Re: DNS RPZ Master/Slave configuration

Again unicast could be any IP address or normal IP address given on server? There is no such specification like multicast On Thu, May 3, 2018 at 7:46 PM, Blason R wrote: > Thanks I got it, Below link helped me understand. > >

Re: DNS RPZ Master/Slave configuration

Thanks I got it, Below link helped me understand. https://deepthought.isc.org/article/AA-00518/0/How-can-I-synchronize-DNS-RPZ-firewall-policies-across-multiple-DNS-servers.html The one thing I didnt understand is how to assign unicast address from DNS perspective? On Thu, May 3, 2018 at 7:36

DNS RPZ Master/Slave configuration

Hi there, Can someone please guide me on working configuration of Mater/Slave zone in DNS RPZ for reference? Is that available with someone? And does it work exactly as master/slave like any other zone? ___ Please visit

Re: Master/slave configuration

On 03/08/2012 06:26 PM, michoski wrote: Meant to add one thing... In our configuration, we actually have two recursive VIPs per site, and even considered three (internal IPs are cheap). We do this. We also make the two different VIPs use different underlying tech - one is an anycast route

Re: Master/slave configuration

Hello, I know that I can use VIP with any software (corosync, Linux HA...) But this will not explain the origin of the issue I am facing :) Even if I use a VIP I can reproduce the issue : If the first VIP (so the nameserver 1) is down, I'll have the same drawbacks. As the resolver will timeout

Re: Master/slave configuration

On 3/9/12 7:58 AM, Romgo ro...@free.fr wrote: Even if I use a VIP I can reproduce the issue : If the first VIP (so the nameserver 1) is down, I'll have the same drawbacks. As the resolver will timeout before falling back to the second nameserver. Sure, we don't live in a perfect world. You

Re: Master/slave configuration

On 8 Mar 2012, at 02:58, Lyle Giese wrote (on bind-users): On linux boxes, adding options rotate to the /etc/resolv.conf helps. [cross-posted, reply-to header set] Is there a DHCP option which expresses that, and which typical fielded DHCP clients will respect?

Re: Master/slave configuration

: windows XP :/ The default Windows timeout is 2s. I can see in bind's logs the dns request, but the webpage is not showing up. I can use a VIP for DNS server, but I though that master/slave configuration was made in order to avoid to use a VIP. Did you guys encounter that kind of issues ? Maybe

Re: Master/slave configuration

On 3/8/12 8:15 AM, Romgo ro...@free.fr wrote: I can use a VIP for DNS server, but I though that master/slave configuration was made in order to avoid to use a VIP. Master/slave was to avoid SPOF -- if the master dies, who cares with a reasonable expire time. :-) So go ahead, setup a VIP

Re: Master/slave configuration

On 3/8/12 10:20 AM, Mike Hoskins micho...@cisco.com wrote: On 3/8/12 8:15 AM, Romgo ro...@free.fr wrote: I can use a VIP for DNS server, but I though that master/slave configuration was made in order to avoid to use a VIP. Master/slave was to avoid SPOF -- if the master dies, who cares

Re: Master/slave configuration

In article mailman.210.1331230835.63724.bind-us...@lists.isc.org, michoski micho...@cisco.com wrote: On 3/8/12 8:15 AM, Romgo ro...@free.fr wrote: I can use a VIP for DNS server, but I though that master/slave configuration was made in order to avoid to use a VIP. Master/slave

Master/slave configuration

Dear community, I use bind on my network as DNS Server. Running bind 1:9.6.ESV.R4+dfsg-0+lenny4 on Debian Lenny. The setup is quite usual : one master server with one slave server. The slave sync the zone from the master. I discover that when the master is down I have some trouble to access to

Re: Master/slave configuration

Problem is, most of client resolvers (not resolving nameservers, but resolvers on workstations etc) query first specified nameserver first, then after timeout start with the others. You should create a HA IP for such uses. b. On 7 March 2012 10:23, ro...@free.fr wrote: Dear community, I use

Re: Master/slave configuration

In article mailman.166.1331112226.63724.bind-us...@lists.isc.org, ro...@free.fr wrote: Dear community, I use bind on my network as DNS Server. Running bind 1:9.6.ESV.R4+dfsg-0+lenny4 on Debian Lenny. The setup is quite usual : one master server with one slave server. The slave sync

Re: Master/slave configuration

On 3/7/12 9:15 AM, Barry Margolin bar...@alum.mit.edu wrote: In article mailman.166.1331112226.63724.bind-us...@lists.isc.org, ro...@free.fr wrote: I use bind on my network as DNS Server. Running bind 1:9.6.ESV.R4+dfsg-0+lenny4 on Debian Lenny. The setup is quite usual : one master server

Re: Master/slave configuration

On linux boxes, adding options rotate to the /etc/resolv.conf helps. Lyle Giese LCR Computer Services, Inc. On 03/07/12 06:54, Bostjan Skufca wrote: Problem is, most of client resolvers (not resolving nameservers, but resolvers on workstations etc) query first specified nameserver first,

Master slave configuration of DNSSEC

Hi all, I have a question regarding configuration of DNSSEC. If I intend to sign a particular zone which has master and a slave, would I have to sign both? If yes , how would I accomplish this? Will I have to sign both the master and the slave zone with the same set of keys (public and

Re: Master slave configuration of DNSSEC

On Sat, May 1, 2010 at 11:32 AM, Sajeev Ramakrishnan kalpesh.l...@gmail.com wrote: I have a question regarding configuration of DNSSEC. If I intend to sign a particular zone which has master and a slave, would I have to sign both? No. Assuming you've correctly setup zone xfers from master to