RHEL, Centos, Fedora rpm 9.10.0-P2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://www.five-ten-sg.com/mapper/bind contains links to the source rpms, and build instructions. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAlOZGZgACgkQL6j7milTFsFaaQCfTqZPzM8UYKWNUW8PLJM0juW3 uRwAnjjtoWHTKbND35vS4VWP5IXGBzAS =Qcg7 -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Simple max-journal-size question
.. and somehow didn't answer your question, sorry. first thing in the morning. Just a 'rndc reconfig' should be sufficient to get the configuration change to act. Stuart > -Original Message- > From: Stuart Browne > Sent: Thursday, 12 June 2014 9:17 AM > To: Bind Users Mailing List > Subject: RE: Simple max-journal-size question > > This one is a bit of a fun one to understand. > > Whilst setting this seems to suggest "This will be the biggest size the > journal will ever get to", it isn't. > > This suggests to bind to flush the journal when it reaches this size. If > the journal is busy however, the flush will be delayed until such a time > that the journal isn't busy. > > We use 'max-journal-size 100M;' quite successfully but have seen the > journal size get to a few hundred MB. It has stopped multi-GB journal > sizes though. > > Stuart > > > -Original Message- > > From: bind-users-boun...@lists.isc.org [mailto:bind-users- > > boun...@lists.isc.org] On Behalf Of Bischof, Ralph F. (MSFC-IS40)[NICS] > > Sent: Thursday, 12 June 2014 6:00 AM > > To: Bind Users Mailing List > > Subject: Simple max-journal-size question > > > > I just can't seem to find the answer to such a simple question > (BIND9.9). > > > > I have a very active dynamic zone that now has an incredibly large > journal > > file. I would like to use the max-journal-size parameter in the zone > > declaration to keep this from happening again. I understand that I can > > freeze the zone, delete the journal, and then thaw the zone. My question > > deals with when the parameter in the named.conf will take effect. Will > an > > 'rndc reconfig' be sufficient, or must I stop/start named for the > > parameter to be read for the zone? > > > > Thanks in advance, > > RB > > ___ > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > > unsubscribe from this list > > > > bind-users mailing list > > bind-users@lists.isc.org > > https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Simple max-journal-size question
This one is a bit of a fun one to understand. Whilst setting this seems to suggest "This will be the biggest size the journal will ever get to", it isn't. This suggests to bind to flush the journal when it reaches this size. If the journal is busy however, the flush will be delayed until such a time that the journal isn't busy. We use 'max-journal-size 100M;' quite successfully but have seen the journal size get to a few hundred MB. It has stopped multi-GB journal sizes though. Stuart > -Original Message- > From: bind-users-boun...@lists.isc.org [mailto:bind-users- > boun...@lists.isc.org] On Behalf Of Bischof, Ralph F. (MSFC-IS40)[NICS] > Sent: Thursday, 12 June 2014 6:00 AM > To: Bind Users Mailing List > Subject: Simple max-journal-size question > > I just can't seem to find the answer to such a simple question (BIND9.9). > > I have a very active dynamic zone that now has an incredibly large journal > file. I would like to use the max-journal-size parameter in the zone > declaration to keep this from happening again. I understand that I can > freeze the zone, delete the journal, and then thaw the zone. My question > deals with when the parameter in the named.conf will take effect. Will an > 'rndc reconfig' be sufficient, or must I stop/start named for the > parameter to be read for the zone? > > Thanks in advance, > RB > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A Note About Today's New BIND Releases
On 12/06/2014 08:04, mcna...@isc.org wrote: In summary: BIND 9.10.0-P2: - fixes security issue CVE-2014-3859 - fixes issue from ISC Operational Notification of 4 June 2014 - includes other minor fixes Michael, Does this also address the crazy amount of logging (as previously discussed here)? or is that set to only change way down the track as IIRC, Jeremy earlier eluded to? ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A Note About Today's New BIND Releases
On 6/11/14 2:04 PM, Michael McNally wrote: > In summary: > > BIND 9.10.0-P2: > - fixes security issue CVE-2014-3859 > - fixes issue from ISC Operational Notification of 4 June 2014 > - includes other minor fixes > > BIND 9.9.5-P1: > - security issue CVE-2014-3859 is not applicable > - fixes issue from ISC Operational Notification of 4 June 2014 Apologies -- I lost a line when editing. BIND 9.9.5-P1 *also* includes minor fixes; you can get the details from the full release notes: https://kb.isc.org/article/AA-01170 Look for the notes marked with "**" to find changes since the previous base version. > BIND 9.8.7-P1: > - security issue CVE-2014-3859 is not applicable > - fixes issue from ISC Operational Notification of 4 June 2014 > - includes other minor fixes ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
A Note About Today's New BIND Releases
Today ISC publicly releases three new versions of BIND: BIND 9.10.0-P2 BIND 9.9.5-P1 BIND 9.8.7-P1 Version 9.10.0-P2 is a security release of BIND and addresses a critical vulnerability, CVE-2014-3859, that can be used as a denial of service vector against all authoritative and recursive nameservers running BIND 9.10.0 or BIND 9.10.0-P1. If you are running a version from the BIND 9.10 branch, you should upgrade to 9.10.0-P2 as soon as possible. The other two release versions, BIND 9.9.5-P1 and BIND 9.8.7-P1 are being released simultaneously but are being labeled as "operational releases"; the critical security vulnerability disclosed in CVE-2014-3859 does not apply to the BIND 9.8 or 9.9 branches but they do correct an issue caused by changes to the Gnu Compiler Collection (GCC) which was previously disclosed in this ISC Operational Notification https://kb.isc.org/article/AA-01167 These new versions of BIND remove the need for those who are building BIND with GCC 4.9.0 or greater to use the manual workaround described in that notification. All three versions contain minor other fixes as well; please consult the release notes for full details and look for the notes marked with ** (which denote changes since the last release.) BIND 9.10.0-P2 notes: https://kb.isc.org/article/AA-01171 BIND 9.9.5-P1 notes: https://kb.isc.org/article/AA-01170 BIND 9.8.7-P1 notes: https://kb.isc.org/article/AA-01169 In summary: BIND 9.10.0-P2: - fixes security issue CVE-2014-3859 - fixes issue from ISC Operational Notification of 4 June 2014 - includes other minor fixes BIND 9.9.5-P1: - security issue CVE-2014-3859 is not applicable - fixes issue from ISC Operational Notification of 4 June 2014 BIND 9.8.7-P1: - security issue CVE-2014-3859 is not applicable - fixes issue from ISC Operational Notification of 4 June 2014 - includes other minor fixes As always, these versions of BIND can be downloaded from the ISC downloads page: http://www.isc.org/downloads or directly from the ISC ftp server ftp://ftp.isc.org/isc/bind9 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Simple max-journal-size question
I just can't seem to find the answer to such a simple question (BIND9.9). I have a very active dynamic zone that now has an incredibly large journal file. I would like to use the max-journal-size parameter in the zone declaration to keep this from happening again. I understand that I can freeze the zone, delete the journal, and then thaw the zone. My question deals with when the parameter in the named.conf will take effect. Will an 'rndc reconfig' be sufficient, or must I stop/start named for the parameter to be read for the zone? Thanks in advance, RB ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slightly Off-Topic: Dealing with DNSSEC Bogus Data
Thanks Tony for the feedback. -- Jorge ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Slightly Off-Topic: Dealing with DNSSEC Bogus Data
On 06/08/2014 01:59 PM, Evan Hunt wrote: > The answer is still no. We do have "negative trust anchors" on the > roadmap for 9.11, but that's not scheduled for release until 2015. Thank you Evan. I'm glad to know this is coming. Regards, Jorge ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users