Re: 9.18 horrendous

2024-08-23 Thread Jim Pazarena 
I agree. Banning them because you disagree with what they say ? You have 
shares in facebook ? TikTok ? Federal Govt ?



On 2024-08-23 7:19 AM, Marcus Kool wrote:
The user was angry and ranted about named 9.18.x.  He did not rant 
about any developer or any member of your team.  Removing a user from 
this list is IMHO not the best way to treat an issue.


Marcus


On 23/08/2024 13:31, Ondřej Surý wrote:

I can understand your anger
But I don’t. Let me be absolutely clear. There’s nothing in the world 
that would allow you to treat me, my team and the other list members 
like this. And there’s nothing in the world that would justify such 
behavior.


The user in question has been removed from the list and banned. I 
would rather spent my energy on the users who treat other with 
respect than work around someone’s “anger”.


Ondřej
--
Ondřej Surý — ISC (He/Him)

My working hours and your working hours may be different. Please do 
not feel obligated to reply outside your normal working hours.
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

logging via named.conf

2014-05-28 Thread Jim Pazarena 

Is there an easy way in the named.conf logging to
have ALL logging go to local2 ?

I've created:

logging {
   channel syslog-local2 {
syslog local2;
print-category yes;
print-severity yes;
};

category default { syslog-local2; };
category general { syslog-local2; };
category database { syslog-local2; };
category security { syslog-local2; };
--More--(44%)



A lot of messages get to local2, but some things (like general.warning)
don't get to local2, but still get to syslog messages.

Is there an easy catch-all for ALL named logging ?

Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: classless ptr setup

2014-01-20 Thread Jim Pazarena 
Thank you for this. I am familiar with the setup; I suppose that my 
question was unclear.


Can the SAME named.conf handle BOTH the /24 cname assignments AND
the /25 in-addr.arpa records.

Which sounds like a dumb question, but I thought named may not like it.
But I'll set it up and see if named complains (if at all).

Thanks again.


On 2014-01-20 11:00 AM, jo...@primebuchholz.com wrote:

In your zone file for the class c (x.y.z), you'd create a delegation like
this in the zone file:

; For 0-127
0/25 NS   some.server.
0/25 NS   some.other.server.
1   CNAME   1.0/25.z.y.x.in-addr.arpa.
2   CNAME   2.0/25.z.y.x.in-addr.arpa.
...
; For 128 on...
128/25   NS  some.server.
128/25   NS   some.other.server.
129   CNAME   129.128/25.z.x.y.in-addr.arpa.
130   CNAME   130.128/25.z.x.y.in-addr.arpa.
...

...then the servers you delegated to have this:

named.conf:

zone "0/25.z.y.x.in-addr.arpa" {
...
...
}

...and in the zone file:

1   PTR   some.host.
...

as normal.

HTH,

-John




From:   Jim Pazarena 
To: bind-users@lists.isc.org
Date:   01/20/2014 01:43 PM
Subject:classless ptr setup
Sent by:bind-users-bounces+johnh=primebuchholz@lists.isc.org



I have a full /24, which I would like to separate into two /25's, and
assign each half to two of my customers. The snag is that *I* maintain
the DNS for each of these customers.

Is it possible to create the classless setup within my system so that it
starts with the /24 but can assign the two classless /25's ?

If so, I am stumped on the setup. Any help would be appreciated.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users


--
 Please consider the environment before printing this e-mail.

 This e-mail is intended only for the named person or entity to which it
 is addressed and contains valuable business information that is
 privileged, confidential and/or otherwise protected from disclosure.
 Dissemination, distribution or copying of this e-mail or the 
information
 herein by anyone other than the intended recipient, or an employee, or
 agent responsible for delivering the message to the intended recipient,
 is strictly prohibited.  All contents are the copyright property of the
 sender.  If you are not the intended recipient, you are nevertheless
 bound to respect the sender's worldwide legal rights.  We require that
 unintended recipients delete the e-mail and destroy all electronic
 copies in their system, retaining no copies in any media.  If you have
 received this e-mail in error, please immediately notify us by calling
 our Help Desk at (603) 433-1143, or e-mail to i...@primebuchholz.com.
 We appreciate your cooperation.




___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

classless ptr setup

2014-01-20 Thread Jim Pazarena 

I have a full /24, which I would like to separate into two /25's, and
assign each half to two of my customers. The snag is that *I* maintain
the DNS for each of these customers.

Is it possible to create the classless setup within my system so that it
starts with the /24 but can assign the two classless /25's ?

If so, I am stumped on the setup. Any help would be appreciated.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

DNS format error

2013-11-11 Thread Jim Pazarena 

I see in my logs "DNS format error from 205.178.190.53#53 resolving
excelwetsuits.com/MX for client 207.34.147.83#54521: invalid response"
The client is *my* mail server IP.

I am wondering is this error on MY side or their's ? It doesn't sound
like it.

If it's on their end.. how far should someone go to attempt to contact
them to correct the issue?

If it's on my end, I can't imagine what the issue may be.

Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

authoritative rDNS

2013-10-09 Thread Jim Pazarena 
I set up a subnet on my server, complete with rdns, and ARIN has been 
adjusted for my two dns servers (ns.qcislands.net & ns2.qcislands.net)


the subnet: 23.235.75.0/24

if you do a lookup of, for instance: 23.235.75.10
and bounce that nslookup off of other dns servers, SOME say:
Authoritative answers can be found from: 

others, well, at least google 8.8.8.8 do not show anything as
authoritative, altho the IP DOES resolve.

I am curious if 8.8.8.8 isn't trying, or instead, am I missing
something which 8.8.8.8 considers incomplete and therefore 
un-authoritative ?


I just want to make sure my setup is accurate. Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

ARIN IP assignments

2013-10-07 Thread Jim Pazarena 

I have a client who has been assigned a /20 from ARIN.

They asked me to help them with their DNS.

The DNS for me is the easy part. except...

ARIN has told them that you use the DNS to set up the routing so that
the traffic for this /20 gets routed to the correct up-stream provider.

Is this correct? If so, where in DNS do you set up routing.
if it's not correct, what am I missing? I always thought DNS had 100%
nothing to do with routing on the 'net. Boy am I confused.

TIA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: reverse resolution failing

2013-04-10 Thread Jim Pazarena 

Jim Pazarena wrote, On 2013-02-07 9:31 AM:

my named is 9.9.0

while it can resolve "webmail.acrodex.com" ( 139.142.184.10 )

it cannot reverse resolve 139.142.184.10

(example follows).
However, if I do a simply nslookup using goodle DNS.
nslookup 139.142.184.10 8.8.8.8
IT WORKS!


So I have another domain which will not reverse resolve for me:

mail.tysers.com which also appears to be:
mail.tyser.co.uk

80.169.188.226

the IP, will not reverse resolve (for me) yet, once again,
google (8.8.8.8) CAN RESOLVE IT.

On my original post, Tony Finch advised "the nameservers for
the target are very broken".

But why is it that google can STILL resolve it?
Do they have some special setting which pushes thru poorly
configured DNS?
Is there anything I can do to MY named to get this working?
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

odd compile error in a lib

2013-02-14 Thread Jim Pazarena 

I installed FreeBSD 9.1 on 3 virtually identical HP rack servers.
two of the servers compile bind 9.9.2-P1 as expected.
One however dies because of a bunch of undefined references in
a library file.
a proper ./configure was issued, along with a make; on ALL 3!

I am stumped, and would appreciate suggestions.

Thanks,
Jim

export MAKE_SYMTABLE="yes";  export BASEOBJS="builtin.o client.o 
config.o control.o  controlconf.o interfacemgr.o  listenlist.o log.o 
logconf.o main.o notify.o  query.o server.o sortlist.o statschannel.o 
tkeyconf.o tsigconf.o update.o xfrout.o  zoneconf.o  lwaddr.o lwresd.o 
lwdclient.o lwderror.o lwdgabn.o  lwdgnba.o lwdgrbn.o lwdnoop.o 
lwsearch.ounix/os.o unix/dlz_dlopen_driver.o";  if [ 
X"/usr/bin/perl5" = X -o X"${MAKE_SYMTABLE:-}" = X ] ; thengcc 
-pthread -g -O2 -I/usr/local/include/libxml2 -I/usr/local/include   -o 
named ${BASEOBJS} ${LIBS0} ../../lib/lwres/liblwres.a 
../../lib/dns/libdns.a  -lgssapi_krb5 -lcrypto 
../../lib/bind9/libbind9.a  ../../lib/isccfg/libisccfg.a 
../../lib/isccc/libisccc.a ../../lib/isc/libisc.a -L/usr/local/lib 
-lxml2 -lz -L/usr/local/lib -liconv -lm -lreadline;  else  rm -f 
namedtmp0;gcc -pthread -g -O2 -I/usr/local/include/libxml2 
-I/usr/local/include   -o namedtmp0 ${BASEOBJS} ${LIBS0} 
../../lib/lwres/liblwres.a ../../lib/dns/libdns.a  -lgssapi_krb5 
-lcrypto ../../lib/bind9/libbind9.a  ../../lib/isccfg/libisccfg.a 
../../lib/isccc/libisccc.a ../../lib/isc/libisc.a -L/usr/local/lib 
-lxml2 -lz -L/usr/local/lib -liconv -lm -lreadline || exit 1;  rm -f 
named-symtbl.c named-symtbl.o;  /usr/bin/perl5 ../../util/mksymtbl.pl 
-o named-symtbl.c namedtmp0 || exit 1;  make named-symtbl.o || exit 1; 
rm -f namedtmp1;gcc -pthread -g -O2 -I/usr/local/include/libxml2 
-I/usr/local/include   -o namedtmp1 ${BASEOBJS} named-symtbl.o ${LIBS0} 
../../lib/lwres/liblwres.a ../../lib/dns/libdns.a  -lgssapi_krb5 
-lcrypto ../../lib/bind9/libbind9.a  ../../lib/isccfg/libisccfg.a 
../../lib/isccc/libisccc.a ../../lib/isc/libisc-nosymtbl.a 
-L/usr/local/lib -lxml2 -lz -L/usr/local/lib -liconv -lm -lreadline || 
exit 1;  rm -f named-symtbl.c named-symtbl.o;  /usr/bin/perl5 
../../util/mksymtbl.pl  -o named-symtbl.c namedtmp1 || exit 1;  make 
named-symtbl.o || exit 1;gcc -pthread -g -O2 
-I/usr/local/include/libxml2 -I/usr/local/include   -o namedtmp2 
${BASEOBJS} named-symtbl.o ${LIBS0} ../../lib/lwres/liblwres.a 
../../lib/dns/libdns.a  -lgssapi_krb5 -lcrypto 
../../lib/bind9/libbind9.a  ../../lib/isccfg/libisccfg.a 
../../lib/isccc/libisccc.a ../../lib/isc/libisc-nosymtbl.a 
-L/usr/local/lib -lxml2 -lz -L/usr/local/lib -liconv -lm -lreadline; 
/usr/bin/perl5 ../../util/mksymtbl.pl  -o named-symtbl2.c namedtmp2; 
count=0;  until diff named-symtbl.c named-symtbl2.c > /dev/null ;  do 
count=`expr $count + 1` ;  test $count = 42 && exit 1 ;  rm -f 
named-symtbl.c named-symtbl.o;  /usr/bin/perl5 ../../util/mksymtbl.pl 
-o named-symtbl.c namedtmp2 || exit 1;  make named-symtbl.o || exit 1; 
  gcc -pthread -g -O2 -I/usr/local/include/libxml2 -I/usr/local/include 
  -o namedtmp2 ${BASEOBJS} named-symtbl.o  ${LIBS0} 
../../lib/lwres/liblwres.a ../../lib/dns/libdns.a  -lgssapi_krb5 
-lcrypto ../../lib/bind9/libbind9.a  ../../lib/isccfg/libisccfg.a 
../../lib/isccc/libisccc.a ../../lib/isc/libisc-nosymtbl.a 
-L/usr/local/lib -lxml2 -lz -L/usr/local/lib -liconv -lm -lreadline; 
/usr/bin/perl5 ../../util/mksymtbl.pl  -o named-symtbl2.c namedtmp2; 
done ;  mv namedtmp2 named;  rm -f namedtmp0 namedtmp1 namedtmp2 
named-symtbl2.c;  fi
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_ser_ccache_init'

/usr/local/lib/libgssapi_krb5.so: undefined reference to `krb5_rd_rep_dce'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5int_init_context_kdc'

 ...

/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_cc_set_config'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_auth_con_setuseruserkey'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_get_credentials_for_user'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_internalize_opaque'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_ser_pack_bytes'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_init_creds_set_password'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_free_tgt_creds'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`decode_krb5_ap_req'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`encode_krb5_ticket'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_auth_con_getkey_k'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_kt_client_default'
/usr/local/lib/libgssapi_krb5.so: undefined reference to 
`krb5_authdata_get_attribute_types'

*** [named] Error code 1

Stop in /u/qcinet/pgmr/FreeBSD/packages/bind/bind-9.9.2-P1/bin/named.
*** [subdirs] Error code 1

Stop in /u/qcinet/pgmr/FreeBSD/packages/bind/bind-9.9.2-P1/

reverse resolution failing

2013-02-07 Thread Jim Pazarena 

my named is 9.9.0

while it can resolve "webmail.acrodex.com" ( 139.142.184.10 )

it cannot reverse resolve 139.142.184.10

(example follows).
However, if I do a simply nslookup using goodle DNS.
nslookup 139.142.184.10 8.8.8.8
IT WORKS!

Can anyone suggest where I may be going wrong with this?
my "dig" response follows.
Many thanks!

Jim

mail# dig -x 139.142.184.10

; <<>> DiG 9.9.0 <<>> -x 139.142.184.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49017
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;10.184.142.139.in-addr.arpa.   IN  PTR

;; Query time: 125 msec
;; SERVER: 207.34.147.93#53(207.34.147.93)
;; WHEN: Thu Feb  7 09:30:12 2013
;; MSG SIZE  rcvd: 56

mail#
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: slave nags that master is not authoritative

2011-11-23 Thread Jim Pazarena 

Jan-Piet Mens wrote, On 2011-11-23 12:21 AM:

I have 1 domain name, and 1 reverse in-addr.arpa
 citires.ca  and0-127.254.194.207.in-addr.arpa

which my two slaves log that the master is "not authoritative" for



I found the issue!

I had TWO named.conf files for my slaves, one not being used
any longer, and THAT'S the one I updated with these new entries.

Sorry for the waste of bandwidth and your efforts, all!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: slave nags that master is not authoritative

2011-11-23 Thread Jim Pazarena 

Jan-Piet Mens wrote, On 2011-11-23 12:21 AM:

I have 1 domain name
 citires.ca

which my two slaves log that the master is "not authoritative" for


Seen from here (.DE) the NS for citires.ca both refuse to answer
queries, so they are indeed not authoritative:

 $ dig @ns.qcislands.net. citires.ca ns

 ;<<>>  DiG 9.6-ESV-R4-P3<<>>  @ns.qcislands.net. citires.ca ns


they aren't answering, because they refused to load the zone from the 
master saying it wasn't authoritative. So they have nothing to offer you.


I have them in the world view; along with about 60 other domains names. 
I am stumped!


Thanks for the reply.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

slave nags that master is not authoritative

2011-11-23 Thread Jim Pazarena 

I have 1 domain name, and 1 reverse in-addr.arpa
citires.ca  and0-127.254.194.207.in-addr.arpa

which my two slaves log that the master is "not authoritative" for

I have plenty of rdns subnets, and 3 fractional subnets in that group
so my copy & paste of this new /25 looks 100%. yet my slave doesn't
like it.

as to the newly registered citires.ca my slaves once again complain that
my master isn't authoritative.

I've entered new domains AND new rdns dozens of times. I simply cannot
figure out if it os ME, or the registrar (domain name) or telco (rdns).

Suggestions greatly appreciated.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: reverse delegation from Telco

2011-11-03 Thread Jim Pazarena 

Chris Buxton wrote, On 2011-11-03 10:57 PM:

Everything is working as it should. Your servers (I'm guessing they're your 
servers) are responding authoritatively for the rewritten PTR record name. 
You're seeing a non-authoritative response because you're asking for the 
canonical PTR record name, for which your server is not authoritative (Telus' 
servers are). But the final part of the answer, from your zone 
'80-95.147.34.207.in-addr.arpa', is authoritative.

I'm making the assumption that ns.qcislands.net and ns2.qcislands.net are yours.

Regards,
Chris Buxton
BlueCat Networks


yup, they're all mine.

but that non-auth kinda bugs me, because for my 'full' /24 subnets,
that never happens. And it's delegated from the same Telco (Telus)

look at ns2.qcislands.net which cleanly resolves back and forth
to 209.53.238.4




On Nov 3, 2011, at 10:42 PM, Jim Pazarena wrote:


I've got a fractional subnet 207.34.147.80/28 (.240)
To which my reverse always responds, but claims to be non-authoritative.
Then it points AT MY DNS to be authoritative.
I am unsure, but think it has something to do with way I have described
my in-addr.arpa file.
Would someone please offer suggestion as to the non-auth response
for: 207.34.147.85 which is www.qcislands.net ?
Thanks!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users




___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

reverse delegation from Telco

2011-11-03 Thread Jim Pazarena 

I've got a fractional subnet 207.34.147.80/28 (.240)
To which my reverse always responds, but claims to be non-authoritative.
Then it points AT MY DNS to be authoritative.
I am unsure, but think it has something to do with way I have described
my in-addr.arpa file.
Would someone please offer suggestion as to the non-auth response
for: 207.34.147.85 which is www.qcislands.net ?
Thanks!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

ipv6 implementation in an ipv4 camp

2010-09-10 Thread Jim Pazarena 

I am curious if anyone can point out articles or deeper instructions
regarding an implementation and launch of ipv6 in a fully ipv4 camp?

If the upstream ISP still provides the end user an ipv4 number
as a gateway, and the end user still has a /24 or /23 assigned by
the ISP, need they be concerned with ipv6?

would the ipv4 /23 subnet be 'translatable' to a corresponding
ipv6 number?

Any source documents would be greatly appreciated.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users