Re: Latest BIND: Error "rpz_rewrite_name: mismatched summary data; continuing"

2016-09-05 Thread Tom
Is there a workaround/configuration-directive not to log every request with this "error"? One way would be using BIND 9.9.9-P2 (because this code was added in 9.10.x...), but I would prefer 9.10.x. Kind regards, Tom On 08/31/2016 03:05 PM, Tony Finch wrote: Tom wrote:

Re: Request reverse dns mapping advice

2016-09-05 Thread Dave Warren
On Mon, Sep 5, 2016, at 09:46, John Levine wrote: > >1. pick a primary domain from the list of virtual hosts (example2.com) > >2. use the "real" host name of the server (juvat.example1.com) > >3. the mail server name (mail.example1.com) > >4. the dns server name (ns2.example1.com) > >5.

Re: minimal-any on master

2016-09-05 Thread Tony Finch
Jim Popovitch wrote: > > Hmmm, this is counter to what I've believed all along. I > thought it was > prudent to have key overlap during rollovers. There are two separate things which you can overlap semi-independently: * is the key published in the zone? * is the key

Re: Request reverse dns mapping advice

2016-09-05 Thread Tom Browder
On Monday, September 5, 2016, John Levine wrote: > >1. pick a primary domain from the list of virtual hosts (example2.com) > >2. use the "real" host name of the server (juvat.example1.com) > >3. the mail server name (mail.example1.com) > >4. the dns server name

Re: Request reverse dns mapping advice

2016-09-05 Thread John Levine
>1. pick a primary domain from the list of virtual hosts (example2.com) >2. use the "real" host name of the server (juvat.example1.com) >3. the mail server name (mail.example1.com) >4. the dns server name (ns2.example1.com) >5. another domain from the virtual hosts list (example 3.com)

Re: minimal-any on master

2016-09-05 Thread Jim Popovitch via bind-users
On Mon, Sep 05, 2016 at 05:12:47PM +0100, Tony Finch wrote: > Jim Popovitch via bind-users wrote: > > > > Thanks. Now I'm seeing something slighly different. I have 3 NS > > servers, ns{1-3}.domainmail.org. > > > > When I first asked 3 days ago I was seeing long ANY

Re: minimal-any on master

2016-09-05 Thread Tony Finch
Jim Popovitch via bind-users wrote: > > Thanks. Now I'm seeing something slighly different. I have 3 NS > servers, ns{1-3}.domainmail.org. > > When I first asked 3 days ago I was seeing long ANY repsonses on the > master (ns1). Today I am seeing long ANY responses on

Request reverse dns mapping advice

2016-09-05 Thread Tom Browder
I have two remote servers, one with one IPv4 address, and one with five IPv4 addresses. My ISP will provide reverse mapping for all if I provide the desired rDNS record for each address. The rDNS record for the one-address server is not a problem, but I would appreciate opinions on the choice of

Re: minimal-any on master

2016-09-05 Thread Jim Popovitch via bind-users
On Mon, Sep 05, 2016 at 09:51:25AM +0100, Tony Finch wrote: > Jim Popovitch via bind-users wrote: > > > > Should minimal-all (v9.11.0-rc1) work on a master? My testing shows > > that it only works on the slave DNS servers. > > Works for me :-) minimal-any is

Re: minimal-all on master

2016-09-05 Thread Tony Finch
Jim Popovitch via bind-users wrote: > > Should minimal-all (v9.11.0-rc1) work on a master? My testing shows > that it only works on the slave DNS servers. Works for me :-) minimal-any is implemented at the point the records are being assembled into an answer - it still