PM Mark Elkins wrote:
> Just remove the type-1 digest from the domain registrar.
>
> In the future - only upload type type-2 version.
> On 2022/09/20 20:32, frank picabia wrote:
>
>
> The algorithm migration I made to 8 has worked well.
> Getting green lights on DNSSEC che
The algorithm migration I made to 8 has worked well.
Getting green lights on DNSSEC checkers, etc.
The only odd bit is some warnings at DNSVIS.NET
about DS records using digest algorithm 1.
DNSSEC specification prohibits signing with DS records that use digest
algorithm 1 (SHA-1).
Somehow the
That's a good resource. Thanks, Hugo.
On Wed, Sep 14, 2022 at 1:40 PM Hugo Salgado wrote:
> On 11:23 14/09, frank picabia wrote:
> > Hi,
> >
> > I'm at the point in DNSSEC algorithm migration
> > where I have two types of keys involved in signing.
> >
Hi,
I'm at the point in DNSSEC algorithm migration
where I have two types of keys involved in signing.
Both algorithm 7 and 8 are in use.
The top level domain registrar also has DS keys set up for both 7 and 8.
I need to coordinate pulling out algorithm 7 with the domain registrar so
our domain
he actual real names. You don’t
> go to your mechanic with a different car when you have a problem with your
> car. Using ‘example’ is like doing that.
>
> Mark
>
>
> > On 17 May 2022, at 04:41, frank picabia wrote:
> >
> > I've been using open source for decades.
in, Bert
> Hubert was exactly right here:
>
> https://berthub.eu/articles/posts/anonymous-help/
>
> Ondrej
> --
> Ondřej Surý — ISC (He/Him)
>
> My working hours and your working hours may be different. Please do not
> feel obligated to reply outside your normal
Perhaps you are unaware of the use of this domain as a generic filler.
https://example.com/
I don't know why so many people assume the DNS information
will be openly shared. Suppose I was working on a problem for Barclays
Bank, do you suppose they would be thrilled with me posting
their
to do. Using one of the other approaches with
dnssec-dsfromkey is needed. The values in dsset file begin the
same but it's different.
On Mon, May 16, 2022 at 11:37 AM frank picabia wrote:
>
> That's helpful. Very similar to what I found a minute ago on
>
> https://blog.apnic.net/20
lhost example.com. DNSKEY | egrep "IN\sDNSKEY\s257" |
> dnssec-dsfromkey -f - example.com.
>
> Daniel
>
>
> On 16.05.22 16:01, frank picabia wrote:
> > Let's put it another way:
> >
> > Using tools like host or dig, can I look up my DS without it talki
wrote:
> On 16/05/2022 15:07, frank picabia wrote:
>
> Hi Frank,
>
> > I have dsset-example.com showing two DS keys with algorithm 8.
> > I included both .key files in my DNS. Only digest 1 comes back
> > in a dig query.
> >
> > I use dnssec-signzone tool
I have dsset-example.com showing two DS keys with algorithm 8.
I included both .key files in my DNS. Only digest 1 comes back
in a dig query.
I use dnssec-signzone tool to sign the zone file.
The domain registrar says there is a problem with the digest 2 value.
It's copied directly from the
On Thu, May 5, 2022 at 3:48 PM Tony Finch wrote:
> frank picabia wrote:
> > On Thu, May 5, 2022 at 1:46 PM wrote:
> > >
> > > Tony wrote a nice article about that:
> > > https://www.dns.cam.ac.uk/news/2020-01-15-rollover.html
> >
> > Thanks
On Thu, May 5, 2022 at 1:46 PM wrote:
> Hi,
>
> On 5/5/22 6:37 PM, frank picabia wrote:
> >
> > Hi,
> >
> > I've been running a Bind set up with DNSSEC for many years.
> > It was done following the guide at the digitalocean site.
> >
> > What
Hi,
I've been running a Bind set up with DNSSEC for many years.
It was done following the guide at the digitalocean site.
What I don't find in a nice guide, is how to change your algorithm
to a more current one, and seamlessly make your domain
run under this new chain of data.
I tried it on my
so that I can
add PTR records to correspond to A records in the forward zone?
Thanks for any light you can shed on this subject.
--
Frank Kyosho Fallon
My pronouns are: He, HIm
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users
Hi,
Just to let everyone know that I have solved my issue by upgrading
to bind-9.16.10. It is working
fine now.
--
sysadm cronomagic.com
e-mail ve2...@canasoft.net
POWERED BY LINUX
___
Please visit
Here is my entire config:
My machine IP = 66.159.32.31 2606:af00:1::3
key "rndc-key" {
algorithm hmac-md5;
secret "y4xt0wQJOiOiZmVaWSMgnQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
acl local
Hi,
I am using bind-9.16.5. I am having an issue with domain/zone
forwarding.
Global forwarding works fine. When I configure domain forwarding no request
for dns info goes out from the machine. I did a tcpdump to verify this.
For bind-9.13.2 the domain forwarding works properly.
smiths.com. 59 IN SOA
resolve01.sslvpndemo.com. hostmaster.resolve01.sslvpndemo.com. 5 10800
3600 604800 60
;; Query time: 180 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mi Mai 15 15:26:28 CEST 2019
;; MSG SIZE rcvd: 111
Can i help you.
Regards
--
Frank
__
That's an internal setting can't be exposed.
I created a public test name: test.c.b.jilapps.com
Should you see A record 1.2.3.4 or 5.6.7.8?
On Thu, Nov 15, 2018 at 8:25 AM Barry Margolin wrote:
> In article ,
> Frank Liu wrote:
>
> > Thanks for confirming bind behavior mat
zon Route53 allows you to add both
delegations in the a.com zone without any "out of zone data" error.
On Tue, Nov 13, 2018 at 1:50 PM Mark Andrews wrote:
>
> > On 14 Nov 2018, at 4:04 am, Frank Liu wrote:
> >
> > Hi,
> >
> > Is t
bind9 resolver a simple cache only with root hint. no local zones.
On Tue, Nov 13, 2018 at 9:18 AM Lyle Giese wrote:
> On 11/13/2018 11:04 AM, Frank Liu wrote:
>
> Hi,
>
> Is there a RFC determining which nameserver to use if there is a
> conflicting subdomain delegation?
>
Hi,
Is there a RFC determining which nameserver to use if there is a
conflicting subdomain delegation?
eg:
In the zone of a.com, there are two NS delegations:
b.a.com NS host1
c.b.a.com NS host2
On host1 in zone b.a.com, there is
c.b.a.com NS host3
As you can see, there is a conflicting
Cert looks fixed now.
Nice to see you're using Letsencrypt certs... just have to fix the cron job for
the renew ;-)
Frank
>Forwarded to our operations people
>> On 11 Apr 2018, at 10:12 am, /dev/rob0 <r...@gmx.co.uk> wrote:
>>
>> The certificate for
, 2016 at 5:03 PM, Sten Carlsen <st...@s-carlsen.dk> wrote:
> I assume you did increase the serial, if not this is what I would expect
> to happen.
>
> On 21/09/16 10:53, Tony Finch wrote:
>
> Frank Even <lists+isc@elitists.org> <lists+isc@elitists.org>
None of that works. Nothing short of a restart of the daemon notices new
forwarders added to the config. That is inclusive of:
rndc reconfig
rndc reload
rndc flushname $nameofforwardersadded
rndc flush
A restart of the service however, that does work. That is far more
disruptive than I like
d "service named-chroot restart" on EL7) works.
On Wed, Sep 21, 2016 at 1:53 AM, Tony Finch <d...@dotat.at> wrote:
> Frank Even <lists+isc@elitists.org> wrote:
>
> > Is there a way to add forwarders for specific zones without a restart?
> >
in the hierarchy will not
load until a full restart I've found (meaning you have "domain.com"
configured as a master zone and add "subdomain.domain.com" as a master zone
as well).
On Tue, Sep 20, 2016 at 5:56 PM, Benny Pedersen <m...@junc.eu> wrote:
> On 2016-09-21 02:40, Frank Ev
zone until I do a full
daemon restart.
Stock named on Cent 7/6/5 if curious is what I'm working with. Testing
currently on 7 (which appears to be 9.9.4).
Thanks,
Frank
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
Hello Bert,
This is the first I've heard of DNSDIST. I'll need to read more about it, but
wanted to ask whether upon receiving the query, does DNSDIST act as a bridge
for the complete request/response, or simply redirects the traffic with the
response bypassing DNSDIST?
THanks,
Frank
.
Regards,
Frank
- Original Message -
From: "Job" <j...@colliniconsulting.it>
To: bind-users@lists.isc.org
Sent: Wednesday, 14 September, 2016 12:17:13
Subject: Load balancer for Bind
Hello,
which is the best load balancer for two or more Bind DNS Server, located in t
Thanks for the info. Also I'll have to note that I completely missed that
the "offending IP" is one of the .uk root servers so the next logical
conclusion is I've probably got a box in one of my environments driving an
amplification attack of some sort or something at those IPs that I need to
-
From: "Dennis Clarke" <dcla...@blastwave.org>
To: bind-users@lists.isc.org
Sent: Saturday, 6 August, 2016 19:39:21
Subject: Re: how to log client MAC address?
On 08/06/2016 10:01 PM, Frank Pikelner wrote:
> MAC addresses are layer 2 and you only see those on your subnet,
MAC addresses are layer 2 and you only see those on your subnet, i.e. most
likely your default gateway, etc.
So the answer is no.
Frank
From: "Fima Leshinsky" <f...@intricately.com>
To: bind-users@lists.isc.org
Sent: Saturday, 6 August, 2016 17:42:59
Subject: how t
I have a group of servers serving out multiple addresses via anycast. I've
been made aware that an IP outside of our network is hitting the boxes with
queries, and we're returning data to the client.
With allow-query and allow-recursion locked to our subnets, this outside
host is still getting
Tutorials for this topic out on
the internets seem to be pretty sparse. If there is something out
there, I'd rather not reinvent the wheel.
Thanks in advance for any assistance,
Frank
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubsc
/
> Hedgehog - https://github.com/dns-stats/hedgehog/wiki ("demo":
> http://stats.dns.icann.org/hedgehog/hedgehog.html )
>
> W
>
>
> On Fri, Nov 13, 2015 at 5:45 PM, Frank Even <lists+isc@elitists.org>
> wrote:
>> What does everyone do for monitoring the
,
Frank Bulk
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Mon, Apr 13, 2015 at 11:10 AM, Evan Hunt e...@isc.org wrote:
On Mon, Apr 13, 2015 at 11:05:05AM -0700, Frank Even wrote:
...and where could I find info on what is stored in ADB and any other
particular items that flushname might not deal with? That's where my
frustration largely is, that I
On Sat, Apr 11, 2015 at 6:49 AM, Tony Finch d...@dotat.at wrote:
There was a bug in 9.9 and earlier that rndc flushtree only flushed the main
cache, not adb or bad cache. This was fixed in 9.10 - see item 3606 in the
CHANGES file.
...and where could I find info on what is stored in ADB and
On Thu, Apr 9, 2015 at 1:48 PM, Matus UHLAR - fantomas
uh...@fantomas.sk wrote:
On 09.04.15 13:25, Frank Even wrote:
Is there any place I can look to get a definitive answer in what cases
flushname will and will not work?
it will work if you have old entries in the cache
and the name that the name servers was attached to,
still had to flush the entire cache to get resolution working properly
on that domain again.
Thanks,
Frank
On Tue, Dec 9, 2014 at 8:31 PM, Mark Andrews ma...@isc.org wrote:
Nameservers being down does not result in NXDOMAIN responses. I
suspect
On Fri, Mar 27, 2015 at 8:25 AM, Barry Margolin bar...@alum.mit.edu wrote:
In article mailman.1821.1427468103.26362.bind-us...@lists.isc.org,
/dev/rob0 r...@gmx.co.uk wrote:
On Thu, Mar 26, 2015 at 11:34:42AM -0700, Frank Even wrote:
In this particular instance, the masters ended up under
still failing to
write the tmp file DID load the zone into memory).
I guess the question really is, is this expected behavior or a bug?
Thanks,
Frank
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind
On Thu, Mar 26, 2015 at 12:17 PM, Matus UHLAR - fantomas
uh...@fantomas.sk wrote:
On 26.03.15 11:34, Frank Even wrote:
Zone files were in place for the necessary domains, but were outdated
(assuming one of our updates broke something somewhere, they were all
on average 3 months old).
Here
to transfer newer
versions, it continued providing old versions.
On 26.03.15 12:48, Frank Even wrote:
Yes, the old versions were provided on disk on initial load. But that
was then followed up with a SUCCESSFUL zone transfer minutes later,
but the server was unable to save the tmp file
There are free ones:
http://www.frankb.us/dns/
http://networking.ringofsaturn.com/Unix/freednsservers.php
Regards,
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Robert Moskowitz
Sent: Tuesday, February 03, 2015 4
Rob,
I like to use DNSstuff because it can check each path:
http://www.dnsstuff.com/tools#dnsTraversal|type=domainvalue=4.254.253.50.i
n-addr.arparecordType=PTR
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Robert
Have a look at relayd from OpenBSD, the last time I checked it had the
capability you are looking for.
Another option might be pfSense, as I recall they ported relayd and include the
functionality in their firewall.
Frank Pikelner
- Original Message -
From: WXR 474745...@qq.com
request de-listing from Google's
blacklist.
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Phil Mayers
Sent: Monday, January 05, 2015 5:52 AM
To: bind-users@lists.isc.org
Subject: Re: Unable to get
Except queries from 96.31.0.5 and 199.120.69.24 reliably return the
while queries from 96.31.0.20 do not. And we're all the same ISP, and in
the one case, from the same /24. I don't think Google is that granular. And
we do have good IPv6 connectivity.
Regards,
Frank Bulk
-Original
for www.revk.uk.
How do I go about tracking this down? (Sorry, most of the servers have ACLs
that prevent the public from resolving them, so you won't be able to test
remotely.)
Regards,
Frank
I have a script that checks against the IPv4 and IPv6 of each DNS server
(identical), both the IPs
the \- ;-$NXRRSET mean?
Working server shows this in the dump:
; authanswer
ghs.l.google.com. 287 2607:f8b0:4001:c08::79
;
Regards,
Frank Bulk
-Original Message-
From: Mark Andrews [mailto:ma...@isc.org]
Sent: Tuesday, December 23, 2014 2:53 PM
To: Frank Bulk
Cc
:503:a83e::2:30#53(a.gtld-servers.net) in 150
ms
;; connection timed out; no servers could be reached
-Original Message-
From: Mark Andrews [mailto:ma...@isc.org]
Sent: Tuesday, December 23, 2014 6:01 PM
To: Frank Bulk
Cc: bind-us...@isc.org
-admin.google.com. 1577101 900 900 1800 60
;; Query time: 30 msec
;; SERVER: 216.239.32.10#53(216.239.32.10)
;; WHEN: Tue Dec 23 21:29:53 2014
;; MSG SIZE rcvd: 84
==
Frank
-Original Message-
From: Mark Andrews [mailto:ma...@isc.org]
Sent: Tuesday, December 23, 2014 6:38
Here’s some suggestions from ISC on capturing information on this memory growth
issue:
https://kb.isc.org/article/AA-01208
Frank
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Kevin Oberman
Sent: Saturday, December 13, 2014 12:07 PM
Next time I'll dump the db.
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Matus UHLAR -
fantomas
Sent: Thursday, December 11, 2014 10:32 AM
To: bind-users@lists.isc.org
Subject: Re: rndc flushname not working
rndc flushname domain and rndc flushname www.domain
didn't clear out the NXDOMAIN. I had to use rndc flush to resolve the
issue.
Is this expected behavior? The next time I see what, what troubleshoot
steps should I take diagnose the issue? Dump the DB?
Frank
or static-stub to using a slave?
Thanks,
Frank
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Dave,
Thanks for the input, but what I was looking for was a dig command that
returns the IP(s) or a fail. It looks like the host command is the right
solution in this case, not dig.
Kind regards,
Frank
-Original Message-
From: Dave Knight [mailto:d...@knig.ht]
Sent: Tuesday, October
We’re using this in a bash shell script. I don’t think there’s a native shell
command to get the IP, so I’ll use a mixture of host and dig as necessary.
Thanks,
Frank
From: Fajar A. Nugraha [mailto:w...@fajar.net]
Sent: Sunday, October 19, 2014 11:04 PM
To: Frank Bulk
Cc: comp
That feature runs on our system, but it doesn't digging through to a final
IP or failure:
getent ahosts mail.automatedwastesystems.net
returns nothing.
Regards,
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf
Thanks, what I ended up using.
Didn't think that there was anything host could do that dig couldn't do.
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry Margolin
Sent: Sunday, October 19, 2014 5:00 AM
To: comp
.
root@nagios:/tmp#
I'd rather know that mail3.sandhills.com is NXDOMAIN.
Regards,
Frank
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https
Hello
Since I upgraded to 9.8.7 on my two DNS the automated zones transfert from
master to slave
does not occurs automatically , I haven't change configuration files,
serials are well incremented
by a script that works for years
BIND is installed from FreeBSD ports on the two machines, I wonder
Hello
is there a link to a documentation that lists the main differences between
BIND 9.8 and 9.9 ?
I would like to read it before swiching from 9.8
thank you
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this
Do you have a box such as a firewall or load-balancer sitting in front of
ns1?
Frank
-Original Message-
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of SH
Development
Sent: Tuesday, June 25, 2013 8:35 PM
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of
Frank Bulk
Sent: Saturday, June 22, 2013 8:56 PM
To: 'SH Development'; bind-users@lists.isc.org
Subject: RE: Secondary DNS question...
stariononline.com has two NSes listed, ns1.starionhost.net [74.87.108.83]
and ns2
Frank
-Original Message-
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of SH
Development
Sent: Thursday, June 20, 2013 10:03 PM
To: bind-users@lists.isc.org
Subject: Secondary DNS question...
Our secondary DNS
zones are
respected over forwarders...or something else??
Thanks for any assistance anyone can provide, or point me to some
documentation I'm missing,
Frank
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
On Fri, Oct 26, 2012 at 7:27 AM, Barry Margolin bar...@alum.mit.edu wrote:
In article mailman.521.1351232171.11945.bind-us...@lists.isc.org,
Frank Even lists+isc@elitists.org wrote:
I've recently had an issue that I'm having some issues finding
information on solving.
I have internal
There's more: both ns1.netbcp.com and ns2.netbcp.net don't respond to
queries about nbc.com and ns1.netbcp.com doesn't respond over TCP.
Frank
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of
Kevin Darcy
of the world (yes, our recursive and
authoritative somewhat overlap).
Frank
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of
Fr34k
Sent: Thursday, June 14, 2012 8:54 AM
To: Phil Mayers; bind-users@lists.isc.org
One possible default setting is to say a certain percentages or volume of
disk space free.
Frank
-Original Message-
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of
Anand Buddhdev
Sent: Wednesday, November
in ??
Nov 15 23:03:33 mail1 named[4601]: exiting (due to assertion failure)
All times are U.S. Central Time and we're running on Debian (Linux mail1
2.6.32-5-amd64 #1 SMP Wed Jan 12 03:40:32 UTC 2011 x86_64 GNU/Linux).
server:/etc/rc3.d# /usr/sbin/named -v
BIND 9.7.3
server:/
Frank
Would be nice if the error output or log would indicate such failures.
Frank
-Original Message-
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of
Tony Finch
Sent: Wednesday, August 17, 2011 9:31 AM
Yes, this message arrived in my Inbox 44 minutes after it was sent.
Frank
-Original Message-
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of
Warren Kumari
Sent: Tuesday, May 31, 2011 4:59 PM
To: Warren
Yes, this message arrived in my Inbox 44 minutes after it was sent.
Frank
-Original Message-
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of
Warren Kumari
Sent: Tuesday, May 31, 2011 4:59 PM
To: Warren
the complexity back on the
configuration.
Frank
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf Of
babu dheen
Sent: Monday, May 30, 2011 1:17 AM
To: Doug Barton
Cc: bind-users@lists.isc.org
Subject: Re: Split DNS
Point taken, and I should have mentioned that it's NAT in play.
I agree, it's a problem that not all firewalls can hairpin public IPs back
to their private IPs, but when working with what you got sometimes the
solution isn't ideal.
Frank
-Original Message-
From: Doug Barton [mailto:do
19:59:02 resolv04 named[8237]: exiting (due to assertion failure)
This is reproducible and should only affected in 9.7.3. Can this be
possible?
kind regards
Frank
--
++
Frank Kloeker
Operations and Optimization of Internet Solutions
Hello
I'm setting up a DDSN server , following the ISC documentation
it is working nicely.
But I would like some guidance on setting up the TTL value
for DHCP/DDNS clients.
We use a lot of dual boot machines WINDOWS/LINUX and
with default parameters the DDNS record isn't removed
from the DDNS
.info.afilias-nst.info) in 3 ms
Would appreciate any pointers.
Thank you,
Frank
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Yes, thank you. The user entered the domain incorrectly. The oa.no-ip.info
+trace resolves correctly.
-Original Message-
From: Dan Durrer [mailto:d...@vitalwerks.com]
Sent: Wed 3/9/2011 1:46 PM
To: Chuck Swiger
Cc: Frank Pikelner; bind-users@lists.isc.org
Subject: Re: Some hosts
Which DNS server are you digging? It's possible that (by default) you're
digging against a server that has the old entry still cached.
Frank
-Original Message-
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf
transfers reliable. I do sympathize with you. Old data is
often worse than no data.
-frank
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On February 1, 2010 1:12:56 PM +1100 Mark Andrews ma...@isc.org wrote:
In message ed6e4c848e8fef4b16e71...@181.sub-97-18-81.myvzw.com, Frank
Cusack writes:
On February 1, 2010 11:35:15 AM +1100 Mark Andrews ma...@isc.org wrote:
You need to be looking a debug 3.
notify_log(notify
(serial 2010012700)
I'd like to see a verification of every host a NOTIFY message was sent to.
-frank
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
I have also-notify configured for a slave zone. The real master is a
so-called stealth master and all other slaves must consult this slave
nameserver that has also-notify configured.
The slave doesn't appear to be sending NOTIFY messages to the also-notify
hosts. zytrax does say that
to
recursion not available than they do for flat out refused,
especially when there are more than one name servers configured.
However I cannot refuse because the clients still need to be
able to resolve our zones. I will work something out for this,
so thanks for that hint as well.
Regards
Frank
the browsers behave this way (try to resolve forever when they
shouldn't need to) but have not received a reply yet.
I'd be glad for any insights.
Regards
Frank
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo
;
// Internet
}
Basically what we do is return one proxy for WAN sites (depending on the
domain name), another proxy for normal internet traffic or DIRECT for local
sites.
Regards
Frank
- Originalnachricht -
Von: Matus UHLAR - fantomas uh...@fantomas.sk
Gesendet: Mon, 25.1.2010 17:56
to be the better way to go. BIND doesn't have any
type-specific wildcards, so doing this in DNS would require a customized
server.
Ufff, seem like DNS isn't the way to get what I want.
Cheers
Frank Abel
___
bind-users mailing list
bind-users@lists.isc.org
the client is requesting
the MX RRs. Is that possible in any way?
Thanks in advance.
Cheers
Frank Abel
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
it'd be much cleaner than the use of DNS
wildcards.
I'm sure there's someone hardcore enough on-list to tell you how to do
it that way with the least amount of impact, though.
-jake
On Thu, 26 Nov 2009, Frank Abel Cancio Bello wrote:
Hi all,
First at all, I'm newbie in DNS, so excuse me
You can do an ipconfig /displaydns to see some TTL info.
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of John Horne
Sent: Thursday, October 15, 2009 3:07 AM
To: Bind users
Subject: Nslookup not showng TTL
Hello
?
Thank you,
Frank
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Perhaps the inverse would be more interesting: what's the lowest-spec
hardware that could host an OS that would run the latest version of BIND. =)
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry Margolin
Sent
Robert Spangler schrieb:
On Tuesday 15 September 2009 08:16, Frank Stanek wrote:
Please forgive my naivety if this is totally wrong but
I don't have a chrooted bind environment to verify this atm.
I run a chroot environment
But doesn't the init script in some distributions copy
Marcos Lorenzo de Santiago schrieb:
El mar, 15-09-2009 a las 11:50 +0100, Cathy Almond escribió:
Marcos Lorenzo de Santiago wrote:
El mar, 15-09-2009 a las 07:04 -0300, Leonardo Rodrigues escribió:
Marcos Lorenzo de Santiago escreveu:
When I modify a RR or add a new one on an existing zone, I
1 - 100 of 128 matches
Mail list logo
