Duncan wrote:
>
> Is there any option to suppress warnings if using transfer-source /
> notify-source specifying ports ?
There are good reasons for these warnings.
NOTIFY uses UDP, and source port randomization in UDP is important to
protect against spoofing. Spoofing NOTIFY is relatively
Mirsad Goran Todorovac wrote:
> Please excuse me, as I am a bit confused ...
>
> I have tried to verify your findings, but I've found something awkward:
Something has changed, because earlier I got:
; <<>> DiG 9.10.6 <<>> soa 192/27.186.198.193.in-addr.arpa @193.0.9.6
;; global options: +cmd
Hello,
I have an authoritative DNS server for a domain, but I was also going to
use the same server as a recursive DNS for my internal network, limiting
recursion by the IP. Apparently, this is a bad idea that can lead to
cache poisoning...
After watching a Computerphile Youtube video
Danilo Godec via bind-users wrote:
>
> I have an authoritative DNS server for a domain, but I was also going to
> use the same server as a recursive DNS for my internal network, limiting
> recursion by the IP. Apparently, this is a bad idea that can lead to
> cache poisoning...
Sort of. It's
Mirsad Goran Todorovac wrote:
>
> I have recently implemented dynamic updates to a sub /24 reverse DNS
> domain, 193.198.186.192/27.
> I had upstream domain 192/27.186.198.193.in-addr.arpa. delegated from
> authoritative servers.
>
> However, something still isn't right. In some reverse PTR
Hi!
Is there any option to suppress warnings if using transfer-source /
notify-source specifying ports ?
/etc/bind/named.conf:90: 'notify-source': specifying a port is not
recommended
/etc/bind/named.conf:91: 'notify-source-v6': specifying a port is not
recommended
On 12/29/2021 6:57 PM, Tony Finch wrote:
Mirsad Goran Todorovac wrote:
I have recently implemented dynamic updates to a sub /24 reverse DNS
domain, 193.198.186.192/27.
I had upstream domain 192/27.186.198.193.in-addr.arpa. delegated from
authoritative servers.
However, something still isn't
On Wed, Dec 29, 2021 at 5:31 AM Danilo Godec via bind-users
wrote:
> I have an authoritative DNS server for a domain, but I was also going to
> use the same server as a recursive DNS for my internal network, limiting
> recursion by the IP. Apparently, this is a bad idea that can lead to
> cache
Hello Tony,
Please excuse me, as I am a bit confused ...
I have tried to verify your findings, but I've found something awkward:
root@domac:~# host -t any 186.198.193.in-addr.arpa dns1.carnet.hr
Using domain server:
Name: dns1.carnet.hr
Address: 161.53.123.2#53
Aliases:
On 29.12.21 18:58, Duncan wrote:
Is there any option to suppress warnings if using transfer-source /
notify-source specifying ports ?
yes, don't specify source port.
/etc/bind/named.conf:90: 'notify-source': specifying a port is not
recommended
/etc/bind/named.conf:91: 'notify-source-v6':
10 matches
Mail list logo