Hi,
Is the following expected or is it a bug?
All the best,
Terry
; This wildcard allows the lookup of test.domain A:
;
*.domain IN A 1.2.3.4
;
; This TLSA record breaks the lookup of test.domain A:
;
_443._tcp.test.domain IN TLSA 1 0 1
Terry Burton t...@terryburton.co.uk wrote:
Is the following expected or is it a bug?
It is correct. See RFC 4592 for the full explanation of how wildcards work.
Tony.
--
f.anthony.n.finch d...@dotat.at http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at
On 14 February 2014 12:01, Tony Finch d...@dotat.at wrote:
Terry Burton t...@terryburton.co.uk wrote:
Is the following expected or is it a bug?
It is correct. See RFC 4592 for the full explanation of how wildcards work.
For sake of Google...
RFC 4592 3.3.1 defines The closest encloser is the
Hi all,
Bind provides rndc tools to operate the cache. But how to change a record in
the cache. For example:
to modify origin recordwww.abc.com A IN 219.142.3.1 into www
abc.com A IN 143.3.1.20.
I just know that using rndc flush to clear the cache, but don't know how to
modify the
On 14 February 2014 13:52, houguanghua houguang...@hotmail.com wrote:
Who can tell me how to do?Thanks.
You can't and shouldn't need to edit the cache. All you can do is clear it.
If you want to change the response back to the client then look into
RPZ, however by doing so you may break DNSSEC
You can't modify cache. If that was allowed you could cache poison any
domain you wanted.
On Feb 14, 2014 8:52 AM, houguanghua houguang...@hotmail.com wrote:
Hi all,
Bind provides rndc tools to operate the cache. But how to change a record
in the cache. For example:
to modify origin record
In article mailman.2257.1392386898.20661.bind-us...@lists.isc.org,
Ben Croswell ben.crosw...@gmail.com wrote:
You can't modify cache. If that was allowed you could cache poison any
domain you wanted.
poisoning refers to putting incorrect records into the cache of some
*other* server. If you
What you say is true, but the OP wasn't clear in who owned the record he
wanted to override. I assumed it was someone else's or you would just
change authoritative source that you own.
On Feb 14, 2014 10:20 AM, Barry Margolin bar...@alum.mit.edu wrote:
In article
Are you trying to override the IP address locally, or are you just trying
to get the correct value into cache?
John
On Fri, Feb 14, 2014 at 8:52 AM, houguanghua houguang...@hotmail.comwrote:
Hi all,
Bind provides rndc tools to operate the cache. But how to change a record
in the cache. For
Hi All,
I have a situation where the same domain for example xyz.example.com is both
internal and external.
The internal xyz.example.com is on an internal host (private address ) which is
the default DNS server for all internal hosts (all hosts use this DNS server in
their resolve.conf ) And
Sarath sar...@slashroot.in wrote:
The internal xyz.example.com is on an internal host (private address )
which is the default DNS server for all internal hosts (all hosts use
this DNS server in their resolve.conf ) And the external xyz.example.com
is on another public ip server (aws route 53
Can you not delegate xyz.xyz.example.com to route 53 on your internal name
server?
--
Josh Smith
KD8HRX
Email/jabber: juice...@gmail.com
Phone: 304.237.9369(c)
Sent from my iPhone.
On Feb 14, 2014, at 12:53 PM, Sarath sar...@slashroot.in wrote:
Hi All,
I have a situation where the
There is nothing that precludes you from having the same zone on different DNS
servers. You make each authoritative so that any look up that hits that DNS
server gets that server's records. You can then have separate entries for
some items and the same for others.
We do that here with at
Hi,
We want to sign zones with bind using an HSM Luna PCI Safenet card.
The command 'dnssec- keyfromlabel' fails:
# /usr/local/sbin/dnssec-keyfromlabel -v 9 -E LunaCA3 -a RSASHA1 -l
KSK1-testdnssec -f KSK testdnssec.
dnssec-keyfromlabel: warning: ENGINE_load_private_key failed
In article mailman.2259.1392392364.20661.bind-us...@lists.isc.org,
Ben Croswell ben.crosw...@gmail.com wrote:
What you say is true, but the OP wasn't clear in who owned the record he
wanted to override. I assumed it was someone else's or you would just
change authoritative source that you
15 matches
Mail list logo