> > I have seen this happen when bind for some reason (eg mtu issues with
> > vpn) cannot query for the DLV key at dlv.isc.org. I have not figured
> > out the exact failure mode there. Check the logs to see errors for DNSKEY
> > queries for dlv.isc.org to see if this is happening here too. However
> In article ,
> Matus UHLAR - fantomas wrote:
> > on one of my nameservers I see many of these messages in log files:
> >
> > Mar 29 07:59:07 gtssk1 named[5012]: security: error: client
> > 195.168.29.200#65293: view gtsi: check-names failure
> > dns_registration.in.nextra.sk/A/IN
> >
> > I'm
On 29.03.10 12:34, Prabhat Rana wrote:
> I'm running BIND 9.6.1-P1 on a Solaris box. This DNS (ns1.spx.net) is
> authoritative to domain spx.net (this is just example). And I'm trying to
> delegate nse.spx.net to ns1.nse.spx.net. I think I have configured
> correctly but when I run a dig from a dif
We are facing query drops by using dnsperf tool from ISC testing the DNS
service via load balancer. Multiple queries from the same source port
are being dropped partially by the load balancer and as per the load
balancer vendor feed back, this is a security feature and this situation
doesn't ha
In article ,
Roy Badami wrote:
> > I have seen this happen when bind for some reason (eg mtu issues with
> > vpn) cannot query for the DLV key at dlv.isc.org. I have not figured
> > out the exact failure mode there. Check the logs to see errors for DNSKEY
> > queries for dlv.isc.org to see if th
Hello I have a name server which is slave for many other zones.
The problem is that I upgraded to bind 9.3.x and now I have plenty of
messages like:
IN: refused notify from non-master: itselfIPaddress
how can I avoid this ?
Do I ahev to insert
notify no
for every zone in which it is slave
On Tue, 30 Mar 2010, Abdulla Bushlaibi wrote:
> We are facing query drops by using dnsperf tool from ISC testing the DNS
> service via load balancer. Multiple queries from the same source port are
> being dropped partially by the load balancer and as per the load balancer
> vendor feed back, this
hi all,
is there a built-in ACL that represents "any" IPv6 connection?
I have some experiment with allow-query { aclhere; };
where aclhere represents any IPv6 network, anywhere from the Internet.
If there's no built-in, what is the best way to come up with an equivalent?
Thanks!
_
> If there's no built-in, what is the best way to come up with an equivalent?
I think this will work:
acl any6 { ::0/0; };
acl any4 { 0.0.0.0/0; };
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
bind-users mailing list
bind-users@l
On 30.03.10 13:56, fddi wrote:
> Hello I have a name server which is slave for many other zones.
> The problem is that I upgraded to bind 9.3.x and now I have plenty of
> messages like:
upgraded _to_ 9.3 ? 9.3 is obsolete for some time.
> IN: refused notify from non-master: itselfIPaddress
> ho
On Mar 30 2010, Matus UHLAR - fantomas wrote:
On 30.03.10 13:56, fddi wrote:
Hello I have a name server which is slave for many other zones.
The problem is that I upgraded to bind 9.3.x and now I have plenty of
messages like:
upgraded _to_ 9.3 ? 9.3 is obsolete for some time.
IN: refused
Hello
First, Sorry for my english.
I have a tho servers with Bind 9.7 and 9.3, but i activated the
recursive and log show this errors:
30-mar-2010 17:55:37.092 general: error: .\socket.c:2444: unexpected error:
30-mar-2010 17:55:37.092 general: error: SOCKET_RECV: Windows error
code: 1236, r
Hi,
Can you please try with Windows 2003 server Standard Edition with SP2 and
Bind 9.6.0-P3?
Thanks and Regards,
Chandan Laskar
2nd Floor Data Center, ITC Center,
4, Russel Street, Kolkata - 700 016
Phone:(033)-40029000 Extn.: 3944
(0)-9830057396 (M)
Albert Molina
Sent
Hello
Not exist , only exist 9.6.1-p3 and not work
Chandan Laskar wrote:
Hi,
Can you please try with *Windows 2003 server* *Standard Edition* with
*SP2 *and *Bind 9.6.0-P3?*
Thanks and Regards,
Chandan Laskar
2nd Floor Data Center, ITC Center,
4, Russel Street, Kolkata - 700 016
Phone:(03
Hi All,
i tried to reload my config and zones with rndc. My Bind version is BIND
9.5.1-P3. My rndc.key looks like this.
key feld-server.feldland.lan. {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret TNCrihQV8NjY6bzA5GMJIg==;
};
This is what i also got from creating the sig-key. I s
On 3/30/2010 8:00 AM, Tony Finch wrote:
On Tue, 30 Mar 2010, Abdulla Bushlaibi wrote:
We are facing query drops by using dnsperf tool from ISC testing the DNS
service via load balancer. Multiple queries from the same source port are
being dropped partially by the load balancer and as per th
I changed my key to
key feld-server.feldland.lan. {
algorithm hmac-md5;
secret TNCrihQV8NjY6bzA5GMJIg==;
};
and executed the command
feld-server:/etc/bind# rndc -s feld-server -k rndc.key reload
rndc: connect failed: 192.168.0.186#953: connection refused
Without the explicit
Hi,
I believe you need: "hmac-md5;", and not "HMAC-MD5.SIG-ALG.REG.INT;"
W
On Mar 30, 2010, at 3:53 PM, Markus Feldmann wrote:
Hi All,
i tried to reload my config and zones with rndc. My Bind version is
BIND 9.5.1-P3. My rndc.key looks like this.
key feld-server.feldland.lan. {
Try add this:
options {
default-key "feld-server.feldland.lan.";
default-server 127.0.0.1;
default-port 953;
};
On Mar 30, 2010, at 4:05 PM, Markus Feldmann wrote:
I changed my key to
key feld-server.feldland.lan. {
algorithm hmac-md5;
secret TNCrihQ
On 3/30/2010 3:53 PM, Markus Feldmann wrote:
Hi All,
i tried to reload my config and zones with rndc. My Bind version is
BIND 9.5.1-P3. My rndc.key looks like this.
key feld-server.feldland.lan. {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret TNCrihQV8NjY6bzA5GMJIg==;
};
This is what i a
On 3/30/2010 4:05 PM, Markus Feldmann wrote:
I changed my key to
key feld-server.feldland.lan. {
algorithm hmac-md5;
secret TNCrihQV8NjY6bzA5GMJIg==;
};
and executed the command
feld-server:/etc/bind# rndc -s feld-server -k rndc.key reload
rndc: connect failed: 192.168.0.186#953: conn
I'm adding a new domain to my existing authoritative name servers, and need to
add an MX record for a device on the existing domain. That device will serve
both domains until we get a new box in and then we will have separate MX
records/devices for each domain. I have created a new zone file a
Kevin Darcy schrieb:
On 3/30/2010 3:53 PM, Markus Feldmann wrote:
Hi All,
i tried to reload my config and zones with rndc. My Bind version is
BIND 9.5.1-P3. My rndc.key looks like this.
key feld-server.feldland.lan. {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret TNCrihQV8NjY6bzA5GMJIg==
Hi Karen.
Please don't start a new thread by replying to an email in an existing
discussion -- your message can get lost in that other discussion, rather than
appearing as a new topic for anyone who threads their email.
On 2010/03/30, at 16:30, Lear, Karen (Evolver) wrote:
> I'm adding a new
Hi Mark,
i changed some configs and got on.
Mar 30 22:50:45 feld-server dhcpd: DHCPRELEASE of 192.168.0.196 from
00:1d:92:ab:35:9f (feld-bert.feldland.lan) via br0 (found)
Mar 30 22:50:50 feld-server dhcpd: DHCPDISCOVER from 00:1d:92:ab:35:9f
via br0
Mar 30 22:50:51 feld-server dhcpd: DHCPOFFE
I'm adding a new domain to my existing authoritative name servers, and need to
add an MX record for a device residing on existing domain. When I run
named-checkzone, I get a message about the MX record being out of zone and not
having an A record. However, at the end of my named-checkzone ou
Hello,
named-checkzone is warning you that the MX has a different FQDN than the zone
it is in.
This is fine so long as the "out of zone" MX record is valid, but
named-checkzone wants you to know that it can't verify for sure.
So, it is a heads up message and why the ultimate response is "OK".
I
On 2010/03/30, at 16:57, Lear, Karen (Evolver) wrote:
>
> I'm adding a new domain to my existing authoritative name servers, and need
> to add an MX record for a device residing on existing domain. When I run
> named-checkzone, I get a message about the MX record being out of zone and
> not
CentOS 5.4 has bind version 9.3.6 and that's it.
Before I had a CentOS 4.0 which was still using 9.2.x
if you want to stick up with a distribution, you are almost forced to
use what the distribution provides for you.
anyway in version 9.2.x I did not have the problem I reported.
Everything star
Dig or host returns the internal IP address of smtpedge1 and smtpedge2, as the
name server by default points to the recursive name name server. If I specify
localhost, it resolves to the external IP address:
[kl...@dns1 conf]$ dig smtpedge1.uspto.gov @localhost
; <<>> DiG 9.6.1-P3 <<>> smtpedg
On Tue, 30 Mar 2010, Matthew Pounsett wrote:
named-checkzone doesn't only check the internal consistency of a zone, it also
tries to see that it is externally consistent. e.g. that names referred to in
other zones also exist.
I was amused the day that feature came in without me realising it
Hi All,
normally i am using the gmane mailing list server to post and read mails
from mailing lists, but this mailing list doesn't appear in gmane.
How to? Which newsgroupserver do use for this list?
regards Markus
___
bind-users mailing list
bind-
On 2010/03/29, at 15:34, Prabhat Rana wrote:
>
> Hello all,
> I'm running BIND 9.6.1-P1 on a Solaris box. This DNS (ns1.spx.net) is
> authoritative to domain spx.net (this is just example). And I'm trying to
> delegate nse.spx.net to ns1.nse.spx.net. I think I have configured correctly
> but
In the footer of every message lurks the following link:
https://lists.isc.org/mailman/listinfo/bind-users
W
On Mar 30, 2010, at 6:43 PM, Markus Feldmann wrote:
Hi All,
normally i am using the gmane mailing list server to post and read
mails from mailing lists, but this mailing list doesn'
Warren Kumari schrieb:
In the footer of every message lurks the following link:
https://lists.isc.org/mailman/listinfo/bind-users
Yes ... i read this but you can not answer a mail this way.
regards Markus
___
bind-users mailing list
bind-users@list
Warren Kumari schrieb:
In the footer of every message lurks the following link:
https://lists.isc.org/mailman/listinfo/bind-users
And i mean not this mailing list but the dhcp-users mailing list.
___
bind-users mailing list
bind-users@lists.isc.org
On 2010/03/30, at 19:04, Markus Feldmann wrote:
> Warren Kumari schrieb:
>> In the footer of every message lurks the following link:
>> https://lists.isc.org/mailman/listinfo/bind-users
> Yes ... i read this but you can not answer a mail this way.
You can answer an email this way. I'm not sure
Can you tell me why I'm getting the message below on my slave server after
adding a master zone on the master server for usptoenews.gov:
[kl...@dns2 logs]$ grep enews activity.log
30-Mar-2010 17:17:45.484 notify: notice: client 10.240.6.50#10738: received
notify for zone 'usptoenews.gov': TSIG '
Did you add it to the slaves configuration? It does not get
automagically added; so the slave gets a notify on a zone it can not
serve as it is not in its config.
On 31/03/10 2:14, Lear, Karen (Evolver) wrote:
>
> Can you tell me why I'm getting the message below on my slave server
> after adding
If you follow the link at the bottom of this mail, there is a link that
will display all lists served by this mail list server.
There are links to some dhcp lists also, if you need that. Select one of
those and join the list.
On 31/03/10 1:20, Matthew Pounsett wrote:
> On 2010/03/30, at 19:04, Ma
The tool queryperf is a useful tool and it gives you details about a DNS
server performance. However, it would be useful to have an option in
queryperf to use random source ports to test real life scenarios.
--
Abdulla Ahmad Bushlaibi
On 3/31/2010 12:07 AM, Kevin Darcy wrote:
On 3/30/2010 8
41 matches
Mail list logo
