> I do this now the 3rd week. I was reading a lot of books and manuals, doing
> a lot of configuration and sniffering etc. I looked in google for hours but
> I could not find anyone that says - yes it works.
It does work, but setting it up is very-very painful. Even if you do get it
working, and
> From: Mark Andrews
> Date: Thu, 09 Dec 2010 09:07:53 +1100
>
>
> In message <20101208214221.566771c...@ptavv.es.net>, "Kevin Oberman" writes:
> > I just ran into an odd issue with a TSIG signed zone transfer.
> >
> > On occasion I was logging a clocks are unsynchronized message doing a
> > tr
In message <20101208214221.566771c...@ptavv.es.net>, "Kevin Oberman" writes:
> I just ran into an odd issue with a TSIG signed zone transfer.
>
> On occasion I was logging a clocks are unsynchronized message doing a
> transfer from a customer server at a site about 30 ms away. I dropped a
> note
I just ran into an odd issue with a TSIG signed zone transfer.
On occasion I was logging a clocks are unsynchronized message doing a
transfer from a customer server at a site about 30 ms away. I dropped a
note to the manager there asking that he look at the his system for a
time issue. He checked
I wrote:
> Who is supposed to own /var/named?
I received a response from a kind soul from this list
who reminded me of a directive new to bind9.7.1 that lets you
determine where the managed-keys.bind file lives. I set up
managed-keys-directory "/etc/namedb/working";
and all is now well w
> Except for the directories where bind needs to write
> while running, I thought the rest of the tree was owned by root.
> managed-keys.bind seems to be at the very top of the tree in
> /var/named.
You can override the location of the file with the "managed-keys-directory"
option (added in
Hi,
For my home use, I'd like to use a DNSSEC-validating recursive resolver,
preferably one I control myself. Since I don't want to install a server
at home specifically for that, I'm trying to develop an alternative. My
current idea is to host the RR on my public server, but I don't intend
to ser
On Wed, 8 Dec 2010, Rianto Wahyudi wrote:
>
> - Does any one have a good example of prominent website that have
> DNSEC setup properly other than paypal?
> - Any example of dns record that send packet larger than 512 ?
; <<>> DiG 9.6.2-P2 <<>> +multiline +dnssec www.cam.ac.uk
;; global options: +c
Who is supposed to own /var/named? I understand the reason for
the following error:
managed-keys-zone ./IN: loading from master file managed-keys.bind failed:
file not found
managed-keys.bind.jnl: create: permission denied
managed-keys-zone ./IN: sync_keyzone:dns_journal_open -> unexpected error
In message , Rian
to Wahyudi writes:
> Hi Mark,
>
> Thanks for your quick response !
>
> > Standards Track.
> > RFC 2671 Extension Mechanisms for DNS (EDNS0)
> > RFC 3226 DNSSEC and IPv6 A6 aware server/resolver message size requiremen=
> ts
>
> Unfortunately RFC is not considered as good enoug
On 12/08/2010 07:40 AM, Niobos wrote:
On 2010-12-07 23:31, David A. Evans wrote:
I'm in the mood to prove a point. I have a very poorly written
application that is generating a few hundred queries per second of
completely bogus records before attempting a lookup of the correct
A
> > Standards Track.
> > RFC 2671 Extension Mechanisms for DNS (EDNS0)
> > RFC 3226 DNSSEC and IPv6 A6 aware server/resolver message size requirements
>
> Unfortunately RFC is not considered as good enough ... unless if we
> can find an actual proof that can be replicated :(
disable dnssec then.
12 matches
Mail list logo
