-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/31/2011 01:35 AM, Robert Spangler wrote:
> On Tuesday 31 May 2011 00:56, the following was written:
>
>> Its very simple,
>>
>> If you know basic firewall concept, we will configure source NATing from
>> public IP address to original websi
On Tuesday 31 May 2011 00:56, the following was written:
> Its very simple,
>
> If you know basic firewall concept, we will configure source NATing from
> public IP address to original website private address in firewall. So when
> any users from internet access my company website, they shou
Its very simple,
If you know basic firewall concept, we will configure source NATing from
public IP address to original website private address in firewall. So when any
users from internet access my company website, they should obviously get public
IP of my company website and once they get t
In message <4de43e3e.2040...@chrysler.com>, Kevin Darcy writes:
> Normally I'd defer to your vastly greater knowledge and experience in
> DNSSEC, but here in the U.S. we have a saying "I'm from Missouri", which
> is a roundabout way of expressing "show me" ("Show Me" being the
> unofficial slog
Normally I'd defer to your vastly greater knowledge and experience in
DNSSEC, but here in the U.S. we have a saying "I'm from Missouri", which
is a roundabout way of expressing "show me" ("Show Me" being the
unofficial slogan of the state of Missouri). Maybe it *should* work, but
when it comes
In message <4de42bef.3050...@chrysler.com>, Kevin Darcy writes:
> Get back to us when you prove that this co-exists with DNSSEC; otherwise
> it's a non-starter. While you're at it, some data proving that this
> actually enhances performance or availability would be nice too.
On further examinat
It is still a bad idea. Fixing the clients so they work well with
multi-homed servers not only works today with mostly IPv4 servers
but also works well with dual stack server and IPv6 only servers.
You don't have to have artifially low TTLs on the DNS responses.
You get sub-second failover on ne
Get back to us when you prove that this co-exists with DNSSEC; otherwise
it's a non-starter. While you're at it, some data proving that this
actually enhances performance or availability would be nice too.
Seems like the ./doc directory is missing from the /isc/bind/cur/9.x tree,
which is linked to from the page you mentioned below.
It's there in ftp://ftp.isc.org/isc/bind/9.8.0-P1/ but not in
ftp://ftp.isc.org/isc/bind/9.8.0-P2/
--jm
-Original Message-
From: bind-users-bounces+jm=hcn.com.
In message <20110530151431.ga23...@fantomas.sk>, Matus UHLAR - fantomas writes:
> Hello,
>
> the web page (http://www.isc.org/software/bind/documentation) claims to
> provide links to 9.4-9.8 manuals (html and pdf) however only 9.4 and 9.5 are
> working. Did a mistake happen here?
Forwarded for
In a number of cases NATs have a problem to access the internal boxes
via an external address from inside the NAT.
In such cases it is much easier to just access the box from inside with
it's internal address and from outside with its external address.
Using the two views allows for all sorts of
Point taken, and I should have mentioned that it's NAT in play.
I agree, it's a problem that not all firewalls can hairpin public IPs back
to their private IPs, but when working with what you got sometimes the
solution isn't ideal.
Frank
-Original Message-
From: Doug Barton [mailto:do...
Hello,
I am reading this mailing as a digest so sorry for the late
replies. Firstly we have been using this method for over 4 years and
I've yet not had one person tell me that they can connect to our servers
using POP3, SMPT, IMAP or WEB.
1. Mark, Regarding Chrome, my last big cr
On 05/29/2011 23:17, babu dheen wrote:
We have DNS record called "mail.company.com" which is hosted in internal
company LAN network. When any users try to access mail.company.com in
browser, they will get private IP address and immediately they will get
mail.company.com website home page whereas
On 05/30/2011 09:15, Frank Bulk wrote:
Not all firewalls can hairpin a public IP back to a private IP. We’ve
had to do this, too.
First, firewalls don't do routing. :)
Yes, we could have create a separate zone, but that would requiring
training our staff to use on FQDN internally and another
> Would it be convenient to try 9.8.1b1? It has a fix that may address
> this problem.
I should add that I don't recommend using 9.8.1b1 in a production
environemnt because of a known security flaw. But it might be
informative to test with it and see whether it addresses the
CNAME problem, and i
> after upgrading to 9.8.0p2 I have notices problems with recursive queries.
> The server sometimes does not return answer for e.g. www.yahoo.com.
Would it be convenient to try 9.8.1b1? It has a fix that may address
this problem.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
_
Hello,
after upgrading to 9.8.0p2 I have notices problems with recursive queries.
The server sometimes does not return answer for e.g. www.yahoo.com.
Repeated lookups for www.yahoo.com sometimes do, sometimes do not return the
answer, only the first CNAME, but the nameserver did know where the C
Not all firewalls can hairpin a public IP back to a private IP. We've had
to do this, too.
Yes, we could have create a separate zone, but that would requiring training
our staff to use on FQDN internally and another with the customers. Easier
to teach one thing to the staff and push the compl
Hello,
the web page (http://www.isc.org/software/bind/documentation) claims to
provide links to 9.4-9.8 manuals (html and pdf) however only 9.4 and 9.5 are
working. Did a mistake happen here?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-
Hi,
My concern is not giving money to ISP and kindly please note that i am not
going to host my website in DNS server whereas we are already managing the
website in our network but using ISP DNS server for name resolution only for
outside users(internet).
In short, i can say that we just wa
On Mon, May 30, 2011 at 04:51:18PM +0530,
babu dheen wrote
a message of 227 lines which said:
> I am not sure why i do need to pay money to my ISP for hosting my
> website on my company DNS server.
This sentence seems to indicate that you know very little about
Internet services (hosting a W
Dear Fajar,
Wonderful response from you. Really appreciate. As you asked, below is my
update on the checklist.
I am not sure why i do need to pay money to my ISP for hosting my website on
my company DNS server.
If you have no idea what I'm talking about, here's a somewhat simple
checklis
On Mon, May 30, 2011 at 3:45 PM, babu dheen wrote:
>
> Dear Olsen,
>
> thanks for the update. I can follow all the steps but i couldn't understand
> below two points
>
> - register/buy the domain name(s) if you haven't already done so.
> - tell your registrar to configure your parent domain so i
On 30.05.11 05:12, Maren S. Leizaola wrote:
> DNS-Racing is a method of load balancing access to servers which are
> multi homed and provides lowest latency access to users and network
> resilience to ISP/routing failure.
like, RRset sorting?
> **What does it do?*
> It permits a server which
Dear Olsen,
thanks for the update. I can follow all the steps but i couldn't understand
below two points
- register/buy the domain name(s) if you haven't already done so.
- tell your registrar to configure your parent domain so it'll delegate
your domain to your nameservers
My concern if
On Mon, May 30, 2011 at 10:31:28AM +0530,
babu dheen wrote
a message of 44 lines which said:
> Can anyone have any idea as to how we can host our own autherative
> DNS server for my company.
There is not much diference between the hosting of a DNS server and
the hosting of any other Internet
babu dheen wrote:
> Can anyone have any idea as to how we can host our own autherative DNS
> server for my company. For example if my company domain is "mycompany.com,
> we want to maintain our own DNS server so that users across world should
> contact our DNS server for name resolution for "myc
28 matches
Mail list logo
