of any kind is expressed
>
>in this notice and none should be implied. ISC expressly excludes
>
>and disclaims any warranties regarding this notice or materials
>
>referred to in this notice, including, without limitation, any
>
>implied warranty of
ded by named.conf via
"include" directive. After that the directory is mounted via `mount --bind` into
chroot so you can just put files into /etc/named/, include them into named.conf
and chrooted configuration will work for you out of the box (i.e. you do
On Fri, Sep 21, 2012 at 09:36:11AM +0100, Niall O'Reilly wrote:
>
> On 21 Sep 2012, at 08:55, Adam Tkac wrote:
>
> > Because rc2 was released too late to get it into RHEL 6.3... Btw which is
> > the
> > bug that bothers you? Why don't you report it to RH bu
HEL 6.3... Btw which is the
bug that bothers you? Why don't you report it to RH bugzilla?
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing
ger for DNSSEC setup
(http://www.nlnetlabs.nl/projects/dnssec-trigger), it can probe your server for
"DNS-over-SSL". Check dnssec-trigger overview, section "How does it work" for
more details.
Note this doesn't mean you should allow connections to p
abase" { "debug"; };
> >
> > category "config" { "debug"; };
> >
> > category "queries" { "ops"; };
> >
> > category "client" { "ops"; }
On 01/19/2012 09:18 PM, Stack Kororā wrote:
Hello,
The dhcpd mailinglist sent me your way with a problem I am having with
named/dhcpd.
The problem I have is that I can not seem to get reverse hostname lookups
in my PXEboot, which means my PXEboot clients think they are localhost.
The problem t
py in the virtual environment. You can (if
> you understand the issues surrounding it), use /dev/urandom as your
> random source, or look at installing something like haveged
> (http://freecode.com/projects/haveged) to solve the problem.
Another good
On 11/16/2011 01:35 PM, David Ford wrote:
> can we have a paradigm shift from ISC please? instead of falling over
> dead with insist/assert, please bleat a warning and drop the problematic
> issue on the floor instead and press on with business. many BIND DoS
> attacks (and zone typos) are very e
On 11/10/2011 11:16 PM, Evan Hunt wrote:
>> I know that this isn't the forum for betas
> Sure it is. :)
>
>> We have been testing with the alphas and now with the beta. What we are
>> seeing is that whenever named starts, it initially creates the signed
>> static zone file, but never really finishe
On 09/06/2011 01:54 AM, Mark Andrews wrote:
> In message <1315237316.31288.2.ca...@ns.five-ten-sg.com>, Carl Byington
> writes:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>>
>>> "dnssec-lookaside auto;" only pulls the "dlv.isc.org" key out of
>>> that file. The root's key is just for
On 06/10/2011 01:45 PM, Chris Thompson wrote:
> On Jun 10 2011, Mark Andrews wrote:
>
>> In message <201106100709.qaa04...@osspc4.sra.co.jp>, YABUKI Youichi
>> writes:
>>> The BIND security advisory for CVE-2011-1910 does not mention
>>> about versions 9.7.0, 9.7.0-P1 and 9.7.0-P2.
>>> Does the CVE
t it seems to be absent from the bind build on my Fedora 12
> box, so I don't know if it's fallen by the wayside.
Hello,
the DBus interface is old and is not compatible with current
NetworkManager interface. Due this reason BIND in Fedora is built
without it.
Regards, Adam
--
Adam T
, called "worker" threads are created in lib/isc/task.c.
So number of threads (as shown via `ps -eLf |grep named`) is always number
of worker threads + 3.
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
the root zone. With no arguements it just updates the
> current list of zones listed is /etc/trusted-keys.
Isn't sufficient to configure the root trust anchor inside "managed-keys {};"
statement? If I understand correctly the key should be automatically
updated, shouldn't it?
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ion 9.7 p2 directly in my REDHAT?
Yes, it is. You can download it from ISC site and compile it.
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ary will
look like:
isc/namespace.h:
#ifdef BIND9
#define isc_something isc__something
#endif
libisc.so:
isc_something
isc__something
So there will be no runtime issues. May I ask you if you can change
current dynamic libraries setup somehow? I can prepare the patches,
if you are interested.
Rega
in error,
> > please immediately reply to the sender and delete this information from
> > your system. Use, dissemination, distribution, or reproduction of this
> > transmission by unintended recipients is not authorized and may be
> > unlawful.
> >
> ___
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
l" DNSSEC
option in 9.3.X series:
options {
...
dnssec yes;
...
};
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
>
> Please remember to check frequently for updates to our trust anchor
> file, as we introduce new Key-Signing Keys (KSKs) every 6 months.
>
> Regards,
>
> Anand Buddhdev,
> DNS Services Manager, RIPE NCC
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
@123.123.123.123
google.com
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
RITY SECTION:
plymouth.ac.uk. 85943 IN NS dns1.cs.strath.ac.uk.
plymouth.ac.uk. 85943 IN NS dns0.plymouth.ac.uk.
plymouth.ac.uk. 85943 IN NS dns1.plymouth.ac.uk.
plymouth.ac.uk. 85943 IN NS dns2.cs.strath.ac
;
> How can i do it?
> Thanks,
> Lars
You can use `forward` zone. Check
https://www.isc.org/software/bind/documentation/arm95#zone_statement_grammar:
zone "example.com" IN {
type forward;
forward only;
forwarders { IPaddr; };
};
Regards, Adam
--
Ada
...
forward only;
...
};
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
idea to use package from your vendor because
you don't have to watch bind-announce, don't have to compile each
time when bind is updated etc. You can simply run "yum update" or
"apt-get upgrade" and you can be sure you have software without
security issues. But feel free to compile named yourself if you prefer
this approach.
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
rg
> > https://lists.isc.org/mailman/listinfo/bind-users
> > =20
> > Please consider our environment before printing this e-mail or =
> > attachments.
> > --
> > CONFIDENTIALITY NOTICE: This e-mail may contain privileged or =
> > confidential information and is for the sole use of the intended =
> > recipient(s). If you are not the intended recipient, any disclosure, =
> > copying, distribution, or use of the contents of this information is =
> > prohibited and may be unlawful. If you have received this electronic =
> > transmission in error, please reply immediately to the sender that you =
> > have received the message in error, and delete it. Thank you.
> > --
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
> ___
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
:01:12 PM CEST using RSA key ID 0B7BAE00
gpg: Can't check signature: public key not found
Current ISC key located on http://oldwww.isc.org/about/openpgp/pgpkey2006.txt
has different ID - 1BC91E6C.
Would it be possible to publish updated PGP key, please?
Regards, Adam
--
Adam Tkac, Red Hat
at task.c:862
> #14 0x2af5a1ae2367 in start_thread () from /lib64/libpthread.so.0
> #15 0x2af5a259f0ad in clone () from /lib64/libc.so.6
>
> This looks MySql related. I have mysql query logging enabled, so I can
> see what comes in. So far, nothing looks malformed, which
27629
- http://lkml.org/lkml/2007/12/4/260
- http://lkml.org/lkml/2008/4/17/474
$ echo "1" >/proc/sys/net/core/xfrm_larval_drop
should help you.
Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
series and DLZ stuff has been merged in
9.4 development cycle. It is impossible to get DLZ working with bind
package that is shipped in RHEL5.
Could I ask you why you can't use SDB, please?
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hi all,
I would like to ask when libbind for 9.6 series will be available?
There is change 2447 which says "libbind has been split out as a
separate product" but AFAIK such product is not anywhere.
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
__
> Thanks for the suggestion, I'll play with it and see what happens.
>
Btw setup with slave zone in second view is described in FAQ as well:
- https://www.isc.org/faq/bind
- Configuration and Setup Questions -> "How do I share a dynamic zone
between multiple views?"
Adam
--
On Thu, Dec 04, 2008 at 12:28:38PM +0530, [EMAIL PROTECTED] wrote:
Hi,
>
> We need BIND 9.3.5-P2 version. But we are not getting the Download
> link.Kindly provide me the link. so that we can download this version,.
>
ftp://ftp.isc.org/isc/bind9/9.3.5-P2
--
Adam Tkac,
rd to determine where exactly problem is from
information written above. The best solution will be open ticket in RH
support tracker or RH bugzilla and attach core dump there.
Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Thu, Nov 20, 2008 at 09:18:01AM +, Niall O'Reilly wrote:
> On Wed, 2008-11-19 at 21:55 +0100, Adam Tkac wrote:
> > does anyone know if is it possible to sign multiple domains with one
> > KSK?
>
> Adam,
>
> I suspect your question may need to
t is impossible. Each zone
has to have his own KSK and ZSK pair, hasn't it?
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
I think BIND from Ubuntu distribution is not compiled as GNU source
(with _GNU_SOURCE macro defined). It is needed to get IPv6 working.
The best solution is to open ticket in Ubuntu bug tracker.
Adam
--
Adam Tkac, Red Hat, Inc.
___
bind-users mailing lis
37 matches
Mail list logo