Hello Måns!
Am 04.01.2020 um 08:24 schrieb Måns Nilsson via nsd-users:
Further, you need a system to manage the "new zone deployment" process,
as well as removal (but adding is more time-critical than removal). I've
used "dper.pl" from Kirei (https://github.com/kirei/dper) to automate
this for
Am 03.01.2020 um 18:04 schrieb Daniel Corbe via nsd-users:
The main issue I'm running into is I want to keep the primary's
interface to the world as simple as possible. At maximum, two hosts
to communicate with. So for that to work, I'd need to somehow
cluster my NSD instances together or
Hi!
The man page mentions xfrdfile option, but I also see directories/files
in /tmp:
darilion@tld-all-vnn1:~$ ls -l /tmp/
drwx-- 2 nsd nsd 4096 Jul 8 11:03 nsd-xfr-683
drwx-- 2 nsd nsd 4096 Jul 8 12:16 nsd-xfr-684
drwx-- 2 nsd nsd 4096 Jul 8 12:02 nsd-xfr-685
drwx-- 2
Hi Anand!
> -Ursprüngliche Nachricht-
> Von: Anand Buddhdev
> Gesendet: Mittwoch, 17. August 2022 12:06
> An: Klaus Darilion ; nsd-users@lists.nlnetlabs.nl
> Betreff: Re: [nsd-users] wrong NSEC3 responses
>
> On 17/08/2022 10:42, Klaus Darilion via nsd-users
Hi Anand!
Thanks for your help.
> > I also tried "nsd-control transfer ", but that also did not
> > triggered an XFR. Only "force_transfer" triggered an XFR. From my
> > understanding, "transfer: try to update slave zones to newer serial"
> > should also trigger an XFR as the primary has a
Hi!
I have upgraded from nsd 4.3.5 to 4.6. After the restart of the server, it
serves an old zone. For example:
NSD 4.3.5:
07:31:13 nsd-pl[811535]: notify for kepno.pl. from X.X.X.20 serial 1660716049
07:31:13 nsd-pl[811535]: notify for kepno.pl. from ::9::5 serial
1660716049
Hi Anand!
> > -> NSD 4.3.5 serves serial 1660716050
>
> NSD has internally updated to serial 1660716050, but not yet saved it to
> disk. By default, NSD writes out zone files only once per hour.
>
> > Now, upgrade to 4.6 and restart NSD:
> > 10:32:04 nsd-pl[1072241]: zone kepno.pl read with
> It also confuses me, that the commited serial is higher than the served
> serial:
> root@tld-all-fam1:/home/darilion# nsd-control -c /etc/nsd/nsd-shared.conf
> zonestatus cy
> zone: cy
> state: ok
> served-serial: "2022081705 since 2022-08-17T12:07:26"
> commit-serial:
Hello!
We upgraded one of our servers from 4.3.5 to 4.6, but had some problems with
XFRs (not yet debugged in detail) and hence went back to 4.3.5.
Since that, one of the served zones periodically reports "update failed"
without any details, but seems to recover itself (more logs below)
Aug 17
Hello!
We noticed that some of our NSD 4.3.5 secondaries answered with incomplete
NSEC3 RRs for NOERROR/NODATA queries. See below. We could fix the issue by
restarting NSD, or by "force_transfer" the zone. I see there are some NSEC3
related changes since 4.3.5, but the commit messages do not
I just created a bug report: https://github.com/NLnetLabs/nsd/issues/227
It seems that this bug does not corrupt the local zone, but prevents that NSD
as Secondary fetches newer zones.
regards
Klaus
___
nsd-users mailing list
Hi Jamie!
> -Ursprüngliche Nachricht-
> Von: Jamie Landeg-Jones
> Gesendet: Mittwoch, 17. August 2022 23:50
> An: nsd-users@lists.nlnetlabs.nl; Klaus Darilion ;
> ana...@ripe.net
> Betreff: Re: [nsd-users] NSD serves old serial after restart
>
> Anand Buddhdev via nsd-users wrote:
>
>
Hello!
We dynamically add secondary zones to NSD, and then test if NSD has fetched the
zone (asking for the SOA). If the zone was not fetched yet, we try to push NSD
to transfer zone faster. But sometimes that does not seem to work. For example
in this case it took 15s to fetch the zone from
onnections for AXFR are delayed to get
> resources. This can be improved by allowing more file descriptors to
> xfrd, configurable in nsd.conf with xfrd-tcp-max.
>
> Best regards, Wouter
>
> On 4/3/23 09:54, Klaus Darilion via nsd-users wrote:
> > Hello!
> >
> >
Hello!
I use NSD 4.7.0 self compiled:
Configure line: --build=x86_64-linux-gnu --prefix=/usr
--includedir=${prefix}/include --mandir=${prefix}/share/man
--infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var
--disable-option-checking --disable-silent-rules
Hi Christof!
AFAIK, PowerDNS is the only open source name server that supports ALIAS. There
was an idea to standardize ALIAS as "ANAME"
(https://datatracker.ietf.org/doc/draft-ietf-dnsop-aname/), but the idea was
dropped in favor of SVCB/HTTPS record
https://datatracker.ietf.org/doc/rfc9460/.
> Jeroen Koekkoek via nsd-users wrote:
>
> > Anand's answer is entirely correct.
> >
> > Once 4.8.0 is released, zone files will be written once per hour by
> > default.
>
> I'm confused now :-)
>
> Arnand said the "database" option is being removed. Does this mean
> the database will always
I have not tested NSD, but usually
*.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
works as you do not have any other labels below that wilrdcard. For example if
you have defined
a.f.8.c.9.b.e.f.f.f.f.e.c.e.e.3.f.2.0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
that would under the hood generate "empty
May it be that the NSD process was restarted, so zonestatus output is the time
where NSD finished loading the zone?
Regards
Klaus
--
Klaus Darilion, Head of Operations
nic.at GmbH, Jakob-Haringer-Straße 8/V
5020 Salzburg, Austria
Von: nsd-users Im Auftrag von Peter
Andreev via nsd-users
19 matches
Mail list logo
