On Feb 20, 2013, at 1:14 AM, Chuck Peters c...@axs.org wrote:
Robert Moskowitz said:
Delving further into my challenges.
But they don't seem to support DNSSEC protected domains, and even
IPv6 glue records are special requests, it seems.
I would like to know how can I handle DNSSEC key
Hi,
I've written a short book on DNSSEC. The goal is to help existing DNS
admins implement DNSSEC on BIND.
I have a trusted technical reviewer, but I'm interested in getting
additional feedback before it goes out. And naturally I thought of
this list. No one person catches everything.
If you
I can't seem to create an extra A record that works. I've created A
records for ns1 and mail and they work if I do a bind lookup, but
nothing else works. I did a lot of research before reaching out here.
This is my zone file. Remote.example.com never works...This is
Bind9 running on Ubuntu
Are you sure BIND is loading the zone file? Are you remembering to update the
SOA / serial? Are you restarting BIND after making changes?
If you make a change (and update the SOA), if you do:
dig soa example.com do you see the new serial #?
W
On Feb 20, 2013, at 12:40 PM, Jsilliman
Just to cover all the bases, you're doing your lookup directly against
your server, correct? Easy to accidentally query a different nameserver
and not see what you're expecting.
Otherwise I'd second Warren's suggestion to double-check your serial number.
John
On 02/20/2013 12:40 PM,
The serial number gets updated in the logs, but not when I do a dig.
(21 vs 3-old)
example.com. 603817 IN SOA ns1.example.com.
root.localhost. 3 604800 86400 2419200 604800
Feb 20 10:26:08 server1 named[15739]: reloading configuration succeeded
Feb 20 10:26:08 server1
On Feb 20, 2013, at 1:30 PM, Jsilliman jsilli...@gmail.com wrote:
The serial number gets updated in the logs, but not when I do a dig.
Do you have more than one copy of BIND running?
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
___
No, I think it's only loaded once, but port 53 is listening on
localhost
tun0 interface for Openvpn
69.62.x.x
15739 ?Ssl0:04 /usr/sbin/named -u bind
On Wed, Feb 20, 2013 at 10:31 AM, Alan Clegg a...@clegg.com wrote:
On Feb 20, 2013, at 1:30 PM, Jsilliman jsilli...@gmail.com
Jsilliman wrote on 02/20/2013 01:44:20 PM:
No, I think it's only loaded once, but port 53 is listening on
Try ps aux |grep named to prove it.
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the
Jsilliman jsilli...@gmail.com wrote:
The serial number gets updated in the logs, but not when I do a dig.
(21 vs 3-old)
Did you dig @localhost or is dig querying some recursive server elsewhere?
What does /etc/resolv.conf contain?
Tony.
--
f.anthony.n.finch d...@dotat.at http://dotat.at/
And as was stated before, cat /etc/resolv.conf and let's see where your dig
is actually going...
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
Ubuntu does not use that:
root@:/etc/bind# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
On Wed, Feb 20, 2013 at 10:56 AM, Alan Clegg a...@clegg.com wrote:
And
On Feb 20, 2013, at 1:57 PM, Jsilliman jsilli...@gmail.com wrote:
Ubuntu does not use that:
root@:/etc/bind# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
-Original Message-
From: Jsilliman jsilli...@gmail.com
Date: Wednesday, February 20, 2013 1:57 PM
To: Alan Clegg a...@clegg.com
Cc: bind-users@lists.isc.org bind-users@lists.isc.org
Subject: Re: Cannot create A record issue
Ubuntu does not use that:
root@:/etc/bind# cat
Check this out:
dig @localhost 69.62.x.x
10800 IN SOA a.root-servers.net. nstld.verisign-grs.com.
Shouldn't this be going to my local server for SOA ?
The issue is that when I create a new A record, such as,
remote.example.com, I cannot do a dig on that record, only mx and ns
Phase I is hopefully complete. A new onlo.htt-consult.com is up in
place of the old one.
This is a faster box with current software. I will 'leave it alone' for
a week, unless someone tells me something is wrong with it.
Next I unlock my domain from NetSol and choose my new registrar and
On Feb 20, 2013, at 2:06 PM, Jsilliman jsilli...@gmail.com wrote:
Check this out:
dig @localhost 69.62.x.x
10800 IN SOA a.root-servers.net. nstld.verisign-grs.com.
Shouldn't this be going to my local server for SOA ?
The issue is that when I create a new A record, such
I just changed the domain name in output. If I do a dig on
dig example.com
** Returns nothing. I have to actually dig on ns1.example.com,
www..., or mail...
I am trying to add an A record (remote.example.com), and have it work...
root@server1:/etc/bind# dig remote.example.com
; DiG
On Feb 20, 2013, at 2:17 PM, Jsilliman jsilli...@gmail.com wrote:
I just changed the domain name in output. If I do a dig on
dig example.com
** Returns nothing. I have to actually dig on ns1.example.com,
www..., or mail...
I am trying to add an A record (remote.example.com), and
Thanks, I found the issue. I had a typo in named.conf for the zone
file name. Doh
On Wed, Feb 20, 2013 at 11:29 AM, Warren Kumari war...@kumari.net wrote:
On Feb 20, 2013, at 2:17 PM, Jsilliman jsilli...@gmail.com wrote:
I just changed the domain name in output. If I do a dig on
dig
I am having the same issue and saw a couple of questions but didn't see any
resolutions. Any one have any luck with this.
Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
It looks like no system, internal or external could access the DNS on my
new server. IPTABLES was set for 53 both UDP and TCP. Firewall was OK.
In fact a local system on the same subnet, thus NOT going through my
firewall was denied access to the internal domain. Localhost of course
works.
On 02/20/2013 08:28 PM, Robert Moskowitz wrote:
It looks like no system, internal or external could access the DNS on
my new server. IPTABLES was set for 53 both UDP and TCP. Firewall was
OK. In fact a local system on the same subnet, thus NOT going through
my firewall was denied access to
23 matches
Mail list logo