2009 19:36:54 -0700 Kevin Darcy
> > };
> That's the general idea, yes, but "someip" can't be used literally
> unless it's defined as an ACL somewhere else in the config, of course,
> and "recursion no" in "options" means that *neither* of these views can
> be used for your own clients
dev_n...@zoho.com wrote:
Hello,
I want to config a named for two networks, using the view.
for example, neta is for internal users, netb is for any other users.
I got the named.conf below, do you have any suggestion on it? thanks.
options {
directory "/usr/local/bind";
recursion no
Hello,
I want to config a named for two networks, using the view.
for example, neta is for internal users, netb is for any other users.
I got the named.conf below, do you have any suggestion on it? thanks.
options {
directory "/usr/local/bind";
recursion no;
zone-statistics yes
Hi Terry,
Each view has to be independently notified if an update takes place.
/Jonathan
On Thu, Mar 26, 2009 at 4:46 PM, wrote:
> This question is related to the prior "Internal and External view on same
> slave server? - RESOLVED" thread, but seems to be a different situation in
> which the
On Thu, March 26, 2009 19:19, Kevin Darcy wrote:
>> 2) What is the maximum number of includes inside a SFP field?
>>
> I assume you mean SPF (Sender Policy Framework), the anti-SPAM(ming)
> mechanism (?)
>
> I'm no SPF expert but in glancing at the documentation it looks like
> there is no arbitrar
Darvin Denmian asked:
> 2) What is the maximum number of includes inside a SFP field?
It is RECOMMENDED that SPF library implementations limit the number of DNS
operations performed during a lookup to ten, to cut down on the chances of a
denial-of-service exercise using SPF and to short-circuit
There's a certain threshold, let's say several thousand zones, or
several 10s of thousands of resource records, where any organization
probably wants to make a complete separation between DNS hosting and DNS
resolution. At the same time, you'd probably want to put a load-balancer
of some sort i
This question is related to the prior "Internal and External view on same
slave server? - RESOLVED" thread, but seems to be a different situation in
which the previous answer doesn't apply.
I have 3 nameservers, which we'll call ns1, ns2, and ns3. These servers
are primarily slave servers for
Darvin Denmian wrote:
Hello,
I have some questions:
1) Anybody know the maximum number of characters allowed in a TXT field?
A simple question, but a complicated answer.
You may have multiple "strings" in a single TXT record. Each "string"
may be up to 255 characters in length, with a "le
Rich Goodson wrote:
> If you're really looking to cover all bases, there's a little gotcha in
> Solaris (even in 10) that will make this startup script fail if it's
> invoked with sh (as most startup scripts that I've seen are).
Yeah, I was trying to avoid "shell portability" concerns to try to
av
Aha!
Thanks, checking the config showed that I had messed up my syntax at the
recursion statement. I corrected that and was able to start bind, and
now I can run nslookup on my XP clients to resolve other domains!
Thanks to all for your help!!
Kenny
-Original Message-
From: Jeremy C. Re
On Thu, 26 Mar 2009, ARMSTRONG, KENNETH wrote:
> Thanks, I gave that a go and now when I run a query I get "No response
> from server" when running nslookup. I tried restarting bind and now I
> get the "rndc: connect failed: 127.0.0.1#953: connection refused" error.
> I then tried running rnd
Hello,
I have some questions:
1) Anybody know the maximum number of characters allowed in a TXT field?
2) What is the maximum number of includes inside a SFP field?
Sorry for the bad english :(
Thanks !
___
bind-users mailing list
bind-users@lists.i
Thanks, I gave that a go and now when I run a query I get "No response from
server" when running nslookup. I tried restarting bind and now I get the
"rndc: connect failed: 127.0.0.1#953: connection refused" error. I then tried
running rndc-confgen, and added the following to rndc.conf:
key "r
You need to enable recursion in options.
/Jonathan
2009/3/26 ARMSTRONG, KENNETH :
> OK, I've been trying my hardest to figure this out.
>
> I have BIND9 installed and set up as a slave to one of our Domain
> Controllers (so we can at least still get DNS if it were to go down). It
> works fine for
On Mar 26 2009, Matus UHLAR - fantomas wrote:
On 26.03.09 21:34, dev_n...@zoho.com wrote:
In recent version of Bind-9.6, is it needed for reverse parsing config of
localhost? for example,
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "local.rev";
};
I think it's not, but it
In message <20090326141903.1917917...@britaine.cis.anl.gov>, b19...@anl.gov writ
es:
> Oliver Henriot wrote:
>
> dnsserver% !!
> dig auniarael.com @216.69.185.38
>
> ; <<>> DiG 8.3 <<>> auniarael.com @216.69.185.38
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
OK, I've been trying my hardest to figure this out.
I have BIND9 installed and set up as a slave to one of our Domain
Controllers (so we can at least still get DNS if it were to go down). It
works fine for transferring the zone file of our domain down, and from
the server running BIND I can resolv
Mani,
That's a very general question, and I don't claim to be an expert on all
aspects of dns security, so hopefully those who are will chime in on
this point. I think most of those who are knowledge about dns would
probably recommend separating your authoritative and caching servers,
especially
Oliver Henriot wrote:
>Dear list users,
>
>I have a bind 9.3 server on a centos 5.2 machine which logs huge (about
>12 errors every second) quantities of FORMERR messages while trying to
>resolve /IN records which look like this :
>
>Mar 25 08:44:24 myserver named[1124]: FORMERR resolving
>'a
If you're really looking to cover all bases, there's a little gotcha
in Solaris (even in 10) that will make this startup script fail if
it's invoked with sh (as most startup scripts that I've seen are).
The 'test -e' is unavailable in sh on Solaris. You need to use -r
(file exists and is r
On 26.03.09 21:34, dev_n...@zoho.com wrote:
> In recent version of Bind-9.6, is it needed for reverse parsing config of
> localhost? for example,
>
> zone "0.0.127.IN-ADDR.ARPA" {
> type master;
> file "local.rev";
> };
I think it's not, but it's alwayt better to have it.
However,
Hello,
In recent version of Bind-9.6, is it needed for reverse parsing config of
localhost? for example,
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "local.rev";
};
thanks.___
bind-users mailing list
bind-users@lists.isc.org
https
> Mar 25 08:44:24 myserver named[1124]: FORMERR resolving
> 'auniarael.com//IN': 216.69.185.38#53
The negative response includes the optional NS records.
My custom named has logging that says:
FORMERR: NS name matches domain name.
This new logging is not committed yet. If you have a
Another thumbs-up for Infoblox. We've been using their appliance for a few
years now and have been pleased with both the product and the support. We
use it as a false root and manage both private and public name/address space
with it; several hundred zones, many hundreds of networks world-wide.
Ben,
In that case if I want an authoritative server and also a caching name
server, is it fine if I place both the functionalities together as a
best practice of implementation, how about security issues ?,
If I want to introduce one more server for caching functionality alone
how will I separa
On Mar 26 2009, Kevin Darcy wrote:
[...]
The problems with using "ps" to find the named process include:
-- you can get false matches if you don't tailor your string matching
_just_right_,
-- unexpectedly "missed" matches if the command-line arguments change,
even a little bit (e.g. if someone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear list users,
I have a bind 9.3 server on a centos 5.2 machine which logs huge (about
12 errors every second) quantities of FORMERR messages while trying to
resolve /IN records which look like this :
Mar 25 08:44:24 myserver named[1124]: FORME
Hi,
I allready tried 9.4.3, and it happened there.
Trying 9.6.0-P1 gives the same result:
recursive clients: 1083/49900/5
--cut--
26-Mar-2009 08:04:39.736 database: adb: fetch of 'mars.csd.unb.ca' A
failed: out of memory
26-Mar-2009 08:04:39.737 data
29 matches
Mail list logo
