On 8/14/19 4:21 PM, Brian Sullivan wrote:
> We have a requirement to not allow negotiation of TLS version to go
> below 1.2. Is there a way to configure TLS so that it will only
> negotiate version 1.2 or above?
It looks like we don't support that explicitly.. You could probably work
something
Thanks! Before I do that let me make sure it doesn't already exist in some
form.
We have a requirement to not allow negotiation of TLS version to go below
1.2. Is there a way to configure TLS so that it will only negotiate version
1.2 or above?
Regards,
brian
On Wed, Aug 14, 2019 at 4:20 AM
In reply to frank+p...@tembo.be
> Hi Leo,
>
> By quickly glancing at the code, I don???t think there???s a way to set the
> source ip right now. However, you can probably solve this using the ip
> routing (and/or firewalling) table(s) on the node itself: set the source ip
> for all
Hi,
> Thanks! If you don't mind it might be useful to submit a pull request to
> the metronome repository instead [1] to add it in, for example, a
> contrib/ directory?
>
> [1]: https://github.com/ahupowerdns/metronome
>
The patch is against the ports (the OS's packaging system), not dnsdist
Hi Chris,
On 8/14/19 2:58 AM, Chris wrote:
> For this issue I have not been able to make any progress yet. I have
> asked my colleagues for help as I am a network admin by trade, something
> they found that may be potentially related is this kernel bug:
>
>
Hi Frank,
On 8/13/19 4:59 PM, Lichtnau Frank wrote:
> I think, it has to be with 'high latencies'.
>
> I have:
> - 1 pool (winmls) for windows-ad-dns-queries
> - 1 pool (mls) for rest of our internal domain
> - and a dns-forwarder (with 3 listener) for external dns-queries.
>
> The pools work
Hi Gentian,
On 8/12/19 10:20 AM, Gentian Bajraktari wrote:
> Just did, its showing on metronome: Gentian-DNSDIST-TEST
Thank you, I see it! Unfortunately it looks like your test was quite
short and metronome reduces the precision after a few hours so I'm not
sure I see the whole picture, but it
Hi,
I setup debain 9 (Kernel 4.9.0-9) and install package dnsdist 1.1.0 from debian
repository.
There I got the same problem like
https://mailman.powerdns.com/pipermail/dnsdist/2019-August/000627.html.
After a while drops starts and count high from this moment.
restart dnsdist solve the
Hi Klaus,
On 8/13/19 9:31 PM, Klaus Darilion wrote:
> My results were:
> 1 VM with 4vCPUs. The VM runs NSD and PDNS/PGSQL. DNSDIST forwards some
> zones to NSD, others to PDNS/PGSQL
>
> PDNS with cached responses: 40.000 q/s
> PDNS random labels: 9.000 q/s
> NSD: 65.000 q/s
>
> 1. dnsdist with
Hi Brian,
On 8/13/19 7:28 PM, Brian Sullivan wrote:
> I am running dnsdist 1.4.0-rc1 and I am seeing something odd. As a test
> I have the following rule configured.
>
> addAction(MaxQPSIPRule(2, 32, 48), DelayAction(500))
>
> and I run 100 queries at 10 per second and my statistics from my
Hi Leo,
On 8/13/19 5:40 PM, Leo Vandewoestijne wrote:
> This message is not dnsdist specifically, but about metronome.
> Still I though this channel would be the most appropriate.
>
> I just wrote an rc.d script for the metronome port in FreeBSD.
>
> If you happen to be interrested in both,
Hi Brian,
On 8/13/19 4:49 PM, Brian Sullivan wrote:
> I'd like to know where I should submit a feature request and what that
> process might be?
The usual process is to open a new feature request on our Github
repository [1], filling the corresponding parts of the template.
It provides the
Hi,
Submitting an issue to https://github.com/PowerDNS/pdns would be a
first step.
But it does not hurt to discuss the feature here. Maybe there's a
solution to your problem possible without a new feature.
-Otto
On Tue, Aug 13, 2019 at 10:49:59AM -0400, Brian Sullivan wrote:
> Hi,
>
Hi,
On 8/14/19 9:47 AM, frank+p...@tembo.be wrote:
> By quickly glancing at the code, I don’t think there’s a way to set the
> source ip right now. However, you can probably solve this using the ip
> routing (and/or firewalling) table(s) on the node itself: set the source
> ip for all connections
Hi Leo,
By quickly glancing at the code, I don’t think there’s a way to set the source
ip right now. However, you can probably solve this using the ip routing (and/or
firewalling) table(s) on the node itself: set the source ip for all connections
to that particular destination ip.
Regards,
15 matches
Mail list logo
