In message
, Harshith Mulky writes:
> Hello,
>
> Is there a option in named to turn off EDNS Responses(not Requests) Globally
>
> I have tried with this Option on named
>
> server 0.0.0.0
> {
> edns no;
> };
You
Hello,
Is there a option in named to turn off EDNS Responses(not Requests) Globally
I have tried with this Option on named
server 0.0.0.0
{
edns no;
};
But does not seem to work
Any other options?
Thanks
Harshith
___
Please visit
>
> In message , "Darcy
> Kevin (FCA)"
> writes:
> > That's only a problem if the clients are constantly looking up the
> > name, right? If they're looking it up only _occasionally_, with some
> > degree of entropy, then the query load gets
In message , "Darcy Kevin
(FCA)"
writes:
> That's only a problem if the clients are constantly looking up the name,
> right? If they're looking it up only _occasionally_, with some degree of
> entropy, then the query load gets spread out.
That's only a problem if the clients are constantly looking up the name, right?
If they're looking it up only _occasionally_, with some degree of entropy, then
the query load gets spread out.
So, in those cases, implement something on the client side that pre-expires the
cache entry with some
In message , "Darcy Kevin
(FCA)" writes:
> "many client have caused a burst DNS traffic" is not much of a problem
> statement, honestly.
>
> What does this patch add, of value, that isn't already covered by
> "max-cache-ttl"?
>
> If you're
So, fix the TTLs on the RBLs, sheesh! Pathological use cases don't warrant
deviation from standard.
- Kevin
-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net]
Sent: Thursday, August 04, 2016
"many client have caused a burst DNS traffic" is not much of a problem
statement, honestly.
What does this patch add, of value, that isn't already covered by
"max-cache-ttl"?
If you're trying to allow the operators of intermediate resolvers to override
the intentions of the data owner, by
Most likely, it has to do with recursion settings, yes, but indirectly. When
recursion is not honored for a client, the next thing that named does is check
whether the answer, or anything relevant to the answer, is in cache. But access
to the cache, these days, defaults to being as restrictive
Hello!
When I see this in the log, does this mean it is because the server
does not allow recursion?
Aug 4 18:52:19 bitmachine1 named[26142]: client 127.0.0.1#52733
(c303.cloudmark.com): query (cache) 'c303.cloudmark.com/A/IN' denied
Aug 4 18:56:08 bitmachine1 named[26142]: client
Hello Sirs,
I am Sukmoon Lee, a software developer and network engineer in South Korea.
Recently, most clients(smart phone) have a local DNS cache.
The Cache DNS TTL affects the client cache expiration time domain. So many
clients have caused a burst DNS traffic.
In order to solve this issue
Hi!
> Tony Finch schrieb am 04.08.16 um 09:21:36 Uhr:
> > The error suggests to me that you have a key-directory mismatch, but you
> > seem to have that under control.
That was the right hint! I had no key-directory "/var/lib/named/keys";
specified in named.conf.
There also is
Andreas Meyer wrote:
> Tony Finch schrieb am 04.08.16 um 09:21:36 Uhr:
> >
> > The error message refers to the key ID rather than the filename - in more
> > recent versions it has been clarified to use the actual filename.
>
> Is it possible to look for the
Hello!
Tony Finch schrieb am 04.08.16 um 09:21:36 Uhr:
> > The key is named Kbitcorner.de.+005+16938.private but named is looking for
> > a key named bitcorner.de/RSASHA1/16938 or is it just substituting?
>
> The error message refers to the key ID rather than the filename - in
Andreas Meyer wrote:
>
> dns_dnssec_keylistfromrdataset: error reading private key file
> bitcorner.de/RSASHA1/16938: file not found
>
> I think it must have something to do with the name itself, could it be?
>
> The key is named Kbitcorner.de.+005+16938.private but named is
15 matches
Mail list logo