Hi Jiaming.
Every zone *must* have one SOA record and at least one NS record. This is a
requirement of the protocol.
Internal clients will (probably) be making recursive queries to the
internal DNS server for A, , MX, SRV records (maybe some more types as
well). It is unlikely they will be mak
Dear Greg,
I agree using child zones is a better idea, and I'm actually using this, what I
want to hide is the NS records of the internal-only subdomains. OR is the NS
record totally unnecessary if the DNS resolver has these individual zones
(which I don't think so based on how DNS query works)
For CVEs, we have own site listing each and what is affected, what is
not and whether fix is already available. CVE-2022-3924 [1] is not yet
released in RHEL. Of course if you look into upstream notes to check
what we have fixed in our distribution, it won't work well. Watching
your own distrib
Dear Nick,
The slave config was amended from the master, I don’t need the slave to notify
any other server. I’ll check if any other zones have similar residue left.
Thanks for pointing out.
Kind regards,
Jiaming Zhang
Yixi Meta
Tel: +31 (6) 12 98 08 07
Email: j.zh...@yiximeta.com
Website: yixi
Hi Jiaming.
I had a similar requirement. Since there were not many (a few tens or at
most a hundred) names that needed to be resolved differently locally my
approach was to create a zone for each of them and to not have the parent
zone at all. Each specific zone would contain a single A record (or
Dear Greg,
The initiative was that we have certain records that wish to be view only
internally and may resolve to private address (e.g. insite A 10.1.1.1).
Kind Regards,
Jiaming Zhang
Yixi Meta
Tel: +31 (6) 12 98 08 07
Email: j.zh...@yiximeta.com
Website: yiximeta.com
De informatie in dit be
On Tue, Apr 18, 2023 at 3:20 AM Havard Eidnes via bind-users
wrote:
>and if I run straight "upstream" code, it's fairly straight-
>forward to upgrade to this version, modulo, of course, the fact
>that this involves building it from source.
>
It may not be necessary to build from sourc
> You do not have to sift through lists.
That depends entirely what one wants to do. I see a couple of
scenarios where that may be required:
1) Let's say someone has flagged to you as a BIND administrator that
your BIND installatin is susceptible to CVE-2022-3924. This
could be done via a
8 matches
Mail list logo
