Hi, all. I'm using bind-9.7.2-P3, and I want to get query log, I
pasted related configuration below:
options {
directory /var/;
forward only;
#listen-on port 53 { 10.198.2.249; 127.0.0.1; };
forwarders {
8.8.8.8;
};
pid-file
On Oct 3 2010, I wrote:
Since upgrading our main recursive nameservers to BIND 9.7.2-P2 (and
using a trust anchor for the root and lookaside via dlv.isc.org) I am
seeing a scatter of warning messages like this:
Oct 1 19:47:19 dnssec: warning: validating @1c29d580:
115.197.101.95.IN-ADDR.ARPA
In message prayer.1.3.3.1012061052110.14...@hermes-2.csi.cam.ac.uk, Chris Tho
mpson writes:
On Oct 3 2010, I wrote:
Since upgrading our main recursive nameservers to BIND 9.7.2-P2 (and
using a trust anchor for the root and lookaside via dlv.isc.org) I am
seeing a scatter of warning messages
Hello,
I am trying to allow the DNS-Client to do dynamic updates at the DNS-Server
using BIND. I want to use Kerberos as the security protocol. For that I have
a small test lab with a client, 3 Kerberos Server and one Suse Linux
DNS-Server. The 3 Kerberos-Server are emulated with using VM-Ware.
On 12/06/2010 02:20 PM, Jürgen Dietl wrote:
I have read that there is a special mode called User-To-User Mode. This
mode enables the client to ask for a service direct without asking for a
That's not quite how u2u works.
TGT before. I found out that my client use this special user-to-user
Hello Phil,
thanx for your answer.I dont know really what the server offers because I
dont get a valid response:
Frame 2475: 168 bytes on wire (1344 bits), 168 bytes captured (1344 bits)
Ethernet II, Src: xx, Dst: Vmware_x
Internet Protocol, Src: ,
Hello Phil
thanx again for your answer. So I read between the lines that even if there
were bugfixes for GSSTSIG in Bind V. 9.7.2 - it dont work. So we have to
wait until MS follow the standards? :-)
Forgive me but what is a disjoint domain environment?
thanx a lot,
cheers,
Juergen
2010/12/6
Hello,
when you read my post before I try to make GSSTSIG run in a testlab
environment with 1 Windows Kerberos-Client, 3 x Kerberos-Server (VMWare) and
1 x DNS-BIND-LINUX-Server (Suse).
Bind-Version: 9.7.2
I do this now the 3rd week. I was reading a lot of books and manuals, doing
a lot of
Hello Nevarez,
grats for sending it from your iPhone :-) But is there any message missing?
thanx a lot and have a nice day
cheers,
Juergen
-- Forwarded message --
From: Nevarez, Noe (DNSLB-NETWORKS) noe.neva...@hp.com
Date: 2010/12/6
Subject: Re: Problems with
On 12/06/2010 04:01 PM, Jürgen Dietl wrote:
Hello Phil
thanx again for your answer. So I read between the lines that even if
there were bugfixes for GSSTSIG in Bind V. 9.7.2 - it dont work. So we
have to wait until MS follow the standards? :-)
That's not what I said.
Forgive me but what is
Hello Serjiu,
many thanx for your hint. This I was asking me too for some time. Because
the TGT is for the client name (principal) that is logged in at the moment
and the service should be always for the same principal name on any client.
So yes I will need to define 2 principals.
You wrote:
You
From: Drunkard Zhang gongfan...@gmail.com
Date: Mon, 6 Dec 2010 16:54:31 +0800
Sender: bind-users-bounces+oberman=es@lists.isc.org
Hi, all. I'm using bind-9.7.2-P3, and I want to get query log, I
pasted related configuration below:
options {
directory /var/;
forward
Barry Margolin writes:
Do you have recursion enabled on your server?
A good question. I have never explisitly disabled it and
it appears to be on.
We have an allow-query list based on ACL's so that
callers from inside our networks get both recursive and
nonrecursive lookups.
On Mon, 6 Dec 2010, Martin McCormick wrote:
the config for this private zone is:
zone r.ds {
type master;
file /etc/namedb/master/r.ds.zone;
allow-update {
key updsrv;
};
allow-query { any; };
#a list of slaves
include /etc/zoneconfigs/stwnotify;
notify
Hi,
Running BIND 9.7.0-P2-RedHat-9.7.0-5.P2.el6
New setup/install and attempting to setup DNSSEC and clean any dirty data.
Got the zone signed and ran named-checkzone against it and got the following
(11) times:
addnode: NSEC node already exists
The .signed loads but want to have clean
15 matches
Mail list logo
