Hi Renzo.
You're welcome.
1) Correct. You don't need forwarding for a simple resolver. Take a look at
the meaning of the RD flag in the BIND protocol header. This should help
you understand the difference between recursive and non-recursive queries.
2) No. See 1)
3) Yes. For a standard resolver fac
Hi greg,
I thank you again for your suggestions.
>A.B.C.D is the address of this server?
yes, It's the Bind server
I read several documents about DNS architecture
My questions is about this configuration of bind:
1- according to your opinion my bind makes queries ro root server if is set
no 'for
Hi Renzo.
Thank you for that. The hints look OK. A bit old, but they will work.
The first thing I would advise you to do as a matter of priority is to
upgrade BIND.
9.11 has been end-of-life for a few years and there have been many security
fixes since then. 9.18.27 is the current version.
You co
Hi Greg,
he info you required:
1) BIND 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.2 (Extended Support Version) on
running on Linux x86_64 3.10.0-1160.2.2.el7.x86_64
2) named.ca if file which contains root servers
named.ca
. 518400 IN NS a.root-servers.net.
.
Hi Renzo.
Ah OK, I had it the wrong way round. AD DNS needs to resolve names in the
Internet on behalf of its clients, so it forwards to BIND.
In that case, two questions:
1) What version of BIND are you running? You can get this with "named -V"
2) What is in the file "named.ca"?
For a long time (
Hi Greg,
thank you very much for your explanation.
Let’s supposte AD domain was ‘my domain.it’ and I have 6000 computers of
government institute.
Here my bind configuration:
named.conf
———
include “…. named.conf.options" ;
zone "." IN {
type hint;
file "named.ca";
};
include “…. named.
Update:
This was not the fraud we thought it was
We have learned that emails we originally identified as abuse were sent by an
external contractor engaged by ISC to conduct a focussed and short-term lead
generation campaign. We have instructed the vendor to halt that campaign.
We clearly suf
Hi Renzo.
Firstly, please can we see your BIND configuration and have the actual AD
domain name.
Secondly, BIND, or any other recursive DNS server, does not 'forward' to
the root servers, unless you have configured it explicitly to do so, which
would be a bad idea and not work anyway. It will recu
I have Active Directory domain ( 'mydomain.it' ) with 8 domain controllers
to manage 8000 computers. Every Domain controller acts as dns service and
resolve internal domain names while forward queries about external domains
to another server, which Bind9 dns server (It's inside my company)
I'm chec
Hello
Thank you for these suggestions and advice. I will start by updating BIND to
version 9.18, then monitor the situation and provide feedback
Regards
-Message d'origine-
De : bind-users De la part de
bind-users-requ...@lists.isc.org
Envoyé : jeudi 27 juin 2024 02:04
À : bind-users@
10 matches
Mail list logo