On Tue, Jun 14, 2016 at 07:55:34AM -0700, Chris H wrote:
> I'm playing catchup on my INBOX, so apologies in advance, if this has
> already been satisfactorily answered...
> On Mon, 6 Jun 2016 16:50:18 +0300 Slawa Olhovchenkov wrote
> ...
> > What I am missing?
> > Need to fix unbound setup scripts
I'm playing catchup on my INBOX, so apologies in advance, if this has
already been satisfactorily answered...
On Mon, 6 Jun 2016 16:50:18 +0300 Slawa Olhovchenkov wrote
> On Mon, Jun 06, 2016 at 09:33:02AM -0400, Lowell Gilbert wrote:
>
> > Slawa Olhovchenkov writes:
> >
> > > On Fri, Jun 03,
On Tue, Jun 14, 2016 at 07:55:34AM -0700, Chris H wrote:
> I'm playing catchup on my INBOX, so apologies in advance, if this has
> already been satisfactorily answered...
Main question not about how I am can resolve my current issuse.
Main question about deadloop after setup.
> On Mon, 6 Jun 201
On Fri, Jun 10, 2016 at 03:10:10PM -0400, Lowell Gilbert wrote:
> Slawa Olhovchenkov writes:
>
> > On Thu, Jun 09, 2016 at 02:31:17PM -0400, Lowell Gilbert wrote:
> >
> >> Slawa Olhovchenkov writes:
> >>
> >> > On Thu, Jun 09, 2016 at 09:48:25AM -0400, Lowell Gilbert wrote:
> >> >
> >> >> Slaw
On Fri, Jun 10, 2016 at 3:10 PM, Lowell Gilbert <
freebsd-stable-lo...@be-well.ilk.org> wrote:
> Well, we know that is not the case, because in that case nearly everyone
> would be having the problem.
>
That would be the point... maybe not "nearly everyone" although it is hard
to be certain, but
Slawa Olhovchenkov writes:
> On Thu, Jun 09, 2016 at 02:31:17PM -0400, Lowell Gilbert wrote:
>
>> Slawa Olhovchenkov writes:
>>
>> > On Thu, Jun 09, 2016 at 09:48:25AM -0400, Lowell Gilbert wrote:
>> >
>> >> Slawa Olhovchenkov writes:
>> >>
>> >> > On Thu, Jun 09, 2016 at 02:29:09PM +0100, kr
On Fri, Jun 10, 2016 at 12:53:04PM +0100, krad wrote:
> Pretty much every box requires some form of configuration so its a moot
> point. IF you want automated deployment you will almost certainly be
> building a pxe or prepreared usb/cd image of some sort. In which case you
> include these setting
Pretty much every box requires some form of configuration so its a moot
point. IF you want automated deployment you will almost certainly be
building a pxe or prepreared usb/cd image of some sort. In which case you
include these settings in the deployed rc.conf.
On 9 June 2016 at 14:37, Slawa Olho
On Thu, Jun 09, 2016 at 02:31:17PM -0400, Lowell Gilbert wrote:
> Slawa Olhovchenkov writes:
>
> > On Thu, Jun 09, 2016 at 09:48:25AM -0400, Lowell Gilbert wrote:
> >
> >> Slawa Olhovchenkov writes:
> >>
> >> > On Thu, Jun 09, 2016 at 02:29:09PM +0100, krad wrote:
> >> >
> >> >> I doubt that w
Slawa Olhovchenkov writes:
> On Thu, Jun 09, 2016 at 09:48:25AM -0400, Lowell Gilbert wrote:
>
>> Slawa Olhovchenkov writes:
>>
>> > On Thu, Jun 09, 2016 at 02:29:09PM +0100, krad wrote:
>> >
>> >> I doubt that will happen as you are asking to pollute every release
>> >> installation for an edg
On Thu, Jun 09, 2016 at 09:48:25AM -0400, Lowell Gilbert wrote:
> Slawa Olhovchenkov writes:
>
> > On Thu, Jun 09, 2016 at 02:29:09PM +0100, krad wrote:
> >
> >> I doubt that will happen as you are asking to pollute every release
> >> installation for an edge condition when there is numerous wo
Slawa Olhovchenkov writes:
> On Thu, Jun 09, 2016 at 02:29:09PM +0100, krad wrote:
>
>> I doubt that will happen as you are asking to pollute every release
>> installation for an edge condition when there is numerous work arounds
>> that would be acceptable to most. eg two lines in rc.conf wil
On Thu, Jun 09, 2016 at 02:29:09PM +0100, krad wrote:
> I doubt that will happen as you are asking to pollute every release
> installation for an edge condition when there is numerous work arounds
> that would be acceptable to most. eg two lines in rc.conf will fix the
> issue.
This manual edi
I doubt that will happen as you are asking to pollute every release
installation for an edge condition when there is numerous work arounds
that would be acceptable to most. eg two lines in rc.conf will fix the
issue.
On 9 June 2016 at 09:04, Slawa Olhovchenkov wrote:
> On Thu, Jun 09, 2016 at
On Thu, Jun 09, 2016 at 08:39:42AM +0100, krad wrote:
> googles will be pretty static, but i would just use them as a one off, ie
> with ntpdate
i am talk about freebsd system/project.
>
> On 8 June 2016 at 10:48, Slawa Olhovchenkov wrote:
>
> > On Wed, Jun 08, 2016 at 02:29:29AM +0200, Dag-E
googles will be pretty static, but i would just use them as a one off, ie
with ntpdate
On 8 June 2016 at 10:48, Slawa Olhovchenkov wrote:
> On Wed, Jun 08, 2016 at 02:29:29AM +0200, Dag-Erling Smørgrav wrote:
>
> > Slawa Olhovchenkov writes:
> > > IMHO, ntp.conf need to include some numeric IP
On Wed, Jun 08, 2016 at 02:29:29AM +0200, Dag-Erling Smørgrav wrote:
> Slawa Olhovchenkov writes:
> > IMHO, ntp.conf need to include some numeric IP of public ntp servers.
>
> https://en.wikipedia.org/wiki/NTP_server_misuse_and_abuse
> https://en.wikipedia.org/wiki/Poul-Henning_Kamp#Dispute_with
Slawa Olhovchenkov writes:
> IMHO, ntp.conf need to include some numeric IP of public ntp servers.
https://en.wikipedia.org/wiki/NTP_server_misuse_and_abuse
https://en.wikipedia.org/wiki/Poul-Henning_Kamp#Dispute_with_D-Link
DES
--
Dag-Erling Smørgrav - d...@des.no
_
On Tue, 07 Jun 2016 12:43:35 +0200, Slawa Olhovchenkov
wrote:
On Tue, Jun 07, 2016 at 11:35:59AM +0100, krad wrote:
Like i said you could configure ntpdate as well as ntpd, but give it a
known good ip. It will only run once at boot, and ntpd will start after
so
that can use the nice pool
On Tue, Jun 07, 2016 at 04:56:47PM +0200, Ronald Klop wrote:
> On Tue, 07 Jun 2016 12:43:35 +0200, Slawa Olhovchenkov
> wrote:
>
> > On Tue, Jun 07, 2016 at 11:35:59AM +0100, krad wrote:
> >
> >> Like i said you could configure ntpdate as well as ntpd, but give it a
> >> known good ip. It will
running this at boot time may help as well
unbound-control set_option val-permissive-mode: yes
then after ntpd has started up run this
unbound-control set_option val-permissive-mode: no
Yes work around's, but work around's work by definition.
On 7 June 2016 at 15:00, krad wrote:
> it's a n
it's a non solvable problem though as its a deadlock. You have to remove
one of the criteria in order to fix the issue automatically.
On 7 June 2016 at 14:32, Slawa Olhovchenkov wrote:
> On Tue, Jun 07, 2016 at 07:29:32AM -0600, Ian Lepore wrote:
>
> > On Tue, 2016-06-07 at 12:10 +0100, krad wro
On Tue, 2016-06-07 at 12:10 +0100, krad wrote:
> whops that should be
>
> ntpdate_hosts not servers
>
These suggestions are essentially insane because they're ignoring the
basic fact that the freebsd installer creates a non-working system. If
unbound requires DNSSEC, and DNSSEC requires good ti
On Tue, Jun 07, 2016 at 07:29:32AM -0600, Ian Lepore wrote:
> On Tue, 2016-06-07 at 12:10 +0100, krad wrote:
> > whops that should be
> >
> > ntpdate_hosts not servers
> >
>
> These suggestions are essentially insane because they're ignoring the
> basic fact that the freebsd installer creates a
whops that should be
ntpdate_hosts not servers
On 7 June 2016 at 12:09, krad wrote:
> something as simple as this thrown in /etc/periodic/daily/ would probably
> do it.
>
> #!/bin/sh
> ip=`dig pool.ntp.org +short | head -1'
> cp /etc/hosts /etc/hosts.old &&
> sed -e "s/.*ntp-server/$ip ntp-se
something as simple as this thrown in /etc/periodic/daily/ would probably
do it.
#!/bin/sh
ip=`dig pool.ntp.org +short | head -1'
cp /etc/hosts /etc/hosts.old &&
sed -e "s/.*ntp-server/$ip ntp-server/" /etc/hosts.old > /etc/hosts
with these lines in rc.conf
ntpdate_enable=yes
ntpdate_servers="
On Tue, Jun 07, 2016 at 11:35:59AM +0100, krad wrote:
> Like i said you could configure ntpdate as well as ntpd, but give it a
> known good ip. It will only run once at boot, and ntpd will start after so
> that can use the nice pool names.
>
> A slightly better way maybe to give ntpdate a server
Like i said you could configure ntpdate as well as ntpd, but give it a
known good ip. It will only run once at boot, and ntpd will start after so
that can use the nice pool names.
A slightly better way maybe to give ntpdate a server hostname like
ntp-server and populated the hosts file with one of
On Tue, Jun 07, 2016 at 09:00:29AM +0100, krad wrote:
> Well there is a deadlock situation there so you have to relax one of the
> conditions, for one time at least.
>
> Your best bet is to do a manual ntpdate against a fixed ip of known
> goodness. If you have a lot of machines you need to do th
Well there is a deadlock situation there so you have to relax one of the
conditions, for one time at least.
Your best bet is to do a manual ntpdate against a fixed ip of known
goodness. If you have a lot of machines you need to do this on, use ansible
or similar to do the heavy lifting for you. An
On Mon, Jun 06, 2016 at 09:33:02AM -0400, Lowell Gilbert wrote:
> Slawa Olhovchenkov writes:
>
> > On Fri, Jun 03, 2016 at 02:34:18PM -0400, Lowell Gilbert wrote:
> >
> >> Slawa Olhovchenkov writes:
> >>
> >> > Default install with local_unbound and ntpd can't be functional with
> >> > incorre
Slawa Olhovchenkov writes:
> On Fri, Jun 03, 2016 at 02:34:18PM -0400, Lowell Gilbert wrote:
>
>> Slawa Olhovchenkov writes:
>>
>> > Default install with local_unbound and ntpd can't be functional with
>> > incorrect date/time in BIOS:
>> >
>> > Unbound requred correct time for DNSSEC check and
On Fri, Jun 03, 2016 at 02:34:18PM -0400, Lowell Gilbert wrote:
> Slawa Olhovchenkov writes:
>
> > Default install with local_unbound and ntpd can't be functional with
> > incorrect date/time in BIOS:
> >
> > Unbound requred correct time for DNSSEC check and refuseing queries
> > ("Jul 1 20:17:2
Slawa Olhovchenkov writes:
> Default install with local_unbound and ntpd can't be functional with
> incorrect date/time in BIOS:
>
> Unbound requred correct time for DNSSEC check and refuseing queries
> ("Jul 1 20:17:29 yellowrat unbound: [3444:0] info: failed to prime
> trust anchor -- DNSKEY rr
Default install with local_unbound and ntpd can't be functional with
incorrect date/time in BIOS:
Unbound requred correct time for DNSSEC check and refuseing queries
("Jul 1 20:17:29 yellowrat unbound: [3444:0] info: failed to prime trust
anchor -- DNSKEY rrset is not secure . DNSKEY IN")
ntpd
35 matches
Mail list logo