This node is running with IPv6-only.
Since I did not have IPv4, I initially only commented the constraint
with IPv4 . But it was not enough.
Then I realised that pool.ntp.org doesn't include a record.
That is ntppool's decision.
I ended up by commenting the servers line and added
Stuart Henderson wrote:
> On 2024-02-15, Rudolf Sykora wrote:
> > Josh Grosse wrote:
> >> On Thu, Feb 15, 2024 at 02:15:07PM +0100, rsyk...@disroot.org wrote:
> >> > my computer is connected to a LAN, from which it obtains its
> >> > IP and als
On 2024-02-15, Rudolf Sykora wrote:
> Josh Grosse wrote:
>> On Thu, Feb 15, 2024 at 02:15:07PM +0100, rsyk...@disroot.org wrote:
>> > my computer is connected to a LAN, from which it obtains its
>> > IP and also local-DNS-server IP via DHCP. The latter is then
>>
Josh Grosse wrote:
> On Thu, Feb 15, 2024 at 02:15:07PM +0100, rsyk...@disroot.org wrote:
> > my computer is connected to a LAN, from which it obtains its
> > IP and also local-DNS-server IP via DHCP. The latter is then
> > inserted into /etc/resolv.conf by, I believe, reso
On Thu, Feb 15, 2024 at 02:15:07PM +0100, rsyk...@disroot.org wrote:
> my computer is connected to a LAN, from which it obtains its
> IP and also local-DNS-server IP via DHCP. The latter is then
> inserted into /etc/resolv.conf by, I believe, resolvd. The
> computer is furthermore c
Dear list,
my computer is connected to a LAN, from which it obtains its
IP and also local-DNS-server IP via DHCP. The latter is then
inserted into /etc/resolv.conf by, I believe, resolvd. The
computer is furthermore connected via wireguard VPN to
another network with its own DNS server, serving
On Wed, February 14, 2024 4:44 am, Peter J. Philipp wrote:
> ...
>
> * I'm not a cryptographer, mathematician nor do I program DNS on the
> recursive end. I program on the authoritative server end, where you can't
> do anything about something like a MITM anyhow. Donald Knuth an
On 2/14/2024 6:27 AM, Willy Manga wrote:
I'm running ntp-4.2.8pl10p6 on openbsd7.4 .. I saw messages like this one
"ntpd[26862]: DNS lookup tempfail"
This node is running with IPv6-only.
Perhaps you could use DNS64+NAT64.
It's quite easy to set up a DNS64 server and a stat
Stuart Henderson wrote:
> You need to use one of the "2." pool addresses, e.g.
>
> global:
>
> 2.pool.ntp.org
>
> regional:
>
> 2.africa.pool.ntp.org
> 2.asia.pool.ntp.org
> 2.europe.pool.ntp.org
> 2.north-america.pool.ntp.org
> 2.oceania.pool.ntp.org
> 2.south-america.pool.ntp.org
>
>
> its own level the user experience.
OpenBSD has nothing to fix. We are not the ones curating what the DNS
records translate to.
Otto Moerbeek wrote:
> On Wed, Feb 14, 2024 at 04:55:20AM +0100, b...@fea.st wrote:
>
> > “A single packet can exhaust the processing
> > capacity of a vulnerable DNS server, effectively
> > disabling the machine, by exploiting a
> > 20-plus-year
On Tue, Feb 13, 2024, at 9:55 PM, b...@fea.st wrote:
> “A single packet can exhaust the processing
> capacity of a vulnerable DNS server, effectively
> disabling the machine, by exploiting a
> 20-plus-year-old design flaw in the DNSSEC
> specification.
>
> https://www.there
On 2024-02-14, Willy Manga wrote:
> I'm running ntp-4.2.8pl10p6 on openbsd7.4 .. I saw messages like this one
That's mostly not recommended, openntpd (in base) is generally a better
idea for OpenBSD systems...
> "ntpd[26862]: DNS lookup tempfail"
...though that looks like an
On 14/02/2024 09:31, Theo de Raadt wrote:
Willy Manga wrote:
Is it possible the default ntpd.conf file use something like
"servers openbsd.pool.ntp.org" and of course have openbsd.pool.ntp.org
looking for IPv6 nodes?
Not going to happen.
Fine. Can we at least have a workaround from the
On Wed, Feb 14, 2024 at 04:55:20AM +0100, b...@fea.st wrote:
> “A single packet can exhaust the processing
> capacity of a vulnerable DNS server, effectively
> disabling the machine, by exploiting a
> 20-plus-year-old design flaw in the DNSSEC
> specification.
>
> https:
Willy Manga wrote:
> Is it possible the default ntpd.conf file use something like
>
> "servers openbsd.pool.ntp.org" and of course have openbsd.pool.ntp.org
> looking for IPv6 nodes?
Not going to happen.
Hello.
I'm running ntp-4.2.8pl10p6 on openbsd7.4 .. I saw messages like this one
"ntpd[26862]: DNS lookup tempfail"
This node is running with IPv6-only.
Since I did not have IPv4, I initially only commented the constraint
with IPv4 . But it was not enough.
Then
On 2/14/24 04:55, b...@fea.st wrote:
“A single packet can exhaust the processing
capacity of a vulnerable DNS server, effectively
disabling the machine, by exploiting a
20-plus-year-old design flaw in the DNSSEC
specification.
https://www.theregister.com/2024/02/13
“A single packet can exhaust the processing
capacity of a vulnerable DNS server, effectively
disabling the machine, by exploiting a
20-plus-year-old design flaw in the DNSSEC
specification.
https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
I was using unwind, but i changed over to use unbound instead and so i
noticed the changes made in resolv.conf by resolvd.
On 1/3/24 13:37, Stuart Henderson wrote:
On 2024-01-03, Peter Wens wrote:
Hi Otto,
I checked it, and yes it's slaacd
...
rdns_proposal_state_transition[vio0]
On 2024-01-03, Peter Wens wrote:
> Hi Otto,
>
> I checked it, and yes it's slaacd
>
> ...
> rdns_proposal_state_transition[vio0] PROPOSAL_NOT_CONFIGURED ->
> PROPOSAL_CONFIGURED, timo: 3588
> gen_rdns_proposal: iface 1: fe80::f...
> ...
>
> Don't know how to disable this (e.g. vultr), so for now
eek wrote:
On Wed, Jan 03, 2024 at 12:15:04PM +0100, Peter Wens wrote:
Hi,
I noticed that ignoring nameservers from leases only works
on IPv4 addresses.
in /etc/dhcpleased.conf
interface vio0 {
ignore dns
}
resolvd still adds a IPv6 nameserver
nameserver 2001:19f0:300:1704::6 # reso
On Wed, Jan 03, 2024 at 12:15:04PM +0100, Peter Wens wrote:
> Hi,
>
> I noticed that ignoring nameservers from leases only works
> on IPv4 addresses.
>
> in /etc/dhcpleased.conf
>
> interface vio0 {
> ignore dns
> }
>
> resolvd still adds a IPv6 name
Hi,
I noticed that ignoring nameservers from leases only works
on IPv4 addresses.
in /etc/dhcpleased.conf
interface vio0 {
ignore dns
}
resolvd still adds a IPv6 nameserver
nameserver 2001:19f0:300:1704::6 # resolvd: vio0
Is this intentional?
Best regards,
Peter
On 2023-12-27, hammer2_zfs wrote:
> Why "OpenBSD packages" did not have a py3-certbot-dns-cloudflare.
Because nobody was interested enough in it to write a port and get it
committed.
Hmmm, I don't believe "inconvenience" for an OpenBSD user motivates folks who
create OpenBSD packages.
Look at this another way, you could create
py3-certbot-dns-cloudflare package, and submit it to OpenBSD ports list for
inclusion as a supported package, with you as the developer.
hi, dears;-)
I'm using the OpenBSD 7.4 and snapshots.
recently, I was trying the pkg_add certbot certbot-dns-cloudflare.
pkg_add certbot was ok. but, pkg_add certbot-dns-cloudflare was fail.
(it was need a pip. it must be pkg_add py3-certbot-dns-cloudflare. but same
things. )
I was more trying
>you claim the SOA serial being a timestamp would have helped in
diagnosis.
Actually, I did not.
tux2bsd:
>> The SOA record could do with some attention too.
...
>> That is true but it doesn't help when trouble shooting.
Those comments were simply an observation passed along after
I raised the
On Fri, Nov 17, 2023 at 07:14:58AM +, tux2bsd wrote:
> I understand you're choosing to be ornery about
> the SOA record. Seems to matter more to you lot
> than to me, given the defense being run around it.
You claim the SOA serial being a timestamp would have helped in
diagnosis. It would
I understand you're choosing to be ornery about
the SOA record. Seems to matter more to you lot
than to me, given the defense being run around it.
> The issue was spotted
You're welcome.
Only 1 of your 10 name servers was returning an
A record, when I raised the issue.
> and fixed.
What
g again" thanks for you
insight. We never would have thouhgt that up.
In this case using a time based SOA serial would have only told you
when the last working zone was created as the primary DNS was
ServFailing and the secondaries kept on serving what they had for the
SOA expiry period.
As for the conta
> > Stuart Henderson wrote:
> well, if you're nitpicking things which don't matter
I would have rather not have needed to look at all.
Useful: when was a change made, who to contact.
(strangely enough, easy to provide via SOA)
OpenBSD list: fuck that, deflection is more fun
>> Host openbsd.org
On 2023-11-16, tux2bsd wrote:
> Stuart Henderson wrote:
>> > Convention is either date of last update MMDDNN or, date +%s
>> > 1218140044 is neither.
>>
>>
>> Serial can be absolutely anything the admin wants to use as long as they
>> follow the rules for rollover
>
> That is true but it
address that can be used. As the RNAME "feature" of DNS is broken, that
is a good option.
> SERIAL:
>
> Convention is either date of last update MMDDNN or, date +%s
>
> 1218140044 is neither.
It's a convention, and every admin can decide which numbering scheme works for
her/him.
Greetings
Carsten
Stuart Henderson wrote:
> > Convention is either date of last update MMDDNN or, date +%s
> > 1218140044 is neither.
>
>
> Serial can be absolutely anything the admin wants to use as long as they
> follow the rules for rollover
That is true but it doesn't help when trouble shooting.
> (btw
On 2023-11-16, tux2bsd wrote:
It'd be good to sort this, a bit of a meta remote hole...
>
> Maybe I could have said "remote black hole".
>
> Otto:
>>> The persons capable of fixing this are traveling right now
>> (and openbsd.org does have an A record).
>> things are fixed now
>
> You're
>>> It'd be good to sort this, a bit of a meta remote hole...
Maybe I could have said "remote black hole".
Otto:
>> The persons capable of fixing this are traveling right now
> (and openbsd.org does have an A record).
> things are fixed now
You're welcome.
The SOA record could do with some
On Wed, Nov 15, 2023 at 11:49:05AM +, Craig Skinner wrote:
> Hello,
>
> OpenBSD's root A record was deliberately removed about 5-10 years ago.
>
> The website is http://www.openbsd.org, not http://openbsd.org
>
> I can't find the thread of complaints from the time it changed.
>
> Cheers,
Hello,
OpenBSD's root A record was deliberately removed about 5-10 years ago.
The website is http://www.openbsd.org, not http://openbsd.org
I can't find the thread of complaints from the time it changed.
Cheers,
Craig.
gt; Address: 199.185.230.19#53
> Aliases:
>
> Host openbsd.org not found: 2(SERVFAIL)
> $ host -t a openbsd.org 199.185.230.18
> Using domain server:
> Name: 199.185.230.18
> Address: 199.185.230.18#53
> Aliases:
>
> Host openbsd.org not found: 2(SERVFAIL)
>
>
a openbsd.org 199.185.230.18
Using domain server:
Name: 199.185.230.18
Address: 199.185.230.18#53
Aliases:
Host openbsd.org not found: 2(SERVFAIL)
Web page tool:
https://dnschecker.org/all-dns-records-of-domain.php?query=openbsd.org=A=dnsauth
Stuart Henderson wrote:
> There is a complication in Kaya's case because if my handle on the
> config is correct, there are likely to be nameservers learned from
> both DHCP (in one rdomain) and PPPOE (in another), but they won't
> work on the opposite connection.
>
> In this situation I would
ht have even been
> triggered by my altering of the pf.conf file... they are the only two
> things that I have been touching.
resolv does not care about how many special route messages it receives
about the DNS resolver. Each time it receives one, it will update
resolv.conf to contain the ne
On 2023/04/12 13:20, Theo de Raadt wrote:
> Stuart Henderson wrote:
>
> > On 2023-04-11, Theo de Raadt wrote:
> > > Kaya Saman wrote:
> > >
> > >> This somehow is overriding my resolv.conf file; another words the
> > >> information is *not* being used from resolv.conf and is instead being
> >
for years.
I accept maybe i fiddled with things and caused unwanted behavior... it
can happen.
All I was trying to figure out is why the resolv.conf file was not being
used and instead the information obtained through ipcp was being used
for dns lookups. If I had caused it that's fine bu
Stuart Henderson wrote:
> On 2023-04-11, Theo de Raadt wrote:
> > Kaya Saman wrote:
> >
> >> This somehow is overriding my resolv.conf file; another words the
> >> information is *not* being used from resolv.conf and is instead being
> >> used from the ipcp negotiation as part of the pppoe
On 2023-04-11, Theo de Raadt wrote:
> Kaya Saman wrote:
>
>> This somehow is overriding my resolv.conf file; another words the
>> information is *not* being used from resolv.conf and is instead being
>> used from the ipcp negotiation as part of the pppoe kernel module.
>
> then the pppoe code
Kaya Saman wrote:
> This somehow is overriding my resolv.conf file; another words the
> information is *not* being used from resolv.conf and is instead being
> used from the ipcp negotiation as part of the pppoe kernel module.
then the pppoe code should submit a RTM_PROPOSAL route message ...
Thanks Stu, and everyone else who responded :-)
On 4/11/23 09:01, Stuart Henderson wrote:
On 2023-04-10, Kaya Saman wrote:
On 4/10/23 16:24, Daniele B. wrote:
Apr 10, 2023 12:52:22 Kaya Saman :
how do I override OpenBSD's
behavior to explicitly not use the dns servers obtained through
On 2023-04-10, Kaya Saman wrote:
>
> On 4/10/23 16:24, Daniele B. wrote:
>> Apr 10, 2023 12:52:22 Kaya Saman :
>>
>>>>> how do I override OpenBSD's
>>>>> behavior to explicitly not use the dns servers obtained through ipcp but
>>>>>
On 4/10/23 16:24, Daniele B. wrote:
Apr 10, 2023 12:52:22 Kaya Saman :
how do I override OpenBSD's
behavior to explicitly not use the dns servers obtained through ipcp but
instead use the ones form the resolv.conf file?
My solution both for security reasons (I'm using unbound
Apr 10, 2023 12:52:22 Kaya Saman :
>>> how do I override OpenBSD's
>>> behavior to explicitly not use the dns servers obtained through ipcp but
>>> instead use the ones form the resolv.conf file?
My solution both for security reasons (I'm using unbound)
for for pra
On 4/10/23 11:40, Jonathan Gray wrote:
On Mon, Apr 10, 2023 at 11:26:22AM +0100, Kaya Saman wrote:
Hi,
I'll ask the second question first as it might be easier to implement...
Currently I have found that the dns servers specified in the resolv.conf
file are not being used. Instead my
On Mon, Apr 10, 2023 at 11:26:22AM +0100, Kaya Saman wrote:
> Hi,
>
>
> I'll ask the second question first as it might be easier to implement...
>
>
> Currently I have found that the dns servers specified in the resolv.conf
> file are not being used. Instead my machine
Hi,
I'll ask the second question first as it might be easier to implement...
Currently I have found that the dns servers specified in the resolv.conf
file are not being used. Instead my machine is prioritizing the ISP
obtained servers from the ipcp protocol through the kernel ppp service
On 09/15/22 04:18PM, Stuart Henderson wrote:
> On 2022-09-15, David A. Pocock wrote:
> > From the unwind manpage:
> >
> >> unwind sends DNS queries to nameservers to answer queries and switches to
> >> resolvers learned from dhclient(8), dhcpleased(8) or slaa
On 2022-09-15, David A. Pocock wrote:
> From the unwind manpage:
>
>> unwind sends DNS queries to nameservers to answer queries and switches to
>> resolvers learned from dhclient(8), dhcpleased(8) or slaacd(8) if it
>> detects that DNS queries are blocked by the loca
ce was:
>
> "[!] WARNING: unwind will leak DNS queries"
>
> I was not able to find any discussion of this on the internet.
https://github.com/WireGuard/wireguard-tools/commit/84ac6add7e
> My purpose in using unwind is to reduce the need for third-party DNS
>
>From the unwind manpage:
> unwind sends DNS queries to nameservers to answer queries and switches to
> resolvers learned from dhclient(8), dhcpleased(8) or slaacd(8) if it
> detects that DNS queries are blocked by the local network.
Perhaps the warning us to let you know that
Hello,
I was hoping to get some clarification on a warning I noticed today
after running wg-quick (part of wireguard-tools) to connect to a
commercial VPN provider. I run OpenBSD 7.1, with all the patches
installed.
The notice was:
"[!] WARNING: unwind will leak DNS queries"
I wa
Ali Farzanrad wrote:
> Hi,
>
> I have a wireguard configuration in my system with local unbound dns
> resolver. In the past, I'd configured my wireguard as a separated
> rdomain, so whenever I needed to run my browser, I did one of these 2
> options:
>
> 1. change /
Hi,
I have a wireguard configuration in my system with local unbound dns
resolver. In the past, I'd configured my wireguard as a separated
rdomain, so whenever I needed to run my browser, I did one of these 2
options:
1. change /etc/resolv.conf and user a global dns resolver,
2. run
63459084214897=2
Stefan,
Thanks,
mv /etc/firmware/iwm-7265D-29 /etc/firmware/iwm-7265D-29.orig
cp /etc/firmware/iwm-7265-17 /etc/firmware/iwm-7265D-29
and a reboot has improved things considerably!
The odd DNS timeout still gets logged but for all I know it always did
that running OpenBS
On Tue, Dec 14, 2021 at 12:49:14PM +, Dave Turner wrote:
> I have searched the web and tried various things but so far nothing
> fixes it.
This should help: https://marc.info/?l=openbsd-bugs=163459084214897=2
the Ethernet via USB has not
failed so far.
I turn off iwm0 using
doas ifconfig iwm0 down
and then use an external USB to ethernet connector.
I have searched the web and tried various things but so far nothing
fixes it.
The release notes for 7.0 show both DNS and iwm0 have been changed
and make sure there is a route to Route to your Internal DNS servers
over the VPNs
Or
a policy that covers the DNS servers ip range if it is an Ipsec
policy based vpn
Hope this helps
On Tue, 20 Jul 2021 at 13:15, Timo Myyrä wrote:
>
> Stuart Henderson [2021-07-20, 11:24 +]:
>
&g
Stuart Henderson [2021-07-20, 11:24 +]:
> On 2021-07-20, Timo Myyrä wrote:
>
>> Hi,
>>
>> Just started testing the new dhcleased,resolvd stuff and noticed that
>> DNS resolution won't work correctly once I open my VPN connection. Name
>> r
On 2021-07-20, Timo Myyrä wrote:
> Hi,
>
> Just started testing the new dhcleased,resolvd stuff and noticed that
> DNS resolution won't work correctly once I open my VPN connection. Name
> resolution works for external domains but not for the internal domains
> resolved by the i
Hi,
Just started testing the new dhcleased,resolvd stuff and noticed that
DNS resolution won't work correctly once I open my VPN connection. Name
resolution works for external domains but not for the internal domains
resolved by the interal DNS servers.
I'm using openconnect to setup VPN tunnel
I am using unbound DNS over TLS. I consistently get these error's but have
found little online about what they mean.
/var/log/messages
error: SSL_handshake syscall: Connection reset by peer
I'm probably looking in the wrong place.
Thanks.
Hi,
Yes use PF to separate your clients on the routing machine and then use
the server with the proper DB.
HTH
On 2021-03-25 6:52 a.m., Родин Максим wrote:
Hello,
Is there a way to do split horizon dns using NSD?
I did not find anything similar in man nsd.conf
just run a second nsd on separate (ip)/port, then use unbound as a router
On 3/25/21 12:52 PM, Родин Максим wrote:
> Hello,
> Is there a way to do split horizon dns using NSD?
> I did not find anything similar in man nsd.conf
Hello,
Is there a way to do split horizon dns using NSD?
I did not find anything similar in man nsd.conf
--
Best regards
Maksim Rodin
lish record sets larger than 512 bytes. (This is almost
> always a mistake.)"
>
> I had no need for TCP port 53 to be open. Until month and a half ago
> things worked as expected and I have more important things to do than to
> fix things which don't appear to be broken.
DNS is f
On Sun, Sep 20, 2020 at 10:17:47PM -0400, Predrag Punosevac wrote:
> Nicolai wrote :
>
> > On Sun, Sep 20, 2020 at 12:43:41AM -0400, Predrag Punosevac wrote:
> >
> > > For number of years I had in my /var/unbound/etc/unbound.conf line
> > >
> > > do-tcp: no
> >
> > > To make things worse I
Nicolai wrote :
> On Sun, Sep 20, 2020 at 12:43:41AM -0400, Predrag Punosevac wrote:
>
> > For number of years I had in my /var/unbound/etc/unbound.conf line
> >
> > do-tcp: no
>
> > To make things worse I was blocking port TCP port 53.
>
> Just curious, why did you do that?
When I start
On Sun, Sep 20, 2020 at 12:43:41AM -0400, Predrag Punosevac wrote:
> For number of years I had in my /var/unbound/etc/unbound.conf line
>
> do-tcp: no
> To make things worse I was blocking port TCP port 53.
Just curious, why did you do that?
On my authoritative servers roughly 1 in 1000
ents happened a month and a half ago
> when pkg management tools stopped working on all my FreeBSD file servers
> and jail hosts. After waisting an hour, I got to the bottom of my
> problem. Namely, my caching DNS Unbound resolvers (obviously running of
> OpenBSD) which also serve my
On Sun, Sep 20, 2020 at 12:43:41AM -0400, Predrag Punosevac wrote:
> Could a kind soul who runs DNS for living point me to the documentation
> which I can use to educate myself.
>
>
> Most Kind Regards,
> Predrag Punosevac
Yes it does need TCP. It's part of the proto
servers
and jail hosts. After waisting an hour, I got to the bottom of my
problem. Namely, my caching DNS Unbound resolvers (obviously running of
OpenBSD) which also serve my LAN and DMZ authoritatively could no longer
resolve
pkg.freebsd.org.
After waisting another hour it became clear
le, In the case of a captive portal or floating between APs I
> would like DNS to work on different LANs where outbound DNS queries are
> blocked.
>
> I'm trying to build an isolated network environment in which all traffic
> is routed over an interface with a custom DNS server and no n
Thanks. Your solution works but is not ideal for my situation. The
reason it's not ideal is that one of the rdomains gets its nameserver
from DHCP and I don't think unbound can read this information.
For example, In the case of a captive portal or floating between APs I
would like DNS to work
ion. The
> reason it's not ideal is that one of the rdomains gets its nameserver
> from DHCP and I don't think unbound can read this information.
>
> For example, In the case of a captive portal or floating between APs I
> would like DNS to work on different LANs where outbound DNS que
Hi all,
How can I allow different rdomains to use separate DNS nameservers?
Thanks
oh yeah you will have to adjust the flags for each daemon (to accept a
different
config file for each dns server in each Rdomain...
hope this helps...
On Wed, 27 May 2020 at 23:35, Tom Smyth
wrote:
> howdy,
>
> you can use symbolic links for /etc/rc.d/nsd to /etc/rc.d/nsd1
> an
howdy,
you can use symbolic links for /etc/rc.d/nsd to /etc/rc.d/nsd1
and to/etc/rc.d/nsd2 to /etc/rc.d/nsdn where 1,2 n are your r
domains for your
dns servers (authoritive) or you can use unbound instead of nsd
if it is just a forwarding dns server
then use for a dns server
I also encountered this requirement and created a tool to handle it. It
runs as a non-privileged user and is independent of dhclient and the like.
My DNS zones are hosted in AWS, so it uses their API. No other DNS
providers are supported.
https://github.com/jsleeio/ru1
I'm much more sysadmin
I've thought about this as welland would love to use native
OpenBSD tools for the job.
Just a design idea:
1. Use dhcpd(8) synchronization
(https://man.openbsd.org/dhcpd.8#SYNCHRONISATION) to send details of
dhcp leases to a DNS creator/listener.
2. The dns creator/listener creates/updates
I use dnsmasq (an openbsd package) on the gateway for my lab ethernet
network and it works great with minimal configuration as a local DNS
server. At home I have a Synology wireless router which does the same
as long as you tell it to make DNS reservations. Your mileage may
vary with cheaper
On 2020-04-25 15:00, bofh wrote:
> Hi,
> I searched through the archives and saw a couple of discussions about using
> Dnsmasq from a long time ago.
>
> Is that the best way to let the stuff in my home to have valid dns entries
> in my home network?
>
> How difficult
bofh writes:
> Hi,
> I searched through the archives and saw a couple of discussions about
> using Dnsmasq from a long time ago.
>
> Is that the best way to let the stuff in my home to have valid dns
> entries in my home network?
I've not worked with dnsmasq so can't com
OpenBSD dhcpd and unbound does not support dynamic dns.
The easyest way is to install isc-dhcp-server and isc-bind from
packages. There are pretty much howtos for this setup.
25.04.2020 22:00, bofh пишет:
Hi,
I searched through the archives and saw a couple of discussions about using
Dnsmasq
Hi,
I searched through the archives and saw a couple of discussions about using
Dnsmasq from a long time ago.
Is that the best way to let the stuff in my home to have valid dns entries
in my home network?
How difficult is it to get the OpenBSD provided dhcpd and unbound to do
this?
Thanks.
On Thu, Jan 23, 2020, Stuart Henderson wrote:
> On 2020-01-22, Claus Assmann wrote:
> > The functional tests for sendmail use ldns-testns as DNS server
> > which provides specific test data and error behaviours.
> > It runs on a port > 1024 to avoid requiring root access.
On 2020-01-22, Claus Assmann wrote:
> The functional tests for sendmail use ldns-testns as DNS server
> which provides specific test data and error behaviours.
> It runs on a port > 1024 to avoid requiring root access.
> There's code in sendmail to set the IP an
Claus Assmann wrote:
> The functional tests for sendmail use ldns-testns as DNS server
> which provides specific test data and error behaviours.
> It runs on a port > 1024 to avoid requiring root access.
you can use a combination of pf.conf rdr-to and 127.0.0.2 etc.
i.e., bind to por
The functional tests for sendmail use ldns-testns as DNS server
which provides specific test data and error behaviours.
It runs on a port > 1024 to avoid requiring root access.
There's code in sendmail to set the IP and port for a NS:
_res.nsaddr_list[0].sin_family = AF_I
On 02/01/2020 5:26 a.m., Jay Hart wrote:
Hey all, and Happy New Years!!!
I am currently using DYN.COM for DNS service. A few months back they changed
there payment
methodology and I am now considering finding another solution. DYN charges me
$5 US monthly so its
not a huge financial burden
I've used Hurricane Electric's free DNS service for years now along with
their Tunnelbroker since my ISP still does not support IPv6 yet.
They also support dynamic updates which works with "ddclient" from the
OpenBSD package repo.
https://dns.he.net/
On Thu, Jan 2, 2020 at 8:25 A
If it is for your personal use only, you can have a look at the Opennic Project.
They have an alternate DNS structure separated for the regular DNS Root. They
provide Dynamic DNS for their .dyn unofficial TDL.
It is free of charge and you need no special client for it to work, only
ftp/curl
1 - 100 of 836 matches
Mail list logo