On Apr 15, 2011, at 9:29 AM, hugo hugoo wrote:
I do not use the version provided bu Debian because I am migrating
from bind8 to Bind9 and I wan to have both versions available on the
same server.
So, I want to have Bind9 totally separated from Bind8.
I use Debian, version 5 and the last ESV
gning MX records be the "correct" result also? There are too many
possibilities to allow solving everyone's needs. This is something
that needs to be done by the DNS administrator who understands the
needs of the zone. (At least in my very humble opinion).
Bill Larson
__
On Feb 15, 2011, at 2:01 PM, Munroe Sollog wrote:
I am investigating using the dlz-ldap driver to store my zone file in
ldap. Before doing so, it seems that the official driver page had
less
than stellar things to say about the ldap driver.
Is anyone using LDAP as a backend? Are you happy
bout it.
If you do implement your MySQL solution, please, please, please, keep
us informed about how it works for you. We would like to know more
and are always willing to look at new technologies but aren't too
accepting of hand waving.
Bill Larson
Riccardo
On 2/12/11 11:33 PM,
ilding BIND was "./configure --
with-openssl=/usr/local/ssl". Note that I explicitly specified the
path for OpenSSL to avoid using the Apple supplied version of OpenSSL.
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ne else?
Questions 2 and 4 are simply reiterations of questions that others have
already posed to you. The others are mine.
We would like to help and your assistance is critical.
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
\
On Thu, Nov 25, 2010 at 2:50 AM, Matus UHLAR - fantomas
wrote:
> On 25.11.10 10:10, Tech W. wrote:
> > We have a zone in Bind, for example, abc.com
> > We designate a subzone of it to another dns server, for eaxmple, F5's
> 3DNS.
> >
> > The corresponding RR in Bind is:
> >
> > games.abc.com. I
ic based upon the source IP address at your router rather than
trying to control this at the application level. But, if you don't have the
ability to do this at the router, then as a simple option it can be done at
the application level.
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
. For a good example of this (and many
other things), see the Secure BIND Template at http://www.cymru.com/Documents/secure-bind-template.html
.
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo
't get there from here".
Then again, I've never been sure what the original requester was asking
for. If he didn't want to give an answer out to someone on a particular
network, then the "blackhole" option would seem to be a perfect solution in
the first place.
Thanks for your help on this list,
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
rmation in a
format that would appear to be legitimate. Why "trust" these version.bind
queries in the first place? Use the simple solution of asking the
administrators. A simple question deserves a simple solution.
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
;impossible" and can be eliminated. This leaves the other two
possibilities, no matter how improbable. This does NOT make both, or
either, of these possibilities "the truth".
> On Mon, Nov 2, 2009 at 10:33 AM, Bill Larson wrote:
>
> > Josh Luthman said:
> >
>
hat would help.
Well, when you are querying this "firstserver" (whatever that is - giving us
a fully qualified domain name would be helpful), it times out. The DNS
server on this "firstserver" isn't answering the query.
"Not sure what else I can provide that would
e 192.168.2.0
network still wouldn't be able to update because they did not get their
address from the DHCP server on the 192.168.1.0 network.
Bill Larson
Nicholas F Miller said:
> I take it this is not possible using update-policy?
> _
/usr/lib.
Or, start named with the "-t" option and specify the path to your chroot
environment and you won't have this problem either. "named" can create
it's own chroot environment without you having to build it yourself.
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
other root servers. Anyone know if there are other stats
> available?
This information is nice but not critical to the operation of a DNS server.
There are also papers available discussing improperly configured DNS servers
and improper DNS queries and their impact on the root servers. A
ings are bad?" (I suspect that this cam from "System
Performance Tuning" by Mike Loukides, O'Reilly & Assc. My copy is quite old
but still useful.) Know how your system is performing BEFORE there is a
problem.
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Aug 10, 2009, at 10:06 PM, Nelson Serafica wrote:
Thanks Mark! it works. I change my query source to one of the entry
below and it works.
Maybe a strange question. Why did you have a query source statement
in your configuration in the first place?
Bill Larson
Mark Andrews wrote
and managing a
firewall. This firewall router will simply not forward any traffic to
the hosts that you have "blacklisted". A much simpler solution to
manage. There are many pre-packaged systems that provide this type of
capability.
Bill Larson
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Apr 7, 2009, at 9:43 AM, Chandan Laskar wrote:
Hi,
We have deployed DNS on RHEL 5 Update 1. Below are feature of our
DNS.
1. Implemented OS Security Best Practice ( e.g. Enable MD5 and
shadow passwords, Root Login Console Restricted, Configure SSH as an
alternative of Telnet e.t.c.).
Exactly what operating system are you running under?
I have seen these types of problems with MacOS X and have described on
the BIND-USERS list as to how to get around this issue. If you are
running MacOS X, then I have an answer, but without knowing what you
are running ...
Bill Larson
ve, what I am questioning is having 50 million DNS resource
records on any DNS system. Is DNS an appropriate "database" for
storing 50 million records?
Bill Larson
-david
Andrew Ferk wrote:
What are the backend database options available? Is bind-sdb active
developed and is it pr
tion of the basic system,
simply increase complexity with the inherent decrease in security that makes
this type of addition a drawback.
Please, keep BIND as simple as possible (but not simpler). Leave additional
capabilities to separate tools such as "dnscap".
My two cents,
, so it appears that the question is what is happening on
your secondary.
Bill Larson
On Nov 16, 2008, at 2:44 PM, Jeff Justice wrote:
Well, first part solved. I forgot to change the IP address of our
nameserver at the registrar. Secondary is still not updating though.
Jeff J.
On Nov 16
24 matches
Mail list logo
