Re: sortlist usage
2012/6/19 Drunkard Zhang :
> I‘m working for a China ISP, with a very complex network arch. One of
> these complex things is the CDN of ICP returned a bunch of IP
> addresses, which distributed in geographically varies, and some IP
> addresses located way far from us. So I want do some "sortlist" which
> sorts the IP addresses by geographical distance, not considering
> latency and CDN peer's load now.
>
> From ARM 9.9, I get this example:
>
> sortlist {
> // IF the local host
> // THEN first fit on the following nets
> { localhost;
> { localnets;
> 192.168.1/24;
> { 192.168.2/24; 192.168.3/24; }; }; };
> // IF on class C 192.168.1 THEN use .1, or .2 or .3
> { 192.168.1/24;
> { 192.168.1/24;
> { 192.168.2/24; 192.168.3/24; }; }; };
> // IF on class C 192.168.2 THEN use .2, or .1 or .3
> { 192.168.2/24;
> { 192.168.2/24;
> { 192.168.1/24; 192.168.3/24; }; }; };
> // IF on class C 192.168.3 THEN use .3, or .1 or .2
> { 192.168.3/24;
> { 192.168.3/24;
> { 192.168.1/24; 192.168.2/24; }; }; };
> // IF .4 or .5 THEN prefer that net
> { { 192.168.4/24; 192.168.5/24; };
> };
> };
>
> Here's my understanding after some testing:
> 1st level of brace matches client's IP addresses;
> 2nd level of brace matches IP in rrset data;
> 3rd, what's this level used for? Is it just ordering behind 2nd? When
> I added 3rd level of address_match_list, the ordering of rrset just
> failed.
>
> By testing, I found that the 1st level of entry can only be one IP
> range or acl name, sort will fail while 1st level is more than one
> address_match_list. Is this intended or I missed something?
>
> BTW, is 4th or 5th or 6... level of address_match_list supported?
>
> Another thing related: can I use sortlist for determining which
> upstream DNS server to query?
>
> Here's one testing domain name I used:
> 11:11:21 ~ $ dig +short @220.115.251.73 s.kaixin001.com.cn
> s.kaixin001.com.cn.lxdns.com.
> s.kaixin001.z.lxdns.com.
> kx.xdwscache.glb0.lxdns.com.
> 124.14.10.17
> 124.14.10.25
> 124.14.10.18
> 121.251.53.95
> 58.22.135.38
>
> The first 3 IPs located locally, 121.251.53.95 located in Anhui, and
> 58.22.135.38 located in Fuzhou, Fujian. The first 3 IPs returned
> cyclicly, 4th and 5th IP are fixed.
I think there's some trick not mentioned in ARM, like:
* The 1st level of brace can only be ONE element, address_match_list.
bind won't deal with more than one address_match_list;
* You can define more than 2 level of braces, but only configurations
within 2 level actived, others are ignored;
* Misswrite of sortlist config can not be detected, it just failed;
So you can write anything you like with following format:
sortlist {
{ acl-client;
{ acl-client; acl-local-city; acl-local-province; acl-local-contry;
...other-acls;
}; };
configurations out of this frame won't work. Am I right?
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Interpreting bind logging queries
Hi, I have a bind-9.8.3 fc16 system and would like to know more about how logging works. How can I determine whether the results were from the local cache or it was actually necessary to query a remote server to return a response? Given a query log entry such as: 20-Jun-2012 13:23:50.023 queries: client 127.0.0.1#47286: query: factoryfitpartscorp.info IN A + (127.0.0.1) How can I determine if this request was made to the server for this domain or if it had previously been queried and is retrieving it from a cache? Can you point me to where I can find information about interpreting query logs? Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Compiling and testing on Fedora
Hi all, I've had a major problem with using Fedora Core (10 through 15), when compiling and running "make test": A:System test acl I:Couldn't start server ns2 (pid=17344) R:FAIL S:allow_query:Wed Jun 20 23:21:47 GMT 2012 T:allow_query:1:A A:System test allow_query I:Couldn't start server ns2 (pid=17368) R:FAIL S:addzone:Wed Jun 20 23:22:01 GMT 2012 T:addzone:1:A A:System test addzone I:Couldn't start server ns2 (pid=17393) R:FAIL S:autosign:Wed Jun 20 23:22:15 GMT 2012 T:autosign:1:A A:System test autosign I:generating keys and preparing zones I:Couldn't start server ns1 (pid=17734) R:FAIL S:builtin:Wed Jun 20 23:22:35 GMT 2012 T:builtin:1:A A:System test builtin I:Couldn't start server ns1 (pid=17755) R:FAIL S:cacheclean:Wed Jun 20 23:22:49 GMT 2012 T:cacheclean:1:A A:System test cacheclean I:Couldn't start server ns1 (pid=17776) R:FAIL I'm running the "bin/tests/system/ifconfig.sh up" script, and see the "lo:1" through "lo:7" interfaces come up. I don't have this problem on any of my Solaris systems, just the Fedora servers. I do have several lo: interfaces already defined, and they cannot be removed Has anyone seen such an issue, and if so, how did you fix it? Dan Luther Operations Engineer Systems Operation Engineering Level 3 Communications One Technology Center, Tulsa OK 74103 p: 918-547-4370 e: dan.lut...@level3.com ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Compiling and testing on Fedora
I don't immediately recognize the issue. But hopefully the detailed named debugging output is saved. Look for the "*.run" (maybe named.run) files. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Interpreting bind logging queries
In message , Alex writes: > Hi, > > I have a bind-9.8.3 fc16 system and would like to know more about how > logging works. How can I determine whether the results were from the > local cache or it was actually necessary to query a remote server to > return a response? > > Given a query log entry such as: > > 20-Jun-2012 13:23:50.023 queries: client 127.0.0.1#47286: query: > factoryfitpartscorp.info IN A + (127.0.0.1) > > How can I determine if this request was made to the server for this > domain or if it had previously been queried and is retrieving it from > a cache? You can't. The log entry doesn't record that. > Can you point me to where I can find information about interpreting query log > s? The Adminstrators Reference Manual (ARM) full describes these log messages. > Thanks, > Alex > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Compiling and testing on Fedora
Did you turn OFF SELinux? prompt>setenforce 0 Then run the test, > From: dan.lut...@level3.com > To: bind-us...@isc.org > Subject: Compiling and testing on Fedora > Date: Wed, 20 Jun 2012 23:33:08 + > > Hi all, > > I've had a major problem with using Fedora Core (10 through 15), when > compiling and running "make test": > > A:System test acl > I:Couldn't start server ns2 (pid=17344) > R:FAIL > S:allow_query:Wed Jun 20 23:21:47 GMT 2012 > T:allow_query:1:A > A:System test allow_query > I:Couldn't start server ns2 (pid=17368) > R:FAIL > S:addzone:Wed Jun 20 23:22:01 GMT 2012 > T:addzone:1:A > A:System test addzone > I:Couldn't start server ns2 (pid=17393) > R:FAIL > S:autosign:Wed Jun 20 23:22:15 GMT 2012 > T:autosign:1:A > A:System test autosign > I:generating keys and preparing zones > I:Couldn't start server ns1 (pid=17734) > R:FAIL > S:builtin:Wed Jun 20 23:22:35 GMT 2012 > T:builtin:1:A > A:System test builtin > I:Couldn't start server ns1 (pid=17755) > R:FAIL > S:cacheclean:Wed Jun 20 23:22:49 GMT 2012 > T:cacheclean:1:A > A:System test cacheclean > I:Couldn't start server ns1 (pid=17776) > R:FAIL > > I'm running the "bin/tests/system/ifconfig.sh up" script, and see the "lo:1" > through "lo:7" interfaces come up. I don't have this problem on any of my > Solaris systems, just the Fedora servers. I do have several lo: interfaces > already defined, and they cannot be removed > > Has anyone seen such an issue, and if so, how did you fix it? > > Dan Luther > Operations Engineer > Systems Operation Engineering > Level 3 Communications > One Technology Center, Tulsa OK 74103 > p: 918-547-4370 > e: dan.lut...@level3.com > > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
