Re: sub-domain setup
On 11/28/2011 10:20, Dan McDaniel wrote: > > I'm setting up a new DNS server. We have two offices linked by a VPN. > I'm trying to decide whether to have everything under a single domain > (example.com) or to split them into sub-domains (office1.example.com, > office2.example.com). > > I wondered if there is a consensus on this. What are the pros and cons > of the two different setups? You haven't given nearly enough information. Roughly how many hosts would be in each of the 3 zone files? Do the 2 offices share a DHCP server? Are you doing dynamic updates? Might you ever want to have an administrative separation between the 2 offices, such that there may be personnel who have rights to edit one of the zone files, but not all 3? Is one of the zones likely to be static for long periods of time, but one or more of the others are fairly dynamic? Without knowing more about your environment it's hard to answer your question intelligently. :) hth, Doug -- "We could put the whole Internet into a book." "Too practical." Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Bind 9.9.0b2 inline signing...
> > > I don't understand why Windows doesn't include dig by default, even now. > > > Free software hate? > > And grep and logrotate! At least the GnuWin32 project has a good version > > of grep. > I think that if I had to use a Windows workstation my first installs would be > the ISC binary kit and wireshark, since AFAIK Windows doesn't come with a > packet capture program either. . . Bill: Microsoft Network Monitor 3.4 is available. See http://support.microsoft.com/kb/933741. I do prefer Wireshark myself. Windows PowerShell offers similar functionality to grep in the Select-String cmdlet. See http://technet.microsoft.com/en-us/library/dd315403.aspx. This goes somewhat against the object-oriented grain of PowerShell, however. The Windows event viewer can be configured to archive event logs when they reach a certain size, but I don't think this matches the functionality of logrotate. Jeff. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind 9.9.0b2 inline signing...
On Mon, Nov 28, 2011 at 01:03:15PM -0500, wbr...@e1b.org wrote: > Todd wrote on 11/24/2011 11:29:14 AM: > > > I don't understand why Windows doesn't include dig by default, even > > now. Free software hate? > > And grep and logrotate! At least the GnuWin32 project has a good version > of grep. There are others who sympathize with you: https://twitter.com/dns_borat/status/139996381661237248 ;) I think that if I had to use a Windows workstation my first installs would be the ISC binary kit and wireshark, since AFAIK Windows doesn't come with a packet capture program either. . . Bill. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND 9.8.1-P1: 'make test' fails
On 22/11/11 18:10, /dev/rob0 wrote: Is this a manifestation of the same issue as brought up last week? https://lists.isc.org/pipermail/bind-users/2011-November/085593.html I don't think so. I can compile without problem. I see a failure during 'make test' processing, and only for a specific RH release (RHEL ES 3.4) on real i686. The only other RH release which is conveniently available to me is 6.0 on real or VMware guest x86_64, so there is plenty of scope for ignored intermediate data points. If I have occasion to explore further, I'll report anything which seems interesting. /Niall ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: sub-domain setup
Dan McDaniel wrote: > > I'm setting up a new DNS server. We have two offices linked by a VPN. > I'm trying to decide whether to have everything under a single domain > (example.com) or to split them into sub-domains (office1.example.com, > office2.example.com). If your DNS is mostly static and your cross-site network is not strictly subdivided, it's probably easier to have a single master that slaved at the secondary site. If you have dynamic DNS (e.g. DHCP for office computers) each site should have a local DHCP+DNS setup with a master zone for that site. Whether each site slave's the other's zone probably depends on how strict are the firewalls between the sites. Tony. -- f.anthony.n.finchhttp://dotat.at/ Sole, Lundy, Fastnet, Irish Sea: Southerly, veering westerly later, 6 to gale 8, occasionally severe gale 9, perhaps storm 10 for a time later. Rough or very rough, becoming high in west Sole. Rain or squally showers. Good, occasionally poor. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Bind 9.9.0b2 inline signing...
You can install Cygwin under Windoze and then get most Linux packages under that. Alternatively you can just install the Windows zip file for BIND and use the dig.exe it provides. -Original Message- From: bind-users-bounces+jlightner=water@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of wbr...@e1b.org Sent: Monday, November 28, 2011 1:03 PM To: Todd Snyder Cc: bind-users-bounces+wbrown=e1b@lists.isc.org; bind-users@lists.isc.org Subject: RE: Bind 9.9.0b2 inline signing... Todd wrote on 11/24/2011 11:29:14 AM: > I don't understand why Windows doesn't include dig by default, even > now. Free software hate? And grep and logrotate! At least the GnuWin32 project has a good version of grep. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Athena(r), Created for the Cause(tm) Making a Difference in the Fight Against Breast Cancer - CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. -- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
sub-domain setup
I'm setting up a new DNS server. We have two offices linked by a VPN. I'm trying to decide whether to have everything under a single domain (example.com) or to split them into sub-domains (office1.example.com, office2.example.com). I wondered if there is a consensus on this. What are the pros and cons of the two different setups? Dan ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Bind 9.9.0b2 inline signing...
Todd wrote on 11/24/2011 11:29:14 AM: > I don't understand why Windows doesn't include dig by default, even > now. Free software hate? And grep and logrotate! At least the GnuWin32 project has a good version of grep. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: split horizon and zone transfers to secondary DNS servers
Marek Kozlowski wrote: > > OK. Let's assume I have only one primary and only one secondary DNS. I > have two views on my primary. May I set up the secondary one for two > views as well I make it fully synchronized to the primary one? (AFAIK > for `allow-transfer' I specify IP addresses -- there is only one IP for > the sec.) Yes, but the trick is to use TSIG keys so the two servers can tell the difference between zone transfers for the different views. Tony. -- f.anthony.n.finchhttp://dotat.at/ Tyne, Dogger, Fisher, German Bight, Humber, Thames: Southerly, veering westerly later in Tyne, 6 to gale 8, perhaps severe gale 9 later. Moderate or rough, occasionally very rough later. Occasional rain. Moderate or good, occasionally poor. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users