Julie,
Not intending to come across as rude, but is this the list you intended to post
to?
FWIW, you posted to the BIND list, not the DHCPD list.
Good luck,
Jerry
On 02/05/18 19:30, Julie Xu wrote:
Hi,
I have dhcpd running on two servers. Share the load 50%.
I expect if one of the server
Hi,
I have dhcpd running on two servers. Share the load 50%.
I expect if one of the servers has issue, another one will automatically take
over for all 100% clients.
But, the fact is not. When one of them down, or frozen, half of users had lose
network without ip address.
My configuration is:
Thanks for the responses folks...so if I don't need to manage root.hints,
can I remove the line:
zone "." IN {type hint;file "root.cache";};
from named.conf?
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this li
On Wed, May 2, 2018 at 5:02 PM Greg Rivers
wrote:
> On Wednesday, May 02, 2018 16:48:00 Rick Dicaire wrote:
> > ... what is the official/best practise/recommended way to update
> root.hints?
> >
> https://www.iana.org/domains/root/files
>
> But you don't really need it unless you're running an in
On Wednesday, May 02, 2018 16:48:00 Rick Dicaire wrote:
> ... what is the official/best practise/recommended way to update root.hints?
>
https://www.iana.org/domains/root/files
But you don't really need it unless you're running an internal root; as stated
at that link, "For many pieces of softwar
Hi, used to be you could
dig > root.hints
and use this file in named.conf for root.hints configuration.
Some time around 9.11? the output of dig with no arguments stopped
reporting the ADDITIONAL section that shows the IPs of the root servers.
I've moved on to 9.12 and the dig behaviour is same as
On 05/02/2018 12:59 PM, Blason R wrote:
Well, challenge is not implementing RPZ that part is done but now
wondering as a advanced part if such attacks can be detected as well
blocked by using RPZ? I guess one option I see if to deploy HIDS on BIND
server like suricata which will detect such att
Well, challenge is not implementing RPZ that part is done but now wondering
as a advanced part if such attacks can be detected as well blocked by using
RPZ? I guess one option I see if to deploy HIDS on BIND server like
suricata which will detect such attacks. But that will consume lot of
resources
On 05/02/2018 12:23 PM, Blason R wrote:
I would really appreciate if someone can shed light; if DNS based
advanced attacks can be stopped using DNS RPZ? Like DNS beacon channels
or Data Exfiltration through DNS queries.
If you know fixed aspects of the queries / responses, you can very
likely
Hi,
I would really appreciate if someone can shed light; if DNS based advanced
attacks can be stopped using DNS RPZ? Like DNS beacon channels or Data
Exfiltration through DNS queries.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
Hello,
We are managing our DNS zone within LDAP through a 3rd party editor
(FusionDirectory). This software is configured to export the LDAP configuration
to plain text zone files, updated on the master (and a zone reload is made by
the software by calling rndc).
If we make this zone dynamic
Oh I overlooked the statement.. Yep we need to use prefix
*IPv4 IP Trigger Name Format* The keyword label of rpz-ip invokes this
trigger type. The IPv4 address is written in the form
*prefix.a4.a3.a2.a1.rpz-ip*
Does anyone have any better idea to reverse it?
On Wed, May 2, 2018 at 5:00 PM, Blaso
Hi,
I am trying to write a zone for policy-ip-trigger and trying to reverse the
IP which I have done with below command
cat test | awk -F. '{print $4"."$3"."$2"."$1".rpz-ip"}'
Does any one have any other idea?
Also with policy-ip-trigger is it mandatory to provide subnet mask in
reverse manner?
13 matches
Mail list logo
