Re: ISC considering a change to the BIND open source license

2016-06-15 Thread Mathew Ian Eis 
I support the license change as well, and I’d like to specifically applaud the 
use of a license that still allows for commercial use even while nicely asking 
for the re-contribution of any improvements.

(speaking for myself and not the University)

-Mathew Eis

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Append a Hard-coded Text Tuple into Additional Section of "dig" Feature

2016-06-15 Thread G.W. Haywood 

Hi there,

On Wed, 15 Jun 2016, Jun Xiang X Tee wrote:


...
I wish to append a hard-coded text tuple into end of the section. 
...


I think what you want to do sounds strange, but if I wanted to do
something like that I would not modify an existing perfectly good
utility.  I would create a new one:

8<-
#!/usr/bin/perl -w
# crazy_dig.pl: Sometimes adds crazy text to the output of dig.
use strict;
my $crazy_text = "--\nCrazy text\n--\n";
print qx |/usr/bin/dig $ARGV[0]|;
if( $ARGV[0] eq 'google.com' ) { print $crazy_text; }
# EOF: crazy_dig.pl
8<-

YMMV.

Don't do stuff like this without thinking about it Really Hard.
Probably not even then.

--

73,
Ged.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Append a Hard-coded Text Tuple into Additional Section of "dig" Feature

2016-06-15 Thread Jun Xiang X Tee 
Dear Kevin,


  Thank you for your reply! I wish to include some random information about a 
domain. I think your suggestion is great. I will look more on how to create an 
experimental record type. Do you mind to point me to an existing post about how 
to create it? Thanks!


Regards,

Jun Xiang Tee


From: bind-users-boun...@lists.isc.org  on 
behalf of Darcy Kevin (FCA) 
Sent: Wednesday, June 15, 2016 3:05:08 PM
To: bind-users@lists.isc.org
Subject: RE: Append a Hard-coded Text Tuple into Additional Section of "dig" 
Feature

That's not really consistent with the DNS standards, and will break if you have 
intermediate caching servers. Why? Because of this clause from RFC 2181:

Unauthenticated RRs received and cached from the least trustworthy of
those groupings, that is data from the additional data section, and
data from the authority section of a non-authoritative answer, should
not be cached in such a way that they would ever be returned as
answers to a received query.

It'll also, irrespective of caching, break DNSSEC.

What information are you trying to "piggyback" on responses to regular queries? 
If it's a point-to-point thing, then create your own experimental record type, 
or EDNS option (you already indicated you were willing to do modifications of 
the BIND code and/or client-resolver code) in order to provide a "channel" for 
this data between the client and its closest resolver. If it's an end-to-end 
thing, understand that the authoritative nameservers "own" one end of that 
transaction, and any attempts to manipulate the flow via an intermediate 
device, reduces the integrity and trustworthiness of the data, making it look 
like forgery, and possibly to the point where it gets rejected.



- Kevin


From: bind-users-boun...@lists.isc.org 
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Jun Xiang X Tee
Sent: Wednesday, June 15, 2016 2:43 PM
To: bind-users@lists.isc.org
Subject: Append a Hard-coded Text Tuple into Additional Section of "dig" Feature


Dear members,



  This is my first time posting a question to the mailing list. I am not sure 
whether I should post my technical question to this list or not. If it is not, 
I apologize for any inconvenience caused.



  When I query for "google.com", the additional section returned is:


  ;; ADDITIONAL SECTION:
  ns1.google.com. 200487  IN  A   216.239.32.10
  ns2.google.com. 197774  IN  A   216.239.34.10
  ns3.google.com. 246981  IN  A   216.239.36.10
  ns4.google.com. 193728  IN  A   216.239.38.10

  I wish to append a hard-coded text tuple into end of the section. An example 
after the change is:

  ;; ADDITIONAL SECTION:
  ns1.google.com. 200487  IN  A   216.239.32.10
  ns2.google.com. 197774  IN  A   216.239.34.10
  ns3.google.com. 246981  IN  A   216.239.36.10
  ns4.google.com. 193728  IN  A   216.239.38.10
  google.com  123456  IN TXT   "some information that I 
want to include"

  I have searched through the code base for several days, but do not find a 
good place to start with. Any suggestion? I am currently examining "resolver.c" 
and "lookup.c" files. Thanks!

Regards,
Jun Xiang Tee

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: ISC considering a change to the BIND open source license

2016-06-15 Thread Keith Christian 
"The MPL license requires that anyone redistributing the code who has
changed it must publish their changes ."

Sounds like the MPL has the "(please?) share your changes with the
other users of the software so that all may benefit" (directive?)

Good, the MPL has that in common with the GPL.  Others may not like
the GPL and that's OK.

Licenses for all philosophies and preferences.

Keith
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: Append a Hard-coded Text Tuple into Additional Section of "dig" Feature

2016-06-15 Thread Darcy Kevin (FCA) 
That's not really consistent with the DNS standards, and will break if you have 
intermediate caching servers. Why? Because of this clause from RFC 2181:

Unauthenticated RRs received and cached from the least trustworthy of
those groupings, that is data from the additional data section, and
data from the authority section of a non-authoritative answer, should
not be cached in such a way that they would ever be returned as
answers to a received query.

It'll also, irrespective of caching, break DNSSEC.

What information are you trying to "piggyback" on responses to regular queries? 
If it's a point-to-point thing, then create your own experimental record type, 
or EDNS option (you already indicated you were willing to do modifications of 
the BIND code and/or client-resolver code) in order to provide a "channel" for 
this data between the client and its closest resolver. If it's an end-to-end 
thing, understand that the authoritative nameservers "own" one end of that 
transaction, and any attempts to manipulate the flow via an intermediate 
device, reduces the integrity and trustworthiness of the data, making it look 
like forgery, and possibly to the point where it gets rejected.



- Kevin


From: bind-users-boun...@lists.isc.org 
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Jun Xiang X Tee
Sent: Wednesday, June 15, 2016 2:43 PM
To: bind-users@lists.isc.org
Subject: Append a Hard-coded Text Tuple into Additional Section of "dig" Feature


Dear members,



  This is my first time posting a question to the mailing list. I am not sure 
whether I should post my technical question to this list or not. If it is not, 
I apologize for any inconvenience caused.



  When I query for "google.com", the additional section returned is:


  ;; ADDITIONAL SECTION:
  ns1.google.com. 200487  IN  A   216.239.32.10
  ns2.google.com. 197774  IN  A   216.239.34.10
  ns3.google.com. 246981  IN  A   216.239.36.10
  ns4.google.com. 193728  IN  A   216.239.38.10

  I wish to append a hard-coded text tuple into end of the section. An example 
after the change is:

  ;; ADDITIONAL SECTION:
  ns1.google.com. 200487  IN  A   216.239.32.10
  ns2.google.com. 197774  IN  A   216.239.34.10
  ns3.google.com. 246981  IN  A   216.239.36.10
  ns4.google.com. 193728  IN  A   216.239.38.10
  google.com  123456  IN TXT   "some information that I 
want to include"

  I have searched through the code base for several days, but do not find a 
good place to start with. Any suggestion? I am currently examining "resolver.c" 
and "lookup.c" files. Thanks!

Regards,
Jun Xiang Tee

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Append a Hard-coded Text Tuple into Additional Section of "dig" Feature

2016-06-15 Thread Jun Xiang X Tee 
Dear members,


  This is my first time posting a question to the mailing list. I am not sure 
whether I should post my technical question to this list or not. If it is not, 
I apologize for any inconvenience caused.


  When I query for "google.com", the additional section returned is:



  ;; ADDITIONAL SECTION:
  ns1.google.com. 200487  IN  A   216.239.32.10
  ns2.google.com. 197774  IN  A   216.239.34.10
  ns3.google.com. 246981  IN  A   216.239.36.10
  ns4.google.com. 193728  IN  A   216.239.38.10

  I wish to append a hard-coded text tuple into end of the section. An example 
after the change is:

  ;; ADDITIONAL SECTION:
  ns1.google.com. 200487  IN  A   216.239.32.10
  ns2.google.com. 197774  IN  A   216.239.34.10
  ns3.google.com. 246981  IN  A   216.239.36.10
  ns4.google.com. 193728  IN  A   216.239.38.10
  google.com  123456  IN TXT   "some information that I 
want to include"

  I have searched through the code base for several days, but do not find a 
good place to start with. Any suggestion? I am currently examining "resolver.c" 
and "lookup.c" files. Thanks!

Regards,
Jun Xiang Tee

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Fetches problem

2016-06-15 Thread baptiste.dupont 
Hi guys,

We enabled the fetch-per-zone parameter on our DNS, it doing a great job but 
when I check the named.stats I also see some spilled requests due to server 
quota while I didn't enable.
As I think, if the param is not declared into the named.conf, it should not be 
enable, am I right ?


-   Here is an example in the named.stats :

xxx@dns--a: 65915187 spilled due to zone quota
xxx@dns--a:   16 spilled due to server quota


-   In our named.conf, we only have declared :

fetches-per-zone 100;

Do you have any idea about that odd behavior ?

Best regards,


Baptiste Dupont
baptiste.dup...@orange.com
ORANGE/OF/DTSI/DERS/DS/SINT/PEA


_

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Enabling edns on Bind 9.9

2016-06-15 Thread Ray Bellis 
On 15/06/2016 12:31, Harshith Mulky wrote:
> How can I enable EDNS on the bind server?
> 
> 
> Will just enabling this
> 
> edns-udp-size size_in_bytes ;
> 
> set the EDNS on the bind server?
> 
> 
> Or is EDNS Client specfic feature?

EDNS is always enabled on a BIND 9.9 server, but it's only permitted
(per the RFCs) if the client sent an OPT RR in the request.

Ray


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Enabling edns on Bind 9.9

2016-06-15 Thread Harshith Mulky 
How can I enable EDNS on the bind server?


Will just enabling this

edns-udp-size size_in_bytes ;

set the EDNS on the bind server?


Or is EDNS Client specfic feature?


Thanks

Harshith
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: ISC considering a change to the BIND open source license

2016-06-15 Thread Ted Mittelstaedt 



On 6/14/2016 11:19 PM, Noel Butler wrote:

On 15/06/2016 10:29, Ted Mittelstaedt wrote:

On 6/14/2016 4:28 PM, Noel Butler wrote:

On 15/06/2016 05:38, Ted Mittelstaedt wrote:


It seems some on the list are short on philosophy? Well here is
the actual philosophy and I'll apologize in advance that it won't fit
in a SMS message for those people unable to have deep thoughts more
complex than a SMS message. Hopefully you are not one of them.



I guess we can read this as you are, or are related to, one of these
commercial entities that are not playing nice... There is absolutely no
other reason one would be so dead against it as you are.



Or, you could simply just copy and paste my name into Linkedin and see
who my current employer is. Wow there's even a click-able website
there! What will they think up next, Maw!!!

I know, too boring.

Ted


Why? Its not important to me who your employer is, I have far far far
far far better things to do than research every poster I reply to.

I have also notes the quality of your posts on other lists over time, so
I would be even less inclined to bother. I havent and arent going to
bother, its irrelevant who they are, most of us have several ties to
orgs outside our main income stream. I can assure you my linkedin page
which hasnt been updated in ages, even when current, didnt list half of
mine.

Again, if you are a user - there is no change
if you are a redistributor: there is no change - UNLESS you modify BIND
and keepo it to yourself - thats fair, Vicky's post explained it so well
a child could understand it, if someone is affected by the pending
change, then they are part of the problem that brought this about.



Rather than waste any more electrons I'll just refer you to the
appropriate documentation that covers the substance of your post:

https://en.wikipedia.org/wiki/Straw_man

Ted
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: ISC considering a change to the BIND open source license

2016-06-15 Thread Noel Butler 

On 15/06/2016 10:29, Ted Mittelstaedt wrote:

On 6/14/2016 4:28 PM, Noel Butler wrote:

On 15/06/2016 05:38, Ted Mittelstaedt wrote:


It seems some on the list are short on philosophy? Well here is
the actual philosophy and I'll apologize in advance that it won't fit
in a SMS message for those people unable to have deep thoughts more
complex than a SMS message. Hopefully you are not one of them.



I guess we can read this as you are, or are related to, one of these
commercial entities that are not playing nice... There is absolutely 
no

other reason one would be so dead against it as you are.



Or, you could simply just copy and paste my name into Linkedin and see
who my current employer is.  Wow there's even a click-able website
there!   What will they think up next, Maw!!!

I know, too boring.

Ted


Why?  Its not important to me who your employer is, I have far far far 
far far better things to do than research every poster I reply to.


I have also notes the quality of your posts on other lists over time, so 
I would be even less inclined to bother. I havent and arent going to 
bother, its irrelevant who they are, most of us have several ties to 
orgs outside our main income stream. I can assure you my linkedin page 
which hasnt been updated in ages, even when current, didnt list half of 
mine.


Again, if you are a  user - there is no change
if you are a redistributor: there is no change - UNLESS you modify BIND 
and keepo it to yourself - thats fair, Vicky's post explained it so well 
a child could understand it, if someone is affected by the pending 
change, then they are part of the problem that brought this about.


--
If you have the urge to reply to all rather than reply to list, you best
first read  http://members.ausics.net/qwerty/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users