh
-Original Message-
From: wbr...@e1b.org [mailto:wbr...@e1b.org]
Sent: Thursday, January 19, 2012 2:36 PM
To: Baird, Josh
Cc: bind-users@lists.isc.org
Subject: Re: Problem with ed.gov
Josh wrote on
Hello,
The dhcpd mailinglist sent me your way with a problem I am having with
named/dhcpd.
The problem I have is that I can not seem to get reverse hostname lookups
in my PXEboot, which means my PXEboot clients think they are localhost.
The problem that may be more relevant to the BIND list is
Josh - are you using Cisco firewalls? We've seen problems resolving other
.gov sites due to EDNS/DNSSEC requests being truncated by dns inspect
size set to 512 bytes (out-of-box conf). Changing to 4k yielded good
results and fixed those problems without other operational impact.
Chris Faehl
Nope, no firewall in front or behind these particular boxes.
Josh
-Original Message-
From: Faehl, Chris [mailto:cfa...@rightnow.com]
Sent: Thursday, January 19, 2012 3:34 PM
To: Baird, Josh
Cc: bind-users@lists.isc.org
Subject: Re: Problem with ed.gov
Josh - are you using Cisco
On Sun, Jan 15, 2012 at 04:41:15PM +, Markus Braun wrote:
i googled the last daysi cant run DNSMASQ and BIND9 both on
the same port or?
Obviously not, but I have set them both up on the same machine:
dnsmasq(8) as DHCP and authoritative DNS server, named(8) as
the upstream caching
rob0 wrote on 01/19/2012 04:05:26 PM:
...
server=127.0.0.1#1053
# to use nameserver 127.0.0.1 in resolv.conf(5)
no-resolv
...
listen-on port 1053 { 127.0.0.1; };
Are both of these listening on port 1053? That ain't gonna work. Put one
of them back on 53 or on some other port
Please be aware that RFC 2671, which specifies EDNS0, allows for buffer
sizes to reach 64k, not just 4k. Most implementations default to 4k,
but the buffer size can easily be set higher. Moreover, the EDNS0
buffer size merely specifies the size where the UDP response becomes
truncated and
On Thu, Jan 19, 2012 at 07:13:49PM -0500, wbr...@e1b.org wrote:
rob0 wrote on 01/19/2012 04:05:26 PM:
...
server=127.0.0.1#1053
This says contact a nameserver on 127.0.0.1:1053 for unlisted /
unknown names.
# to use nameserver 127.0.0.1 in resolv.conf(5)
This says the system resolver
This is a modified version of named dynamic-db is *not* a valid
configuration option in named as shipped by ISC.
Additionaly failed to create new zone is not a log message from
named as shipped by ISC.
As you are seeing a core dump I would suggest that you contact
whomever extended the version
In message 4f18b4a5.3050...@rancid.berkeley.edu, Michael Sinatra writes:
Please be aware that RFC 2671, which specifies EDNS0, allows for buffer
sizes to reach 64k, not just 4k. Most implementations default to 4k,
but the buffer size can easily be set higher.
Which often requires a
On Jan 19, 2012, at 8:14 PM, Mark Andrews wrote:
In message 4f18b4a5.3050...@rancid.berkeley.edu, Michael Sinatra writes:
Please be aware that RFC 2671, which specifies EDNS0, allows for buffer
sizes to reach 64k, not just 4k. Most implementations default to 4k,
but the buffer size can
In message cagatkrjt4sml8xyuacpwjmoayzggnh7hoycbhvdrpcwsreb...@mail.gmail.com
, =?UTF-8?Q?Stack_Koror=C4=81?= writes:
There are two other logging files mentioned in the conf files:
/var/log/named-auth.info never has any information in it.
/var/log/update-debug.log mostly complains about this:
On 01/19/2012 09:11 PM, Mark Andrews wrote:
In message
cagatkrjt4sml8xyuacpwjmoayzggnh7hoycbhvdrpcwsreb...@mail.gmail.com
, =?UTF-8?Q?Stack_Koror=C4=81?= writes:
There are two other logging files mentioned in the conf files:
/var/log/named-auth.info never has any information in it.
On 01/19/2012 07:02 PM, Mark Andrews wrote:
This is a modified version of named dynamic-db is *not* a valid
configuration option in named as shipped by ISC.
That came from the Red Hat IPA configuration.
Additionaly failed to create new zone is not a log message from
named as shipped by ISC.
17 matches
Mail list logo
