On 8/1/24 17:14, John Thurston wrote:
After reading the CVE description, it isn't clear to me how the degraded
performance is manifest.
If 300 A-records exist for the name 'foo', do we expect:
1. queries for A-records for 'foo' will be slower than expected
2. all queries for 'foo' will be sl
On 8/23/24 09:19, Marcus Kool wrote:
The user was angry and ranted about named 9.18.x. He did not rant about any
developer or any member of your team. Removing a user from this list is IMHO
not the best way to treat an issue.
Marcus
Yes, but tone matters. It seems that world is now ful
,
--
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this
formation and Technology Services (ITS)
> rharo...@umich.edu <mailto:rharo...@umich.edu>
> 734-647-6524 desk
>
>
Exactly what I needed, thanks!
--
--------
Tim Daneliuk tun...@tundraware.com
PGP
I am still working through how to get this working but a little further
steering would be helpful.
I have a situation with a single domain "foo.com" That has both public
facing and NATed internal addresses. That is, regardless of whether the
host IP is visible in the outside world or not, its c
On 08/22/2015 10:42 AM, /dev/rob0 wrote:
> On Sat, Aug 22, 2015 at 09:53:31AM -0500, Tim Daneliuk wrote:
> [ Two views, one zone name, different zone contents,
> same master & slave: how to populate both views on the slave? ]
>
>> My sense is that I need to split the inte
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/23/2015 10:05 PM, Alan Clegg wrote:
> Never, EVER use nslookup.
Could you explain why?
- --
- ----
Tim Daneliuk tun...@tundraware.com
PGP Key: h
eeded anymore?
----
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubs
gt; Regards,
>
> Vicky Risk,
> Product Manager
>
> Jeff Osborn, President of ISC, announcing we are considering this change at
> RIPE72 in Copenhagen May 26th, https://ripe72.ripe.net/archives/video/206.
+1
Long time bind user here and I heartily endorse this.
-
that borked our entire environment today. Shame on my for not testing
in non-prod first :(
Fell back to 9.14 on FreeBSD for now.
--------
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
__
nstance is jailed.
Ideas?
--
----
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bin
On 4/17/20 7:26 AM, Bob Harold wrote:
>
> On Thu, Apr 16, 2020 at 7:17 PM Tim Daneliuk <mailto:tun...@tundraware.com>> wrote:
>
> We have split horizon setup and enable our internal and trusted hosts
> to do things as follows:
>
>
rd notation? (This is an IPV4 only environment).
--
--------
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit https://lists.isc
On 4/17/20 10:17 AM, julien soula wrote:
> On Fri, Apr 17, 2020 at 09:56:21AM -0500, Tim Daneliuk wrote:
>> On 4/17/20 9:50 AM, Bob Harold wrote:
>>>
>>> Agree, that's odd, and not what the man page says. Any chance that there
>>> is some other DNS hel
On 6/15/20 1:15 PM, Michael De Roover wrote:
> Of course I could, but I do not feel like the effort to change nomenclature
> is either beneficial or worth taking for granted the requests of some people
> on Twitter - as the slave to peer authority I am - given how much it affects
> documentation
I ran into a situation yesterday which got me pondering something about bind.
In this case, a single line in a zone file was bad. The devops automation
had inserted a space in the hostname field of a PTR record.
What was interesting was that - at startup - bind absolutely refused
to load the zon
he would go to the A record of the zone which is in most
> cases simply the wrong destination
>
I agree that in a master-slave topology, your argument makes sense.
I this case, the server was a singleton responsible for a small virtual
private netwo
On 12/16/20 12:25 PM, Timothe Litt wrote:
> On 16-Dec-20 11:37, Tim Daneliuk wrote:
>> I ran into a situation yesterday which got me pondering something about bind.
>>
>> In this case, a single line in a zone file was bad. The devops automation
>> had inserted a space
kind soul point me to a relevant explanation of how to do the
hostname -> multiple IP mapping?
Thanks,
--
----
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/
man-in-the-middle server? Or is this just a stupid
idea?
--
--------
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit
On 09/29/2016 04:18 PM, Tim Daneliuk wrote:
> On 09/29/2016 02:08 PM, John Miller wrote:
>> Hi Tim,
>>
>> AFAIK, multiple A records are the only way to return multiple IPs for
>> a given FQDN. there are multiple A records for a given name, BIND
>> will return all
On 09/29/2016 04:33 PM, Matthew Pounsett wrote:
>
>
> On 29 September 2016 at 14:18, Tim Daneliuk <mailto:tun...@tundraware.com>> wrote:
>
>
> What I am stuck on is this: Is there any simple (i.e., non-root) way
> to write a client or otherwise configure
may make sense.
I really appreciate everyone jumping in to help with this.
--
--------
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit https://lists.isc.org/mai
/etc/resolv.conf or a local server on port 53?
--------
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubs
On 09/30/2016 10:12 AM, Reindl Harald wrote:
>
> Am 30.09.2016 um 16:22 schrieb Tim Daneliuk:
>> On 09/29/2016 04:45 PM, Darcy Kevin (FCA) wrote:
>>> Yeah, sure, just run it with your own special config file (with -c); in
>>> that config file, set the listen-on to
tions with absurd regulations that do nothing but make
things harder. The cheaters can probably still find a way if they really
want to - it's just mildly harder. It's good for me though - it keeps
me fully booking revenue :)
--
------
On 09/30/2016 12:46 PM, John Miller wrote:
> On Fri, Sep 30, 2016 at 1:15 PM, Tim Daneliuk wrote:
>> On 09/30/2016 11:17 AM, Hrant Dadivanyan wrote:
>>> Won't port redirection work better then ?
>
>> get sudo for even limited access to things on their sandboxes
.
Thanks,
--
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
On 02/02/2018 04:00 PM, Warren Kumari wrote:
> It only takes a few 2678400 seconds to get into this habit - if you
> are having a hard time adjusting, I'd recommend Kris Allen's seminal
> work - https://www.youtube.com/watch?v=PwYnG2DGbPo
I prefer this - (slightly NFSW): https://www.youtube.co
ppreciated...
--------
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
+ named_enable=YES
+ named_program=/usr/local/sbin/named
+ named_conf=/usr/local/etc/namedb/named.conf
+ n
On 4/27/19 3:33 PM, Anand Buddhdev wrote:
> On 27/04/2019 21:52, Tim Daneliuk wrote:
>
> Hi Tim,
>
>> Running: FreeBSD 11.2-STABLE #0 r345904
>>
>> Bind 9.11 works fine. If I attempt to install 9.12 or greater, the
>> installation succeeds but any attemp
On 4/27/19 5:33 PM, @lbutlr wrote:
> On 27 Apr 2019, at 16:21, Tim Daneliuk wrote:
>> Why is 9.12+ now suddenly so grumpy about who owns the files? Is this a
>> recent fix to reduce the attack surface on files owned by root?
>
> Pretty sure. I thought it was mentioned in t
On 8/2/19 1:31 PM, Victoria Risk wrote:
> This list is a tremendously helpful and generous group that has provided
> really invaluable assistance
tl;dr Discuss the topic, not each other
It's tragic this even has to be said ...
___
Please visit https:
On 2/11/24 02:07, Ole Aamot wrote:
"This whole “we support everything for 10 years” is just a sales pitch, not a
something that can be fulfilled." – Ondřej Surý — ISC
I realize that there was a whole kerfuffle here that I mercifully missed and
have absolutely no interest in.
But it did "pro
I am trying to understand when the LHS of a TXT record needs to be terminated
with '.'.
For example, I see this one of the machines I am managing. The server in
question is
the zone authority for foo.com:
foo.com. IN TXT "v=spf1 ...
foo.com. IN SPF "v=spf1 ...
something
On 2/28/21 5:52 PM, Mark Andrews wrote:
> Domain names without a trailing period are relative to the current origin.
>
> Domain names with a trailing period are absolute.
>
> If you want to add the record
>
> foo.bar.example.com. TXT …
>
> and the current origin is example.com. You can en
Running bind 9.16.15 on FreeBSD 11.4-STABLE.
Master is out on a cloud server at Digital Ocean. Slave is on-premise.
All on-prem LANs point to the slave instance.
Running split horizon to keep nosey parkers out of our local DNS assignments.
Recently - and for no obvious reason - the on-prem inst
On 5/20/21 8:43 AM, Anand Buddhdev wrote:
> On 20/05/2021 15:30, Tim Daneliuk via bind-users wrote:
>
> Hi Tim,
>
>> Recently - and for no obvious reason - the on-prem instance stops resolving
>> properly. The fix is to stop it, clear out the slave files, and restart.
&g
ing, I've added this to my
options stanza:
dnssec-policy "default";
Then restarted named and now all the signing magic is taken care of for
me for all zones? (I was not previously using signing.)
TIA,
--
-
of the signing work before (other than for master/slave).
Could you kindly point me to something like
"DS Record Creation And Implementation For Dummies"?
Thanks,
Tim Daneliuk tun...@tundraware.com
PGP
ant to convey to my registrar?
Other than this I see nothing that resembles a relevant response AND
the COOKIE field does not show up if I do the dig from outside the zone.
--
----
Tim Da
garbage may be implicated.
We could use some help on an approach to debugging this. Having never had
significant bind problems over 20 years of use, we literally have no named
debugging experience...
TIA,
--
--------
Tim D
it.
--
----
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this softw
what may be happening.
>
> Richard.
Perfect, will do, and thanks...
--
----
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
___
P
.org/support
Aug 14 17:07:03 ozzie named[32292]:
Aug 14 17:07:03 ozzie named[32292]: command channel listening on 127.0.0.1#953
Aug 14 17:07:03 ozzie named[32292]: 14-Aug-2021 17:07:03.167 general: notice:
all zones loaded
Aug 14 17:07:03 ozzie
On 8/15/21 9:07 AM, G.W. Haywood via bind-users wrote:
> Hi there,
>
> On Sun, 15 Aug 2021, Tim Daneliuk wrote:
>
>> I have a bind slave instance running on FreeBSD 13-STABLE. Periodically
>> (after
>> a few days of perfect operation), it loses its ability to
appreciated as well ...
(We have a fair bit of other logging data to be examined, I just didn't want to
spam the whole list with all that ...)
--
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.
After some months of poking around, we are now certain that our so-called
"Business"
service from Comcast is compromising our DNS servers because of their
execrable "Security Edge" garbage. (They are willing to remove this 'service'
only if we are willing to incur a higher monthly recurring fe
48 matches
Mail list logo