Re: [bind-users] Graphing BIND 9.11/9.10 Queries

2017-01-18 Thread Jerry K 
I'm sure others will answer, but if you haven't already done so, I would suggest 
the list archives for answers already in place.


Here are a few I pulled out of my personal BIND list archives.

.
http://o-s.kpnqwest.pt

mrtg - multiple list references to /contrib/queryperf directory

http://www.snoogans.co.uk/files/rndcstats.pl <- link dead, but I bet this can be 
found somewhere.  Might be here 


dnsstats - found here -> http://www.shub-internet.org/brad/dns/index.html

Bind 8 & 9 stats from campin.net, waybackmachine reference
http://web.archive.org/web/20030216040611/http://www.campin.net/DNS/
http://web.archive.org/web/20030207033410/http://www.campin.net/DNS/graph.html

many standard Unix monitoring utilities, Cacti, Nagios, etc, have graphing 
utilities either built into the core for DNS, or via some contributed text.


Orca -

originally here - 


but now reference 
or 
or 
.

Hopefully something here helps.

If you find something you like better, please share.

Jerry




On 01/18/17 08:16 AM, Welisson Tomé wrote:



Hi All,

I'd like to know what kind of tools are you using to graphing queries on
Bind as Recursion Server?

BestRegards,



___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: [bind-users] Re: BIND9-ARM (HTML) feature request: better hyperlinking in/of chapter 6

2015-05-09 Thread Jerry K 
Was going thru some old messages, and came across this one about generating the 
ARM doc as HTML.


Just wondering if anything ever became of it?

Jerry Kemp


On 11/20/13 03:43 PM, Evan Hunt wrote:

On Wed, Nov 20, 2013 at 03:27:59PM -0600, /dev/rob0 wrote:

Looking at the HTML source for the Table of Contents, it seems like
someone had this idea before but didn't follow through. There are
numerous links to plain-language anchors amidst mostly the
"id25x" anchor names. (These probably had something to do with
the "DocBook XSL Stylesheets V1.71.1" generator.)


Note that the HTML isn't the source, it's generated from
doc/arm/Bv9ARM-book.xml and from the various ".docbook" files
throughout the source tree.


I might try to work on this myself, but I thought I should toss the
idea out for comments and suggestions first. Specifically, I suppose
that whatever work that is done should be compatible with the DocBook
source and other BIND9-ARM formats.


We'd certainly be glad to have help with it.


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: [bind-users] DNS weirdness

2015-03-03 Thread Jerry K 

Hello Doc,

Wanted to see if you were able to resolve your issue.

I have seen this issue occur in the past also.

Jerry


On 01/ 6/15 12:50 PM, The Doctor wrote:

Help needed.

This morning my primary DNS server locked.

No worries, the backup will kick in.

Wrong

!!

The Secondary DNS server cannot resolve properly unless
the 'real' primary is working.

All right, why is the secondary server behaving this way?

Satrt of secondary DNS server named.conf file

//Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
   algorithm hmac-md5;
   secret "7ZbGK94NdSa2WACxx72W1w==";
};

controls {
   inet 127.0.0.1 port 953
   allow { 127.0.0.1; } keys { "rndc-key"; };
};




// generated by named-bootconf.pl

options {
 directory "/etc/namedb";
 pid-file "/var/run/named.pid";
 dump-file "/etc/namedb/named.core";
 max-ncache-ttl 86400;
 recursive-clients 100;
 reserved-sockets 128;
 tcp-clients 40;
 tcp-listen-queue 14;
 zone-statistics yes;
 forwarders { 208.67.222.222; 208.67.220.220; };
 blackhole {
 65.94.172.87;
 67.68.204.41;
 74.15.184.13;
 65.94.173.208;
 };
 allow-transfer {
 204.209.81.1;
 204.209.81.8;
 204.209.81.14;
 };
 allow-notify {
 204.209.81.1;
 204.209.81.8;
 204.209.81.14;
 };
 also-notify {
 204.209.81.1 port 53;
 204.209.81.8 port 53;
 204.209.81.14 port 53;
 };
 /*
  * If there is a firewall between you and nameservers you want
  * to talk to, you might need to uncomment the query-source
  * directive below.  Previous versions of BIND always asked


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

[BIND-users] Thank you Warren!!! - WAS::Re: This list's prefix

2013-06-16 Thread Jerry K 

Hello Warren,

Thank you so much for this post.

Long time procmail user here.  I'm only sad I didn't think of this 
myself first.


Its been working great for me on this list, and a couple of others.

Jerry


On 06/ 5/13 12:46 PM, Warren Kumari wrote:


On Jun 5, 2013, at 11:43 AM, Narcis Garcia  wrote:


It's not the only mailing list where I'm subscribed.
Could please the administrator setup a prefix for messages' subject?


You have unwittingly walked into a religious argument.

If, like me, you really like list prefixes,  *and* you use procmial, you can 
add them yourself:

# Add an [6MAN] to messages to the "IPv6 Maintenance Working Group \(6man\)" 

:0 fw
* ^List-Id:[ ].*\
|/bin/sed -e 's/^Subject:[ ]*/Subject: [6MAN] /'

Nice to meet another member of the Church of Prefixes. We meet on Saturdays, 
and wear tricorn hats. Sure, folk laugh at the hats, but at least it draws 
attention away from our list prefix kink.

Warren



For example:
[bind-u]


Thanks.


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: [BIND-USERS] Re: Rate-Limit Question

2013-06-14 Thread Jerry K 

Thank you.

This is great news.

Jerry


On 06/14/13 11:08 AM, Evan Hunt wrote:

On Fri, Jun 14, 2013 at 03:36:19PM +0100, Phil Mayers wrote:

It's not built into bind (yet).


Correct.  For the record, it'll be in 9.10.0 by default and 9.9.4 as a
compile-time option (--enable-rrl).

(Our usual policy is not to add substantial new features in maintenance
releases like 9.9.4; making it a compile-time option that defaults to off
is our way of tiptoeing around the rule.)


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: host versus nslookup

2011-10-12 Thread Jerry K 
AIX also does something similar.

On 10/12/11 05:09 PM, Kevin Darcy wrote:

> As far as I know, only HP-UX has hacked nslookup to look at /etc/hosts.
> And I don't think it even looks at the "switch" file or other naming
> sources (e.g. Yellow Plague). HP-UX's nslookup "enhancement" is a
> one-off, I believe.
> 
> On most platforms, the only way that nslookup is "closer" to the OS
> name-resolution mechanism than dig is that nslookup will do
> suffix-searching, whereas dig will not. But even then, I think nslookup
> uses its own version of the resolver library to do that, so if one is
> trying to troubleshoot a problem with the OS'es suffix-searching
> behavior using nslookup, one might be comparing apples to grapefruit
> (or, since we're talking about nslookup here, perhaps I should say
> uglyfruit).
> 
>
>
> - Kevin
> 
> 
> 
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: USADOTGOV.NET Root Problems?

2010-07-25 Thread Jerry K 

Michael,

Do you have a standard template that you use for your Cisco firewall 
devices?


Or are you just disabling the fixup protocol's?

Jerry


On 07/24/10 15:16, Michael Sinatra wrote:



That's true, but it doesn't quite explain why the "DNS Inspection
Policy," turned on by default on the PIX/FWSM/ASA, continued to have a
default maximum DNS message size of 512 bytes more than a decade after
EDNS0 became a standards-track RFC.

In this case, Cisco's defaults are brain-dead. Whether that had an
impact here or the issue was due to mere fragmentation isn't clear, but
those default values have had an impact on DNSSEC deployment.

michael


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users