Mark Andrews writes:
> It’s a long known issue with so called “Transparent” DNS
> proxies/accelerators/firewalls. Iterative resolvers expect to talk to
> authoritative servers. They ask questions differently to the way they
> do when they talk to a recursive server. Answers from different
> le
It’s a long known issue with so called “Transparent” DNS
proxies/accelerators/firewalls. Iterative resolvers expect to talk to
authoritative servers. They ask questions differently to the way they do when
they talk to a recursive server. Answers from different levels of the DNS
hierarchy for
Thought I would document this in case anyone else gets bit by it
I have several nameservers and other servers on a Comcast copper
connection (cable internet) in the office using a Technicolor Business
Router CGA4131COM modem. This is Comcast's de-facto standard modem as
of 2022 for business
> On 6 May 2022, at 04:53, frank picabia wrote:
>
>
>
> On Thu, May 5, 2022 at 3:48 PM Tony Finch wrote:
> frank picabia wrote:
> > On Thu, May 5, 2022 at 1:46 PM wrote:
> > >
> > > Tony wrote a nice article about that:
> > > https://www.dns.cam.ac.uk/news/2020-01-15-rollover.html
> >
> >
On 6/05/2022 7:51 am, Grant Taylor via bind-users wrote:
On my Bind9 server, I have the following zone-files:
forward.example.lan.db:
ns1 IN A 192.168.0.10
ns1 IN fe80::f21f:afff:fe5d:be90
I don't see the 2nd, Docker (?), address; 172.17.0.1, in the zone. S
On 5/5/22 1:35 PM, Maurà cio Penteado via bind-users wrote:
Hi folks,
Hi,
Thank you for the reply.
:-)
Unfortunately, I did not understand how I am supposed to add multiple
A-records for the same name to the zone-file to fix this issue.
Based on your first message, you already have mult
Hi folks,
Thank you for the reply.
Unfortunately, I did not understand how I am supposed to add multiple A-records
for the same name to the zone-file to fix this issue.
On my Bind9 server, I have the following zone-files:
- - -
forward.example.lan.db:
$TTL 604800@ IN SOA ns1.
On Thu, May 5, 2022 at 3:48 PM Tony Finch wrote:
> frank picabia wrote:
> > On Thu, May 5, 2022 at 1:46 PM wrote:
> > >
> > > Tony wrote a nice article about that:
> > > https://www.dns.cam.ac.uk/news/2020-01-15-rollover.html
> >
> > Thanks for that. My problem is these notes have little in co
frank picabia wrote:
> On Thu, May 5, 2022 at 1:46 PM wrote:
> >
> > Tony wrote a nice article about that:
> > https://www.dns.cam.ac.uk/news/2020-01-15-rollover.html
>
> Thanks for that. My problem is these notes have little in common with how
> the digital ocean guide
> ran it (
> https://www.
On Thu, May 5, 2022 at 1:46 PM wrote:
> Hi,
>
> On 5/5/22 6:37 PM, frank picabia wrote:
> >
> > Hi,
> >
> > I've been running a Bind set up with DNSSEC for many years.
> > It was done following the guide at the digitalocean site.
> >
> > What I don't find in a nice guide, is how to change your a
Is there a guide on transitioning the DNSSEC signing algorithm,
One of the best concise instructions on doing this was written by Tony Finch
while at Cambridge, and I have used this [1] successfully a few times.
My recommendation: print it out, and use a red pen to tick off the individual
point
Hi,
On 5/5/22 6:37 PM, frank picabia wrote:
Hi,
I've been running a Bind set up with DNSSEC for many years.
It was done following the guide at the digitalocean site.
What I don't find in a nice guide, is how to change your algorithm
to a more current one, and seamlessly make your domain
run
On 05. 05. 22 18:37, frank picabia wrote:
Hi,
I've been running a Bind set up with DNSSEC for many years.
It was done following the guide at the digitalocean site.
What I don't find in a nice guide, is how to change your algorithm
to a more current one, and seamlessly make your domain
run unde
Hi,
I've been running a Bind set up with DNSSEC for many years.
It was done following the guide at the digitalocean site.
What I don't find in a nice guide, is how to change your algorithm
to a more current one, and seamlessly make your domain
run under this new chain of data.
I tried it on my o
On 5/5/22 9:01 AM, Reindl Harald wrote:
by not add multiple A-records for the same name to the zone-file
BIND don't know about docker on it's own
Another option would be to leverage BIND's ability to sort A records
based on configured preference (in the config file, not the zone file)
based o
Am 05.05.22 um 16:05 schrieb Maurà cio Penteado via bind-users:
What is the current behavior?
Nslookup from a DNS Client workstation should not get docker0 ip
addrees of the Bind9 Server PC.
|nslookup ns1.example.lan Server: UnKnown Address:
fe80::f21f:afff:fe5d:be90 Name: ns1.exampl
Summary
Docker0 interface is being resolved and DNS Clients cannot deal with the
address.
BIND version used
BIND 9.18.1-1ubuntu1-Ubuntu (Stable Release)
Steps to reproduce
On a fresh Ubuntu 22.04 Server install and set Bind9 up. After that install
docker.
What is the current behavior?
Nsl
17 matches
Mail list logo