date:20160627

Re: ISC considering a change to the BIND open source license

2016-06-27 Thread Robert Edmonds

Victoria Risk wrote:
> Hello BIND users-
> 
> ISC published BIND under a very permissive open source license 
>  
> (https://www.isc.org/downloads/software-support-policy/isc-license/ 
> ) nearly 
> two decades ago.  ISC is the organizational steward for BIND; in order to 
> preserve the software for the long term, we are considering a move to the 
> more restrictive Mozilla Public License (MPL 2.0) 
>  
> (https://www.mozilla.org/en-US/MPL/2.0/ 
> ).

Hi, Vicky:

It looks like this was announced today:

https://www.isc.org/blogs/bind9-adopts-the-mpl-2-0-license-with-bind-9-11-0/

> The MPL license requires that anyone redistributing the code who has changed 
> it must publish their changes (or pay for an exception to the license). It 
> doesn’t impact anyone who is using the software without redistributing it, 
> nor anyone redistributing it without changes – so most users will not see any 
> change.

Can you clarify what "or pay for an exception to the license" means?
I also see a similar statement in these slides:

https://ripe72.ripe.net/presentations/150-Relicensing-BIND.pdf

• Probably Mozilla (MPL 2.0), possibly adding hosting clause
  • Contribute changes or pay for exception license
  • Not commercial software, just charging for exception

I don't think the MPL-2.0 has a "pay for an exception" clause, so this
would seem to imply that you plan to dual license BIND, or license BIND
under a modified license based on the MPL-2.0. Is that correct?

There is also this statement in your blog post:

In addition, we will be updating our contributor guidelines so
technical contributors are aware of how their contributions will be
licensed.  We are considering other changes to the way people
contribute code changes.  We do not plan to add a contributor
agreement, based on the significant feedback we received against it.

Your contributor guidelines now read:

https://www.isc.org/git/guidelines/

ISC does not require an explicit copyright assignment for patch
contributions. However, by submitting a patch to ISC, you implicitly
certify that you are the author of the code, that you intend to
reliquish exclusive copyright, and that you grant permission to
publish your work under whichever is the standard license agreement
for the project you are submitting it for. (The license agreement
depends on the project and also the version, since we have changed
two projects from the ISC license to the Mozilla Public License 2.0)

It looks like that paragraph formerly read:

https://web.archive.org/web/20160329142948/https://www.isc.org/git/guidelines/

ISC does not require an explicit copyright assignment for patch
contributions. However, by submitting a patch to ISC, you implicitly
certify that you are the author of the code, that you intend to
reliquish exclusive copyright, and that you grant permission to
publish your work under the ISC license.

Can you clarify what "...that you intend to relinquish exclusive
copyright" means? This sounds vaguely like an implicit contributor
license agreement.

I'm also confused as to how you plan to not require a contributor
agreement, while still being able to sell exceptions to the restrictions
in the MPL-2.0. E.g., suppose an external contributor writes 1000 lines
of new code, and licenses it under MPL-2.0 by putting a copyright notice
and license grant at the top:

/*
 * Copyright © 2017 James Hacker
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 */

How does ISC then both a) Merge this contribution into the BIND
mainline, and b) Sell a "pay for exception" version of BIND containing
this contribution?

-- 
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Can anyone tell me a good DNS server testing program

2016-06-27 Thread King, Harold Clyde (Hal)

Thanks everyone for your suggestions. I’ll go forward with dnsperf.


-- 
Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Systems Services

The University of Tennessee
103C5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone : 974-1599
Helpdesk 24/7 : 974-9900

On 6/22/16, 08:58, "Warren Kumari"  wrote:

Kinda depends on what you are testing, but there is also Nominum's
dnsperf: http://nominum.com/measurement-tools/

This is easy to install, simple to use, and comes with a sample query file.
W

On Wed, Jun 22, 2016 at 8:48 AM, Emil Natan  wrote:
> queryperf, supplied with BIND, found under contrib.
> What we usually do is "record" some real traffic, then run queryperf on
> multiple machines against a server. If I'm not mistaken similar topic was
> discussed here recently so you can search the archives.
>
> Emil
>
> On Wed, Jun 22, 2016 at 3:34 PM, King, Harold Clyde (Hal) 
> wrote:
>>
>> I have a new DNS BIND setup that I need to stress test. There are many
>> test for hitting a web server to simulate traffic, but I can’t find a one
>> for doing the same thing to a DNS server. Does anyone have any
>> recommendations?
>>
>>
>> --
>> Hal King  - h...@utk.edu
>> Systems Administrator
>> Office of Information Technology
>> Shared Systems Services
>>
>> The University of Tennessee
>> 103C5 Kingston Pike Building
>> 2309 Kingston Pk. Knoxville, TN 37996
>> Phone : 974-1599
>> Helpdesk 24/7 : 974-9900
>>
>> ___
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: dnssec-keymgr: Plans and usage?

2016-06-27 Thread Tony Finch

bind-us...@arminpech.de  wrote:
>
> I would like to handle KSK updates of second level domains using that
> tool (option -k applies policy only on KSKs). And especially I'm looking
> for an interface to trigger updates of DS records.
>
> The call on dnssec-settime may could be wrapped using the -s option of
> dnssec-keymgr to send a DS update via the registrar to the parent on
> publications or removals of DNSKEYs from the zone.
>
> But are there any other concepts or thoughts like supporting hooks for
> different phases in key rollovers?

I would like dnssec-settime to be able to record when DS records should
change - not for use by BIND's signing tools, but for use by my own (or
3rd party) registration API clients.

Then dnssec-keymgr could set these times according to the rollover policy,
and invoke the DS update client when appropriate. It should also use
dnssec-checkds to verify the API call worked.

(I think I have said something like that before, so my apologies if I am
being a bore...)

My registration API clients only deal with updating DNS delegations, they
aren't aiming at full EPP functionality. The model is roughly like nsdiff:
you give it a set of DS, NS, and glue records which are what the
delegation should look like, and it makes the necessary changes. So it's
naturally idempotent.

Tony.
-- 
f.anthony.n.finch    http://dotat.at/  -  I xn--zr8h punycode
Humber, Thames: Westerly 4 or 5, becoming variable 3 or less. Slight,
occasionally moderate. Rain at first in east, othewrwise fair. Good,
occasionally moderate.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: RES: RHEL, Centos, Fedora rpm 9.10.4-P1

2016-06-27 Thread Alexandr Poddubnyy "Enforta"


Hello.

bind-9.10.4-P1 :

...
T:reclimit:1:A
A:System test reclimit
I: attempt excessive-depth lookup (1)
I: count (26) != 14
I:failed
I: attempt permissible lookup (2)
I: count (49) != 26
I:failed
I:reset max-recursion-depth
I: attempt excessive-depth lookup (3)
I: count (12) != 7
I:failed
I: attempt permissible lookup (4)
I: count (21) != 12
I:failed
I:reset max-recursion-depth
I: attempt excessive-queries lookup (5)
I: attempt permissible lookup (6)
I:reset max-recursion-queries
I: attempt excessive-queries lookup (7)
I: attempt permissible lookup (8)
I: attempting NS explosion (9)
I:exit status: 4
R:FAIL
E:reclimit:Срд Май  4 16:21:55 MSK 2016
...



Old  ( BIND 9.10.3-P4 ) :
...
S:reclimit:Срд Май  4 18:22:40 MSK 2016
T:reclimit:1:A
A:System test reclimit
I: attempt excessive-depth lookup (1)
I: attempt permissible lookup (2)
I:reset max-recursion-depth
I: attempt excessive-depth lookup (3)
I: attempt permissible lookup (4)
I:reset max-recursion-depth
I: attempt excessive-queries lookup (5)
I: attempt permissible lookup (6)
I:reset max-recursion-queries
I: attempt excessive-queries lookup (7)
I: attempt permissible lookup (8)
I: attempting NS explosion (9)
I:exit status: 0
R:PASS
E:reclimit:Срд Май  4 18:22:51 MSK 2016
...



How to diagnose?
Suspicion ipv6 configuration.




Best regards,
 Alexandr Poddubnyy



 Original Message 
Subject: Re: RES: RHEL, Centos, Fedora rpm 9.10.4-P1
From: Jeremy C. Reed 
To: Leonardo Oliveira Ortiz 
Cc: "bind-users@lists.isc.org" 
Date: Wed Jun 22 2016 22:44:16 GMT+0300 (MSK)

On Wed, 22 Jun 2016, Leonardo Oliveira Ortiz wrote:


Someone had success to build it? I got make test errors...

What was the error?

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users



___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Resend: ISC Dig for iOS

2016-06-27 Thread Ray Bellis

[apologies if you did get this last week, it seemed to go
 missing during our mailman rebuild]

For those that haven't heard via social media, I've built a port of
"dig" for iPhone and iPad.

The code is based on dig from BIND 9.10.4, and supports most of the
usual command line options, as well as having a UI settings page for
non-expert users for some common settings.



You can bookmark commonly used queries, and there's also a standard
"share" button for sending query results via email, etc.

This isn't an officially supported ISC product, it's more of a "skunk
works" project, so if you try it and have feedback please either post
here on bind-users or get back to me directly.

Ray Bellis
ISC Research Fellow
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: ISC considering a change to the BIND open source license

Re: Can anyone tell me a good DNS server testing program

Re: dnssec-keymgr: Plans and usage?

Re: RES: RHEL, Centos, Fedora rpm 9.10.4-P1

Resend: ISC Dig for iOS

5 matches

Site Navigation

Mail list logo

Footer information