Re: configure error for bind-9.20.1

Am Mon, Sep 16, 2024 at 09:08:11PM +0900 schrieb Sakuma, Koshiro: > Hello. Thank you for your quick response. Here is config.log file. And > also, libatomic installed list on RHEL9.4 version. {...} > $ ./configure --prefix=/usr/local/bind/chroot --localstatedir=/var > --sysconfdir=/etc --with

Re: bind918 malfunction?

Am Fri, Sep 06, 2024 at 09:27:21PM +0200 schrieb Ondřej Surý: > Anyway - since you are hitting the 32 limit, perhaps bumping the limit to 100 > (the value before) would help in your case? I am guessing the resolver is > being used for a limited set of clients and the chance of this specific abuse

dns_diff_apply / "del not exact" logging

Hi, since upgrading our secondary to 9.18.24 yesterday, I'm seeing the logging messages below. 14-Feb-2024 07:52:24.850 general: error: dns_diff_apply: wur1-ps003.ad01.geXXX/A/IN: del not exact 14-Feb-2024 07:53:28.732 general: error: dns_diff_apply: 1.0.e.4.1.1.0.0.2.ip6.arpa/SOA/IN: del not

rate-limit / nxdomains-per-second

I've been running with this configuration on some authoritative nameservers for the last couple of years: rate-limit { responses-per-second 100; errors-per-second 1000; nxdomains-per-second 1000; max-table-size 5; slip 2; }; options { tcp-clients 5000; } I understand

Re: FORMERR responses after upgrading resolver from 9.16 to 9.18.8

Am Fri, Oct 21, 2022 at 01:21:36PM +0200 schrieb Borja Marcos: > But tell your customer that their email message didn’t arrive on time because > the recipient has a misconfigured DNS server and > try to explain to them that, yes, Google resolved it successfully but you are > working for the commo

Re: FORMERR responses after upgrading resolver from 9.16 to 9.18.8

Am Thu, Oct 20, 2022 at 01:23:47PM +0200 schrieb Ondřej Surý: > did you try writing to elbrev.com operators to fix their > servers to stop breaking DNS protocol? It often helps. (I'm ccing the contact > in their SOA records, so let's see if anything happens.) > > It's not lac

FORMERR responses after upgrading resolver from 9.16 to 9.18.8

I've just finished upgrading our last resolver from 9.16 to 9.18.8 a few days ago. As it turn out a number of zones are no longer resolveable with 9.18. Some nameservers out there don't seem to support EDNS0 and the number of FORMERR responses in our resolver logs went up quite a bit. Here's an

Re: 9.16.19 repeated crashes on FreeBSD 12.2-p6

Am Thu, Aug 12, 2021 at 05:03:33PM -0700 schrieb Randy Bush: > FreeBSD 12.2-RELEASE-p6 GENERIC on amd64 > bind 9.16.19 from binary ports > > ok, i was quietly waiting for a fix to magically appear and is hasn't. I got lot's of crashes after upgrading from 9.16.18 to 9.16.19 too. In my case it hap

Re: nsupdate - adding large/split TXT record (2048 bit DKIM key)

On Mon, Jun 01, 2020 at 04:11:43AM -0400, vom513 wrote: > Can anyone point me to an example of how to do this ? I have a script that > rotates my DKIM keys, and uses nsupdate to publish. With 1024 bit - I must > be getting by by the skin of my teeth… > > When I try 2048 bit, the record is obvi

Re: DNSSEC zones not updated

On Wed, Jan 22, 2020 at 11:11:05AM +, Jukka Pakkanen wrote: > zone "gemtrade.fi" { > type master; > file "named.gemtrade"; > inline-signing yes; > auto-dnssec maintain; > }; > > $TTL 60 > @IN SOAns1.qnet.fi. helpdesk.qnet.fi. ( > 202001234 ; serial nu