On 2014-02-19 23:29, Lightner, Jeff wrote:
Thanks. My thinking was the limit was on the whois database since the
Registrar was telling me it was registered for more than 10 years.
It appears based on this Registration FAQ regarding “compliance” that
the registrar may simply be showing it as
"Stealth" slave doesn't fully meet the requirement. It's just part of the
requirement to not publish the slave name server in the NS records. Further
more, the 'stealth' slave is quired by local DNS server only when all name
servers in the NS records are out of service ( maybe in case of dd
Thanks. My thinking was the limit was on the whois database since the
Registrar was telling me it was registered for more than 10 years.
It appears based on this Registration FAQ regarding “compliance” that the
registrar may simply be showing it as 2024 because they can’t really report
2025 an
On 2014-02-19 20:44, Lightner, Jeff wrote:
Hi, I know this is the BIND list but I’m thinking folks who deal with
DNS probably may be able to answer this question about whois.
We recently transferred and renewed a domain by 2 years which pushed
its expiration to 01/25/2025. The order confirm
On Wed, 19 Feb 2014, Lightner, Jeff wrote:
Hi, I know this is the BIND list but I???m thinking folks who deal with
DNS probably may be able to answer this question about whois.
We recently transferred and renewed a domain by 2 years which pushed its
expiration to 01/25/2025. The order confir
Hi, I know this is the BIND list but I’m thinking folks who deal with DNS
probably may be able to answer this question about whois.
We recently transferred and renewed a domain by 2 years which pushed its
expiration to 01/25/2025. The order confirmation shows that expiration and
looking at t
On 2014-02-19 16:06, Barry S. Finkel wrote:
>See MS KB article 282826, where MS documents the handling of zone
>serial numbers in an AD environment.
And Dave Warren replied:
My experience is that it tends to work pretty well if BIND only points
to one particular MS DNS server at a time, with
On 2/19/14, 8:59 PM, Chris Thompson wrote:
> What is the right way ... or maybe I should be asking IS there a right
> way ... to change a zone that has been signed by inline signing (i.e. with
> "inline-signing yes; auto-dnssec maintain;" in it zone statement) to
> unsigned?
>
> When I change the
On 2/19/14, 1:33 AM, Daniel Dawalibi wrote:
> Kindly note that the number of recursive clients is increasing during
> the problem : recursive clients: 3700/14900/15000
"rndc recursing" and look to see what is plugging up your pipes.
AlanC
signature.asc
Description: OpenPGP digital signature
_
On Wed, Feb 19, 2014 at 06:00:42PM +, Mike Hoskins (michoski) wrote:
> From: , Frank
> >is there a link to a documentation that lists the main differences
> >between BIND 9.8 and 9.9 ?
> >
> >I would like to read it before swiching from 9.8
>
> I generally browse the release notes.
>
> http
From: , Frank
Date: Wednesday, February 19, 2014 at 12:41 PM
To: "bind-users@lists.isc.org"
Subject: Difference between BIND 9.8 and 9.9
>Hello
>
>is there a link to a documentation that lists the main differences
>between BIND 9.8 and 9.9 ?
>
>I would like to read it before swiching from 9.
What is the right way ... or maybe I should be asking IS there a right
way ... to change a zone that has been signed by inline signing (i.e. with
"inline-signing yes; auto-dnssec maintain;" in it zone statement) to unsigned?
When I change the zone statement to remove the inline signing part, and
Hello
is there a link to a documentation that lists the main differences between
BIND 9.8 and 9.9 ?
I would like to read it before swiching from 9.8
thank you
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this
Not a good solution. Even under "normal" circumstances, there will be
temporary bottlenecks, dropped packets, etc.. that will trigger failover
and users will get different answers at different times. Not good for
support, maintainability, user experience/satisfaction, etc.
If all you want is r
On 2014-02-19 16:06, Barry S. Finkel wrote:
See MS KB article 282826, where MS documents the handling of zone
serial numbers in an AD environment.
My experience is that it tends to work pretty well if BIND only points
to one particular MS DNS server at a time, with a failover script that
de
On Tue, Feb 18, 2014 at 10:34 PM, /dev/rob0 wrote:
> On Tue, Feb 18, 2014 at 11:44:15PM +0100, markus weber wrote:
>> I am new to administer a Bind server and after a few problems i ran
>> into i need to monitor the zonefile transfers of my slave server.
>
> I think the terminology you use shows a
Hello
I am able to reach the root servers and I can resolve other domains.
; <<>> DiG 9.8.0 <<>> . ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32217
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14
;; QUESTION SECTION:
;.
>Only transfer from one AD master. Microsoft AD doesn't maintain
>consistent serials across the servers. The serials should be
>monotonically increasing from a individual server.
Oh, i didn't know that. Thats weird behavior isn't it? I will give it
definitely a try, I just added 3
A few problems i discovered:
>- sometimes have a higher serial then all masters have, is this normal on
>an AD DNS? or am I doing something wrong i thought this could not happen.
Only transfer from one AD master. Microsoft AD doesn't maintain
consistent serials across the ser
markus weber wrote:
Hey Guys,
I am new to administer a Bind server and after a few problems i ran into i
need to monitor the zonefile transfers of my slave server.
I have searched on google and nagios plugin sites but could not find
anything that fits my needs entirely.
Here is the Setup:
- M
On Wed, Feb 19, 2014 at 12:27:05PM +, Tony Finch wrote:
> Aki Tuomi wrote:
> >
> > Hi, can you try again? Just to be sure.
>
> This time it failed in the way you described earlier:
>
> 19-Feb-2014 12:23:27.043 queries: info: client ::1#32049
> (5.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.0.
Aki Tuomi wrote:
>
> Hi, can you try again? Just to be sure.
This time it failed in the way you described earlier:
19-Feb-2014 12:23:27.043 queries: info: client ::1#32049
(5.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.0.0.pasilehto.fi): view rec:
query: 5.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1
On Wed, Feb 19, 2014 at 11:50:24AM +, Tony Finch wrote:
> Aki Tuomi wrote:
> >
> > We have A records
> > 5.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.0.0.pasilehto.fi
> > and
> > 5.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.0.0.0.0.pasilehto.fi
> >
> > Now. If I ask DNSSEC validating BIND version
On 19 February 2014 09:51, houguanghua wrote:
> But if the specified name server is enabled only when normal dns query
> process is down. How to configure the local DNS server? The detailed
> scenario is descibed in below figure:
I'm not sure if that is possible, you either forward or you allow
On Wed, Feb 19, 2014 at 12:16:19PM +0200, Aki Tuomi wrote:
> Hi!
>
> We are investigating an interoperatibility issue with bind and powerdns.
It would appear that PowerDNS is not adding non-terminals with NSEC zones.
This causes that 0.pasilehto.fi returns NXDOMAIN instead of NOERROR,
causing t
Aki Tuomi wrote:
>
> We have A records
> 5.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.0.0.pasilehto.fi
> and
> 5.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.0.0.0.0.pasilehto.fi
>
> Now. If I ask DNSSEC validating BIND version 9.9.3-P2 or 9.9.4-P2 to
> resolve either of those A records, I get errors, w
At Wed, 19 Feb 2014 00:33:11 +0200,
Daniel Dawalibi wrote:
>
> Kindly note that the number of recursive clients is increasing during
> the problem : recursive clients: 3700/14900/15000
I think it's likely that you have a connectivity problem.
I'ld suggest checking whether your server which i
Hi!
We are investigating an interoperatibility issue with bind and powerdns.
Scenario:
We have DNSSEC secured domain using NSEC, pasilehto.fi.
This domain has two insecure delegations
0.0.0.0.pasilehto.fi
and
1.0.0.0.pasilehto.fi
We have A records
5.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1
Steven,
Your solution is very good. It can forward the queries to the specified name
servers first.
But if the specified name server is enabled only when normal dns query process
is down. How to configure the local DNS server? The detailed scenario is
descibed in below figure:
29 matches
Mail list logo
