Thank you very much, it now works fine, just another question please, what is
the recommended open source tool to test the performance of a DNS server i.e.
capture packets and then send them to a DNS server to measure response time,
latency, cache usage etc.
Regards
De : Greg Choules
Envoyé :
>From the correct email alias this time!
On Mon, 19 Jun 2023 at 16:50, Greg Choules
wrote:
> Hi Lee/Sami.
> `break-dnssec yes;` *may* also be needed in some cases. But not here as
> the zone isn't signed anyway.
>
> The reason that "example.com" works but "antlauncher.com" doesn't is down
> to B
On 6/19/23, sami.rahal wrote:
> Thank you Greg
>
> I tested with other domain name to replace "SERVFAIL" with "NXDOMAIN" is it
> not working
You're missing "break-dnssec yes" on your response-policy stanza?
You need something like
response-policy { zone "rpz.mozilla"; zone "rpz.zone"; }
bre
Thank you Greg
I tested with other domain name to replace "SERVFAIL" with "NXDOMAIN" is it not
working
I use CentOS7 with BIND9.16.41
grep antlauncher db.rpz
antlauncher.com CNAME .
*.antlauncher.com CNAME .
grep example db.rpz
example.com I
Hi Sami.
That's not what I said.
Yes, you can do this with RPZ if you want - it's all in the BIND ARM - but
it's not something I would do.
Cheers, Greg
On Mon, 19 Jun 2023 at 12:40, wrote:
> Thank you Greg
>
> So if I understand correctly if we receive a servfail return code we can
> not modify
Thank you Greg
So if I understand correctly if we receive a servfail return code we can not
modify this code by nxdomain with the rpz configuration?
Regards
De : Greg Choules
Envoyé : lundi 19 juin 2023 12:02
À : RAHAL Sami SOFRECOM
Cc : bind-users@lists.isc.org
Objet : Re: replace "SERVFAIL" t
That's because this domain is broken. The NS for it are:
antlauncher.com: type NS, class IN, ns ns1626.ztomy.com (204.11.56.26)
antlauncher.com: type NS, class IN, ns ns2626.ztomy.com (204.11.57.26)
No matter what query you send them (so far) they respond with REFUSED and
claim not to be authorit
Hello
Thank you for these details Greg, by the way I worked on a problem on one of my
resolvers and there are no errors of type "SERVFAIL" currently for valid domain
names but I receive servfail for this domain name "antlauncher.com" that's why
I wanted to change the return code for this domain
Hi Sami.
Firstly, a couple of definitions:
NXDOMAIN is a response from an authoritative server (or a resolver because
it cached it). It is a positive confirmation that "this name does not
exist". It means that the QNAME in the query cannot be found, for any
record type.
SERVFAIL is a response from
Hello Thank you for your feedback,
yes it works like that! for that does not work for a domain name that already
has the return code "SERVFAIL" and we want to change this code by "NXDDOMAIN"
like this domain name "antlauncher.com"
regards Rahal
-Message d'origine-
De : bind-users De l
10 matches
Mail list logo