Hyperlocal RFC8806 Root Mirror

2023-09-27 Thread Silva Carlos 
+

Hey guys.
I have two recursive servers, bind 9.18 on Debian 12.

On server A I configured HyperLocal. On Server B I did NOT configure
HyperLocal.

I ran the command "dig @localhost EXAMPLES" on both servers.
EXAMPLES: blabla.sdf.dd or teste.com.eroterrter or world.nanana

Problem: Both Servers report that "Query TIme = 0 ms". I understand that
Server A should result in 0ms and Server B should have a non-zero time as
Server B does not have a copy of the Root Zone DB.

Question: Where am I going wrong? Am I missing some basic principle?


I'm following this tutorial:
https://semanacap.bcp.nic.br/files/apresentacao/arquivo/864/Implementacao%20de%20servidores%20recursivos%20guia%20de%20praticas%20semcap%20ceptro%20br.pdf

Best Regards +


Não
contém vírus.www.avast.com

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Hyperlocal RFC8806 Root Mirror

2023-09-27 Thread Michael Richardson 

Silva Carlos  wrote:
> On server A I configured HyperLocal. On Server B I did NOT configure
> HyperLocal.

> I ran the command "dig @localhost EXAMPLES" on both servers.
> EXAMPLES: blabla.sdf.dd or teste.com.eroterrter or world.nanana

> Problem: Both Servers report that "Query TIme = 0 ms". I understand that
> Server A should result in 0ms and Server B should have a non-zero time as
> Server B does not have a copy of the Root Zone DB.

> Question: Where am I going wrong? Am I missing some basic principle?

1. Server B could have cached the result already.
   Make sure you start it cold.
2. The query is probably taking between 0ms and 1ms, but rounds down to 0ms.

To be sure, you could tcpdump the network on server B.



signature.asc
Description: PGP signature
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

KSAP - How to manually rollover keys documentation?

2023-09-27 Thread Eddie Rowe 
I am using the nifty feature of the KASP in 9.16.23, but I cannot seem to 
locate documentation on how to manually rollover keys in case this is needed in 
the future. The documentation is excellent as far as discussing the steps 
involved for the manual or semi-automatic but I am not seeing the steps and 
tools you would use to rollover manually when using the KASP feature.  Am I 
overlooking another document or KB article on this topic?


-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: [EXTERNAL] bind-users Digest, Vol 4327, Issue 1

2023-09-27 Thread Lenny Rollison 

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

-- next part --

An HTML attachment was scrubbed...

URL: 
<https://urldefense.com/v3/__https://lists.isc.org/pipermail/bind-users/attachments/20230927/e250fc52/attachment-0001.htm__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljX5em3bOy$<https://urldefense.com/v3/__https:/lists.isc.org/pipermail/bind-users/attachments/20230927/e250fc52/attachment-0001.htm__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljX5em3bOy$>>



--



Message: 2

Date: Wed, 27 Sep 2023 14:15:43 -0400

From: Michael Richardson mailto:m...@sandelman.ca>>

To: Silva Carlos mailto:scarlos.4...@gmail.com>>, 
bind-users@lists.isc.org<mailto:bind-users@lists.isc.org>

Subject: Re: Hyperlocal RFC8806 Root Mirror

Message-ID: <6839.1695838543@localhost<mailto:6839.1695838543@localhost>>

Content-Type: text/plain; charset="us-ascii"





Silva Carlos mailto:scarlos.4...@gmail.com>> wrote:

> On server A I configured HyperLocal. On Server B I did NOT configure

> HyperLocal.



> I ran the command "dig @localhost EXAMPLES" on both servers.

> EXAMPLES: blabla.sdf.dd or teste.com.eroterrter or world.nanana



> Problem: Both Servers report that "Query TIme = 0 ms". I understand that

> Server A should result in 0ms and Server B should have a non-zero time as

> Server B does not have a copy of the Root Zone DB.



> Question: Where am I going wrong? Am I missing some basic principle?



1. Server B could have cached the result already.

   Make sure you start it cold.

2. The query is probably taking between 0ms and 1ms, but rounds down to 0ms.



To be sure, you could tcpdump the network on server B.



-- next part --

A non-text attachment was scrubbed...

Name: signature.asc

Type: application/pgp-signature

Size: 511 bytes

Desc: not available

URL: 
<https://urldefense.com/v3/__https://lists.isc.org/pipermail/bind-users/attachments/20230927/6dedd376/attachment-0001.sig__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljX7t0iQ0K$<https://urldefense.com/v3/__https:/lists.isc.org/pipermail/bind-users/attachments/20230927/6dedd376/attachment-0001.sig__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljX7t0iQ0K$>>



--



Message: 3

Date: Wed, 27 Sep 2023 21:02:16 +

From: Eddie Rowe mailto:eddie.r...@werdev.com>>

To: "bind-users@lists.isc.org<mailto:bind-users@lists.isc.org>" 
mailto:bind-users@lists.isc.org>>

Subject: KSAP - How to manually rollover keys documentation?

Message-ID:

 
mailto:mw5pr22mb3132fcb88583e2a81f12e18aea...@mw5pr22mb3132.namprd22.prod.outlook.com>>



Content-Type: text/plain; charset="iso-8859-1"



I am using the nifty feature of the KASP in 9.16.23, but I cannot seem to 
locate documentation on how to manually rollover keys in case this is needed in 
the future. The documentation is excellent as far as discussing the steps 
involved for the manual or semi-automatic but I am not seeing the steps and 
tools you would use to rollover manually when using the KASP feature.  Am I 
overlooking another document or KB article on this topic?





-- next part --

An HTML attachment was scrubbed...

URL: 
<https://urldefense.com/v3/__https://lists.isc.org/pipermail/bind-users/attachments/20230927/e1047578/attachment.htm__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljXy0JBiH4$<https://urldefense.com/v3/__https:/lists.isc.org/pipermail/bind-users/attachments/20230927/e1047578/attachment.htm__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljXy0JBiH4$>>



--



Subject: Digest Footer



___

ISC funds the development of this software with paid support subscriptions. 
Contact us at 
https://urldefense.com/v3/__https://www.isc.org/contact/__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljXyPZ9N7x$<https://urldefense.com/v3/__https:/www.isc.org/contact/__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljXyPZ9N7x$>
 for more information.



bind-users mailing list

bind-users@lists.isc.org<mailto:bind-users@lists.isc.org>

https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/bind-users__;!!EQ82F1lD2o0!a9msf12u5aa_Cu5f9CthZ0ZyqFBX25xWXnaU6dvdABqajXCyBM38LJ_62y1tNeOcAaEAiZoaGDzTZE_9NQljXy3zF8_A$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinf