PGNet Dev wrote:
> ping, anyone?
You know as much about these errors as I do ...
Tony.
--
f.anthony.n.finch http://dotat.at/ - I xn--zr8h punycode
Fisher, German Bight: Mainly southerly 5 to 7. Moderate or rough. Occasional
rain. Good, occasionally
ping, anyone?
On 2/1/18 10:22 AM, PGNet Dev wrote:
I recently updated to
named -v
BIND 9.12.0
compiled locally with
...
--enable-rpz-nsip
--enable-rpz-nsdname
--enable-querytrace
...
Now, in logs I'm seeing many of these
In article ,
Reindl Harald wrote:
> > As long as you understand the implications of what you're doing?
> >
> > The zone owner may be using short TTLs to implement load balancing
> > and/or quick failover. If you
In article you write:
>As long as you understand the implications of what you're doing?
>
>The zone owner may be using short TTLs to implement load balancing
>and/or quick failover. If you extend the TTLs, your users may experience
>poor
Am 09.02.2018 um 17:45 schrieb Barry Margolin:
In article ,
Reindl Harald wrote:
As long as you understand the implications of what you're doing?
The zone owner may be using short TTLs to implement load balancing
Am 09.02.2018 um 17:37 schrieb Barry Margolin:
In article ,
Grant Taylor wrote:
On 02/08/2018 08:51 AM, Mukund Sivaraman wrote:
Also, just for argument's sake, one user wants to extend TTLs to
5s. Another
Am 09.02.2018 um 17:45 schrieb Barry Margolin:
In article ,
Reindl Harald wrote:
As long as you understand the implications of what you're doing?
The zone owner may be using short TTLs to implement load
In article ,
Grant Taylor wrote:
> On 02/08/2018 08:51 AM, Mukund Sivaraman wrote:
> > Also, just for argument's sake, one user wants to extend TTLs to
> > 5s. Another wants 60s TTLs. What is OK and what is going
On 02/09/2018 09:37 AM, Barry Margolin wrote:
As long as you understand the implications of what you're doing?
I don't think my level of understanding has any impact of my ability to
override what the zone publisher sets the desired TTL (or any value) to be.
I have the right to run my
On 2018-02-08 (03:10 MST), Michelle Konzack
wrote:
>
> Hi,
>
> Am 2018-02-08 hackte LuKreme in die Tasten:
>> Is it possible to tell bind to ignore very short TTLs and enforce
>> a...say... 5 second minimum TTL?
>
> VERY SHORT TTL?
YEs.
> 5 sec minimum?
Yes.
In article you write:
>For the record, the issue is not RBLs or legitimate domains, it is =
>spammer scum that set super-low DNS because they are shotgunning spam =
>from a a vast botnet and they want to have maximal impact, so you get a =
On 02/09/2018 05:26 PM, @lbutlr wrote:
But to answer your question, off-hand, I'd say that any TTL under 60s
is suspicious and any TTL under 10s is almost certainly intentionally
abusive.
I thought there was a lower recommended boundary, particularly to detect
and avoid things like fast
On 2018-02-08 (08:51 MST), Mukund Sivaraman wrote:
>
> Also, just for argument's sake, one user wants to extend TTLs to
> 5s. Another wants 60s TTLs. What is OK and what is going too far?
For the record, the issue is not RBLs or legitimate domains, it is spammer scum
that set
Reindl Harald wrote:
>
> CISCO router with "DNS-ALG"
Oh god, never turn on PIX/ASA protocol fuxup features.
Tony.
--
f.anthony.n.finch http://dotat.at/ - I xn--zr8h punycode
Malin: West 5 or 6, backing south 7 to severe gale 9 for a time. Very rough
Leave off the "protocol fixup feature", its cleaner
:-P
On Fri, Feb 9, 2018 at 7:15 AM, Tony Finch wrote:
> Reindl Harald wrote:
>>
>> CISCO router with "DNS-ALG"
>
> Oh god, never turn on PIX/ASA protocol fuxup features.
>
> Tony.
> --
>
Am 09.02.2018 um 07:02 schrieb sth...@nethelp.no:
Yesterday I measured, on our busiest resolvers, the amount of replies
with TTL=0 the resolvers received (from the authoritative servers).
Turns out we receive around 2.3 percent replies with TTL=0. This is
a percentage I can live with, and I see
Am 09.02.2018 um 13:15 schrieb Tony Finch:
Reindl Harald wrote:
CISCO router with "DNS-ALG"
Oh god, never turn on PIX/ASA protocol fuxup features
well, i did not know that the ISP ships that crap with the feature
enabled and even if i did not imagine that it takes
17 matches
Mail list logo