Re: Multiple A records and reverse DNS

Which FQDN does your mail server use for its EHLO? It should use the same name that's listed in reverse DNS. John On Thu, Mar 17, 2016 at 9:53 AM, Thomas Schulz wrote: > This is not a BIND question but I hope people here will know the answer. > We are switching service

RE: PCS, Corosync, Pacemaker, and Bind

Mike Bernhardt wrote: > Please confirm that if a DNS query is sent to the virtual address, the reply > will be sourced from the virtual address. Yes. (query-source doesn't affect replies.) > The documentation for keepalived isn't very good, but as near as I can tell > it

Multiple A records and reverse DNS

This is not a BIND question but I hope people here will know the answer. We are switching service providers and I understand that many email SPAM prevention systems insist on the reverse DNS matching the forward DNS. If I have two A records for our mail server and the reverse record matches one of

Re: Cannot get ./configure to create Makefile for Bind 9.10.3-P4. Please help!

Thank you for your response.. I thought of that earlier, but when I run the exact same configure options on an older machine of ours (for 9.10.1) it creates the output files just fine.. That is where it confused me. Thanks On Thu, Mar 17, 2016 at 5:18 PM, Mark Andrews wrote: >

RE: PCS, Corosync, Pacemaker, and Bind

Please confirm that if a DNS query is sent to the virtual address, the reply will be sourced from the virtual address. The reason for restricting BIND to a single address was mostly for firewall and administrative simplicity, but that's not a big deal as long as the same address is used both

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

I did not mean forwarders, but I had a case where the authoritative name servers for a domain were down for an extended period of time, exceeding the ttl for their records. I was curious if I could tell my DNS servers to serve these records for longer than the registered ttl. And I wanted to

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

In article , Dave Warren wrote: > My current logic is that I do a SOA query and check the serial number, > if it has changed, I query every needed hostname into a temp file, and > if every single query was successful,

RE: PCS, Corosync, Pacemaker, and Bind

You might want to try "ip a" vs ifconfig. RHEL7 uses Network Manager and in the past I've found some things don't show up in ifconfig output when doing alias/virtual interfaces. Usually even when other products (e.g. Oracle RAC/GRID) create virtual interfaces they still show up as valid

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

How do you actually expect this to ever work in real life? If a service knows it is going to be disconnected for a extended period of time there are plenty of third party DNS providers that can serve the zone and be delegated to. If it happens after the fact then they should spin up new servers

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

On 2016-03-18 00:12, G.W. Haywood wrote: I'd just put something in /etc/hosts and send myself an email every month or so to remind me I'd done that. I once wrote a script that periodically did zonetransfer, parsed output and updated the /etc/hosts file. /Anders

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

On 3/17/16, 10:15 AM, "Ron" wrote: > According to the BIND9 docs: > > cleaning-interval This interval is effectively obsolete. Previously, the >server would remove > expired resource records from the cache every

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

On Fri, Mar 18, 2016 at 9:43 AM, Ron wrote: > > How about a list of domains for which cached RRs will not be purged > _unless_ a different RR is supplied by the 'upstream' server? > Or, with Barry Margolin's comments in mind, a dynamic list, which is compiled from the domains

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

Hi there, On Thu, 17 Mar 2016, Ron wrote: ... in this case it's a supplier who is unable to keeps his DNS servers working, and we just want to keep the connectivity. I'd just put something in /etc/hosts and send myself an email every month or so to remind me I'd done that. -- 73, Ged.

Re: Multiple A records and reverse DNS

Tom, when your mail server establishes a connection to another host, the receiving host will likely automatically check the PTR record of the IP address your server used as it's source address. This PTR record should have a corresponding A record that points to the same IP address that was

Re: PCS, Corosync, Pacemaker, and Bind

> Please confirm that if a DNS query is sent to the virtual address, the reply > will be sourced from the virtual address. The reason for restricting BIND to > a single address was mostly for firewall and administrative simplicity, but > that's not a big deal as long as the same address is used

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

On 3/17/2016 12:36:31 +0100 Ron wrote: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive? Hi, subject says all. Read manpages, could not find this in the FAQ's. Hope this is possible. If not does anyone know of other

Re: Cannot get ./configure to create Makefile for Bind 9.10.3-P4. Please help!

I think I Know why it worked on the old server.. it is because there is an existing Makefile already.. I am going to rename the existing makefile and see if it creates one. If it doesnt, then I will know that the no-create option is the culprit! Thanks for your help.. I will report back with what

Cannot get ./configure to create Makefile for Bind 9.10.3-P4. Please help!

Hello all I am trying to compile Bind 9.10.3-P4 from source and whenever I try to run the following: ./configure --sbindir=/usr/sbin --sysconfdir=/etc/bind --with-openssl --disable-openssl-version-check --no-create --no-recursion I receive the following error after the configuration script is

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

In general you're right of course, but in this case it's a supplier who is unable to keeps his DNS servers working, and we just want to keep the connectivity. For various reasons it's not that easy to switch to a new supplier, and in any case we need an intermediate solution. Ron On Thu, Mar

Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

Hi, subject says all. Read manpages, could not find this in the FAQ's. Hope this is possible. If not does anyone know of other name servers that offer this option? Thanks, Ron Arts ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

On Thu, Mar 17, 2016 at 2:51 PM, Barry S. Finkel wrote: > On 3/17/2016 12:36:31 +0100 Ron wrote: > > Can bind be configured to not drop RR's from the cache when >>> the upstream DNS server is unresponsive? >>> >> > Hi, >> >> subject says all. Read manpages,

RE: PCS, Corosync, Pacemaker, and Bind

My apologies, never mind :-{ I don't know what the problem was, BIND seems to load up just fine today, even when the option addresses don't match the virtual address. I must have screwed up something else. ___ Please visit

Re: Cannot get ./configure to create Makefile for Bind 9.10.3-P4. Please help!

--no-create is for when you want to tinker with the final results built into config.status prior to building the Makefiles. I've committed changes to no run "make clean" if --no-create is set. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742

Re: PCS, Corosync, Pacemaker, and Bind

On 16/03/16 12:48, Lightner, Jeff wrote: You might want to try "ip a" vs ifconfig. RHEL7 uses Network Manager and in the past I've found some things don't show up in ifconfig output when doing alias/virtual interfaces. Usually even when other products (e.g. Oracle RAC/GRID) create virtual

Re: Multiple A records and reverse DNS

On 17.03.16 09:53, Thomas Schulz wrote: This is not a BIND question but I hope people here will know the answer. We are switching service providers and I understand that many email SPAM prevention systems insist on the reverse DNS matching the forward DNS. If I have two A records for our mail

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

Dave, On Sat, Mar 19, 2016 at 6:02 AM, Dave Warren wrote: > On 2016-03-18 01:46, Ron wrote: > > > On Fri, Mar 18, 2016 at 12:12 AM, G.W. Haywood > wrote: >> >> Hi there, >> >> On Thu, 17 Mar 2016, Ron wrote: >> >>> ... in this case it's a supplier

Re: Multiple A records and reverse DNS

> Am 17.03.2016 um 14:53 schrieb Thomas Schulz: >> This is not a BIND question but I hope people here will know the answer >> We are switching service providers and I understand that many email >> SPAM prevention systems insist on the reverse DNS matching the forward >> DNS. If I have two A

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

On Fri, Mar 18, 2016 at 12:12 AM, G.W. Haywood wrote: > Hi there, > > On Thu, 17 Mar 2016, Ron wrote: > > ... in this case it's a supplier who is unable to keeps his DNS servers >> working, and we just want to keep the connectivity. >> > > I'd just put something in

Re: Cannot get ./configure to create Makefile for Bind 9.10.3-P4. Please help!

*Think* about the arguments you are passing to configure. You told configue to NOT CREATE the makefiles. Mark In message

Re: Changing records with inline-signing

Thomas Schulz wrote: > We currently have adi.com signed using options: > > inline-signing yes; > auto-dnssec maintain; > > If I change an A record or add a new A record, will the signing be > automatically updated or do I have to do an rndc sign zone? It's automatic :-) Tony.

Changing records with inline-signing

We currently have adi.com signed using options: inline-signing yes; auto-dnssec maintain; If I change an A record or add a new A record, will the signing be automatically updated or do I have to do an rndc sign zone? Tom Schulz Applied Dynamics Intl. sch...@adi.com

Re: Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive

Slave the zone? Oh, run secondary. Fat chance. Ron On Fri, Mar 18, 2016 at 5:03 PM, Darcy Kevin (FCA) wrote: > Would they be receptive to letting you slave the zone? At least then you’d > have the whole EXPIRE time before the names stopped resolving. > > > > If

Re: Multiple A records and reverse DNS

In article , sch...@adi.com (Thomas Schulz) wrote: > This is not a BIND question but I hope people here will know the answer. > We are switching service providers and I understand that many email SPAM > prevention systems insist on the