Re: authority
On Tue, Oct 25, 2016 at 7:14 AM, Reindl Haraldwrote: > > > > this is a public mailing list - so what! > > when someone don't yet get the connection between nameservers, webserver > and ip-addresses he is not ready to connect public servers and that's > completly independent of the fact you ra elike a statement or not - so get > out of my sigt and keep your persnaol attacks for yourself, epsecially when > you are *that* slow with your poisioning responses > > Thats right, when someone calls you out for what you really are, you try turn it around. truth hurts Reindl you obviously did not know or understand the question, this does not mean nobody else does, so you should shut your trolling trap and ignore the post, and let someone who does know what they mean answer it. Its why youve been kicked off just about every other technical/ASP lists on this planet. and as slow for responses? I have a life, I enjoy weekends, I do not sit on internet 20 hours a day like you try to because no one in their sane mind could put up with you. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
On Tue, Oct 25, 2016 at 7:11 AM, Reindl Haraldwrote: > > i don't understand your question >> >> >> Since you have NOTHING to do with ISC or even remotely with bind, if you >> dont understand , LEAVE IT TO SOMEONE WHO DOES >> > > and YOU have something to do with ISC? > i doubt! > > since i maintain hundrets of domains and wrote admin-backends for BIDN i > pretend to have more than remotely to do with bind for many many years > > PRETEND is the key operative word here, you have ZERO to do with ISC Bind, you are not a member of the consortium, yes, that I know! I'll leave it for a list moderator to cane your arse for trying to imply you are associated with bind project. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
Am 24.10.2016 um 22:45 schrieb Nick Edwards: On Tue, Oct 25, 2016 at 12:42 AM, Reindl Harald> wrote: don't get me wrong but that question shows that you are not ready to run a public dns server - there is no "local" or when you make statements like that to be sure you include the fact you have NOTHING to do with ISC or bind this is a public mailing list - so what! when someone don't yet get the connection between nameservers, webserver and ip-addresses he is not ready to connect public servers and that's completly independent of the fact you ra elike a statement or not - so get out of my sigt and keep your persnaol attacks for yourself, epsecially when you are *that* slow with your poisioning responses ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
Am 24.10.2016 um 22:42 schrieb Nick Edwards: On Tue, Oct 25, 2016 at 12:11 AM, Reindl Harald> wrote: identical like the first one Which IP should be use? i don't understand your question Since you have NOTHING to do with ISC or even remotely with bind, if you dont understand , LEAVE IT TO SOMEONE WHO DOES and YOU have something to do with ISC? i doubt! since i maintain hundrets of domains and wrote admin-backends for BIDN i pretend to have more than remotely to do with bind for many many years but you just cant help yourself can you, damn troll since nobody asked you keep your personal attacks for yourself ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
On Tue, Oct 25, 2016 at 12:42 AM, Reindl Haraldwrote: > > > >> > don't get me wrong but that question shows that you are not ready to run a > public dns server - there is no "local" or > when you make statements like that to be sure you include the fact you have NOTHING to do with ISC or bind. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
On Tue, Oct 25, 2016 at 12:11 AM, Reindl Haraldwrote: > identical like the first one > > Which IP should be use? >> > > i don't understand your question > > Since you have NOTHING to do with ISC or even remotely with bind, if you dont understand , LEAVE IT TO SOMEONE WHO DOES but you just cant help yourself can you, damn troll ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: merging reverse zone data obtained from two different masters
Ideally, whatever frontend you use to maintain the "forward" records for these zones, should be smart enough to, in parallel, populate the corresponding entries in the common reverse zone. But, failing that, it shouldn't be that hard to write a script that periodically pulls zone transfers of the forward zones and merges that data to create/update the common reverse zone. If the ranges used by these Zone1/Zone2 hosts overlap, you'll have to decide how to handle collisions, of course. - Kevin -Original Message- From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of blrmaani Sent: Sunday, October 23, 2016 5:56 PM To: comp-protocols-dns-b...@isc.org Subject: merging reverse zone data obtained from two different masters We have hosts in two different zones but use same subnet. Zone1 is generated by Master1 and Zone2 is generated by Master2. Slave1 runs BIND and would like to merge the reverses generated on Master1 and Master2. How do I do this? thanks Blr ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bind-users Digest, Vol 2527, Issue 1
Hi Tony the master res a your Zone and de reverse generate the consult for ip. 2016-10-24 9:00 GMT-03:00: > Send bind-users mailing list submissions to > bind-users@lists.isc.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.isc.org/mailman/listinfo/bind-users > or, via email, send a message with subject or body 'help' to > bind-users-requ...@lists.isc.org > > You can reach the person managing the list at > bind-users-ow...@lists.isc.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of bind-users digest..." > > > Today's Topics: > >1. merging reverse zone data obtained from two different masters > (blrmaani) >2. Re: merging reverse zone data obtained from two different > masters (blrmaani) >3. Running current version of bind in a jail? (Tom) >4. Re: Running current version of bind in a jail? (Reindl Harald) >5. Re: Running current version of bind in a jail? (Tony Finch) >6. Re: merging reverse zone data obtained from two different > masters (Tony Finch) > > > -- > > Message: 1 > Date: Sun, 23 Oct 2016 14:56:26 -0700 (PDT) > From: blrmaani > To: comp-protocols-dns-b...@isc.org > Subject: merging reverse zone data obtained from two different masters > Message-ID: > Content-Type: text/plain; charset=UTF-8 > > We have hosts in two different zones but use same subnet. Zone1 is generated > by Master1 and Zone2 is generated by Master2. > > Slave1 runs BIND and would like to merge the reverses generated on Master1 > and Master2. How do I do this? > > thanks > Blr > > > -- > > Message: 2 > Date: Sun, 23 Oct 2016 15:39:45 -0700 (PDT) > From: blrmaani > To: comp-protocols-dns-b...@isc.org > Subject: Re: merging reverse zone data obtained from two different > masters > Message-ID: <0866d16a-d52e-4097-a968-87daf3a2f...@googlegroups.com> > Content-Type: text/plain; charset=UTF-8 > > On Sunday, October 23, 2016 at 2:56:37 PM UTC-7, blrmaani wrote: >> We have hosts in two different zones but use same subnet. Zone1 is generated >> by Master1 and Zone2 is generated by Master2. >> >> Slave1 runs BIND and would like to merge the reverses generated on Master1 >> and Master2. How do I do this? >> >> thanks >> Blr > > I know couple of hacky way to achieve this. Just curious if anyone tried it ? > > > -- > > Message: 3 > Date: Mon, 24 Oct 2016 07:27:54 +0200 > From: Tom > To: "bind-users@lists.isc.org" > Subject: Running current version of bind in a jail? > Message-ID: <7bd34414-4737-c7cb-d640-d26f15ea3...@gmail.com> > Content-Type: text/plain; charset=utf-8; format=flowed > > Hi list > > From > https://kb.isc.org/article/AA-00768/0/Getting-started-with-BIND-how-to-build-and-run-named-with-a-basic-recursive-configuration.html: > > "Running named in a chroot jail (many still do, but this shouldn't be > necessary with modern versions of BIND)".: > > What's the reason, that it isn't necessary to run modern version of bind > in a jail? > > Kind regards, > Tom > > > -- > > Message: 4 > Date: Mon, 24 Oct 2016 08:59:23 +0200 > From: Reindl Harald > To: bind-users@lists.isc.org > Subject: Re: Running current version of bind in a jail? > Message-ID: <14080881-a967-4e2d-ed11-00f1104b8...@thelounge.net> > Content-Type: text/plain; charset=windows-1252; format=flowed > > > > Am 24.10.2016 um 07:27 schrieb Tom: >> From >> https://kb.isc.org/article/AA-00768/0/Getting-started-with-BIND-how-to-build-and-run-named-with-a-basic-recursive-configuration.html: >> >> >> "Running named in a chroot jail (many still do, but this shouldn't be >> necessary with modern versions of BIND)".: >> >> What's the reason, that it isn't necessary to run modern version of bind >> in a jail? > > that named got a complete rewrite and don't share any code with the > times where the quality was so bad that it was highly recommended to > chroot it? > > > -- > > Message: 5 > Date: Mon, 24 Oct 2016 11:04:43 +0100 > From: Tony Finch > To: Tom > Cc: "bind-users@lists.isc.org" > Subject: Re: Running current version of bind in a jail? > Message-ID: > Content-Type: TEXT/PLAIN; charset=US-ASCII > > Tom wrote: >> >> What's the reason, that it isn't necessary to run modern version of bind in a >> jail? > > chroot is a defence against privilege escalation following a remote code > execution vulnerability. It isn't a very solid defence. And BIND 9 tends > to die of a self-check failure
Re: Compiling on AIX-7.1
W dniu 24.10.2016 o 19:24, Davis, Donald W pisze: > Has anyone compiled bind-9.11 on AIX version 7.1? I have gcc > installed. The first make failed with “nslookup.c:39:31: fatal error: > readline/readline.h: No such file or directory” > > I installed the readline library and now is failing with the following > errors: > > ld: 0711-317 ERROR: Undefined symbol: .__cxa_finalize > > ld: 0711-317 ERROR: Undefined symbol: .__udivdi3 > > ld: 0711-317 ERROR: Undefined symbol: .__umoddi3 > > collect2: error: ld returned 8 exit status Could you paste the ./configure options you are using? Try adding LDFLAGS="-lm" to ./configure -- wpk ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Compiling on AIX-7.1
Has anyone compiled bind-9.11 on AIX version 7.1? I have gcc installed. The first make failed with "nslookup.c:39:31: fatal error: readline/readline.h: No such file or directory" I installed the readline library and now is failing with the following errors: ld: 0711-317 ERROR: Undefined symbol: .__cxa_finalize ld: 0711-317 ERROR: Undefined symbol: .__udivdi3 ld: 0711-317 ERROR: Undefined symbol: .__umoddi3 collect2: error: ld returned 8 exit status make: 1254-004 The error code from the last command is 1. Stop. Any help would be appreciated! Don ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
named virtual hosts anybody - you can run thousands of domains on a single IP understood Harld :) cheers Pol ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
Am 24.10.2016 um 16:35 schrieb Pol Hallen: so what are your real questions? P.S.: you need more than one DNS server for a public domain which must not run on the same network I have to register some domains: example.com, example.ue, example.net, exampe.org, etc. on my server I've also apache web and I'd like have internet site based on that domains but each domain must have a unique IP (or not?) my ISP supplies only one IP. named virtual hosts anybody - you can run thousands of domains on a single IP the question is: can I handles several internet site using local bind? don't get me wrong but that question shows that you are not ready to run a public dns server - there is no "local" or "non local bind" in that context - bind as any other nameserver serves as much forward and ptr-zones as you configure ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
so what are your real questions? P.S.: you need more than one DNS server for a public domain which must not run on the same network I have to register some domains: example.com, example.ue, example.net, exampe.org, etc. on my server I've also apache web and I'd like have internet site based on that domains but each domain must have a unique IP (or not?) my ISP supplies only one IP. the question is: can I handles several internet site using local bind? thanks Pol ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: authority
Am 24.10.2016 um 14:40 schrieb Pol Hallen: Hello all, after weeks studying bind I'm here with a question: I'd like have my own bind authority server for some domains. I just configured my first zone (ie: www.example.org) with static IP of my DSL. Everything works :-) If I register another FQDN (ie: www.example.com) how can I set my second zone? identical like the first one Which IP should be use? i don't understand your question * the registry points the glue records of the zone to your DNS * your DNS answers for all zones which are configured * what IP it answers is defined in your zones * what IP your DNS has is defined by "static IP of my DSL" so what are your real questions? P.S.: you need more than one DNS server for a public domain which must not run on the same network ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
authority
Hello all, after weeks studying bind I'm here with a question: I'd like have my own bind authority server for some domains. I just configured my first zone (ie: www.example.org) with static IP of my DSL. Everything works :-) If I register another FQDN (ie: www.example.com) how can I set my second zone? Which IP should be use? thanks for help Pol ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: merging reverse zone data obtained from two different masters
blrmaaniwrote: > On Sunday, October 23, 2016 at 2:56:37 PM UTC-7, blrmaani wrote: > > > > We have hosts in two different zones but use same subnet. Zone1 is > > generated by Master1 and Zone2 is generated by Master2. > > > > Slave1 runs BIND and would like to merge the reverses generated on > > Master1 and Master2. How do I do this? > > I know couple of hacky way to achieve this. Just curious if anyone tried > it ? Probably the best way is to use RFC 2317 classless delegation. It requires that zone1 and zone2 have different names from the normal reverse DNS zone. https://tools.ietf.org/html/rfc2317 https://tools.ietf.org/html/draft-fanf-dnsop-rfc2317bis Tony. -- f.anthony.n.finch http://dotat.at/ - I xn--zr8h punycode North Fitzroy: Northeasterly 5 to 7 in far northwest, otherwise variable 3 or 4. Rough or very rough. Showers. Good, occasionally moderate. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Running current version of bind in a jail?
Tomwrote: > > What's the reason, that it isn't necessary to run modern version of bind in a > jail? chroot is a defence against privilege escalation following a remote code execution vulnerability. It isn't a very solid defence. And BIND 9 tends to die of a self-check failure before remote code execution occurs, judging by the last few years of vulnerability notices. Also, on Linux, named drops most capabilities. Stricter partitions (VMs or containers) which you can easily nuke and rebuild from scratch mean there's much less need for chroot. I still chroot my servers :-) Tony. -- f.anthony.n.finch http://dotat.at/ - I xn--zr8h punycode Sole, Lundy, Fastnet: Easterly or northeasterly 5 to 7, becoming variable 3 or 4 later. Rough or very rough, becoming slight or moderate later. Rain or showers. Moderate or good, occasionally poor. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users