On 10/1/2014 3:45 PM, Tony Finch wrote:
(Sorry for straying off topic. I have less experience of Cisco PIX/ASA
breaking DNS than of them breaking SMTP.)
I can't resist either..
I specifically remember a PIX that bit me by helpfully changing the
payload of an axfr so that the A records that
On 6/11/2013 7:12 PM, Gary Wallis wrote:
What really happens in the real world when 1 out of three
authoritative NSs are down for 30 minutes due to a datacenter outage?
For example, we have 3 NSs:
ns1.someisp.net 12.23.34.45
ns2.someisp.net 23.34.45.56
ns3.someisp.net 34.45.56.67
All in
On 4/6/2013 12:46 AM, Lawrence K. Chen, P.Eng. wrote:
So, up until a couple years ago...our webmail address had always been, and only webmail.ksu.edu. But, under the new
directionit has to work as webmail.ksu.edu, www.webmail.ksu.edu,
webmail.k-state.edu,www.webmail.k-state.edu. and SSL
On 1/8/2013 8:19 AM, Timothe Litt wrote:
What I think would be more useful is if named actually reported the
issues to where they'd do some good. Perhaps a DNS extension I got
an invalid message from you - so it shows up in the log of the server
(and administrator) with the problem. (I'd
On Mon, Jan 16, 2012 at 2:52 PM, Barry Margolin bar...@alum.mit.edu wrote:
One (icky) solution is to hand out more addresses for one server than the
otherŠ
www.example.com IN A 192.168.1.1
www.example.com IN A 192.168.1.2
www.example.com IN A 192.168.1.3
www.example.com IN A
On 11/17/2010 2:26 PM, blrmaani wrote:
I see a peculiar behavior on my DNS server. The named CPU reaches 90%
+ every 10 minutes and my monitoring software keeps paging me.
I have a DNS host running FreeBSD 7.x, running BIND 9.4.x on a 2-CPU
machine with 4GB RAM. It is a recursive DNS server.
On 10/11/2010 5:11 PM, Beat Jucker wrote:
Is the problem zone larger than the ones that are not a problem? If so
it may be a MTU problem, or even a firewall that does things differently
based on packet sizes.
Indeed the trouble zone is about double the size of other zones.
Both DNS servers
On 10/7/2010 4:55 AM, Beat Jucker wrote:
Hello BIND users
I have a very strange problem with AXFR. We are using a master and a
secondary DNS Server with an internal and an external view. Depending
on the source address the secondary server will get the internal or
external view for zone
On 10/5/2010 9:19 AM, Atkins, Brian (GD/VA-NSOC) wrote:
I asked a similar question 2 weeks ago and got a non-response (e.g., a
response with no real information).
From what I've read, everyone seems to frown on over-riding cache times,
but I haven't seen any specifics as to why it's bad.
On 9/23/2010 10:19 AM, Atkins, Brian (GD/VA-NSOC) wrote:
I'm looking for methods to reduce the period of time we cache external
records (e.g., www.google.com). I think the option I need to implement
is max-cache-ttl.
Is this the correct method for limiting caching? Are there reasons that
I
On 9/15/2010 5:18 PM, ML wrote:
Hi,
I'm having a problem with my caching DNS servers. I'm on bind 9.4.3-p5, threads
enabled (4), running gentoo 64 bits.
For 2 days, I have some clients (mail servers receiving spams) issuing a lot of
requests on zone hosted on dead dns server. For example :
On 9/9/2010 4:43 AM, Rock July wrote:
Hi All,
I have a problem with one of my DNS. This DNS is configured as slave and
have two masters (hosting different domains).
Recently, I changed the IP of one of the master DNS then all domains
under that master DNS cannot be resolved on the slave DNS
On 8/19/2010 10:52 AM, Steve Arntzen wrote:
I would like to resolve dns.ourdomain.com to a list of our DNS server
names and possibly their IPs.
As we use many DNS servers (and or views) for our different development
environments, it would be very helpful for the developers to easily find
the
On 8/19/2010 2:33 PM, Samad Agha wrote:
2- When I perform this query from our ns1 server I do get the correct
result, but the same query from ns2 server fails
can't find rim.com http://rim.com: Non-existent host/domain
Any help would be highly appreciated; many thanks in advance.
The
On 8/18/2010 8:30 AM, Phil Mayers wrote:
On 18/08/10 13:15, Lightner, Jeff wrote:
It comes right up in Firefox but prompts for a username and password.
Do you have DNSSEC validation enabled? Because as per my email, it's a
DNSSEC problem.
After a bit of investigation, it seems that the
On 8/18/2010 1:12 PM, Casey Deccio wrote:
On Wed, Aug 18, 2010 at 9:48 AM, Dave Sparrodspa...@gmail.com wrote:
On 8/18/2010 8:30 AM, Phil Mayers wrote:
...since the ncbi zone is an unsigned child zone, there needs to be an
NSEC/NSEC3 record to prove the absence of the DS record, and have a
On 8/13/2010 6:08 AM, Phil Mayers wrote:
Still puzzled that bind didn't seem to log anything. I will have a trawl
through the source I think; I'm sure it must be my logging config.
I don't know if I'm on the right path, but were you logging lame
delegations?
--
Dave
On 8/13/2010 1:53 PM, Mike Mackintosh wrote:
How will the registrar be able to resolve the host name
dns.angryserver.net if dns is not propagating? I understand that when
you register a domain, the registrar will send the nameserver
information to the root servers, which are then queried for
On 7/29/2010 2:11 PM, Michelle Konzack wrote:
Hello Matus UHLAR - fantomas,
Your hostname is private and inaccessible from the outside. The requesters
get SERVFAIL reply which apparently makes them retry. If you provided them
any IP address (e.g. 127.0.0.1) they could be satisfied and stop
On 7/28/2010 5:53 AM, Michelle Konzack wrote:
Hello Experts,
my primary NameServerdns1.tamay-dogan.net is hit by more then 600.000
requests per day coming mainly from three NameServers:
[ '/var/log/named.log' ]
Jul 28 11:18:17 samba3
On 7/13/2010 1:11 PM, Shiva Raman wrote:
Dear All
This is in reference to the performance tuning , i had already gone
through the mailing list archives , but could not find answer to my
specific query mentioned here.
Right now i am using queryperf to test the performance with sample query
On 6/16/2010 10:44 AM, Niobos wrote:
In this configuration, the server's IP is present multiple times, which
will lead to mistakes in the future. I can't let the SRV-record point
directly to server either, since the vhost-configuration needs the
correct Host:-HTTP header.
Or am I missing
On 4/25/2010 10:23 PM, Trần Trọng Tấn wrote:
Hi, I have a caching-only dns server which get ~3k queries per second.
Here is specs:
|Xeon dual-core2,8GHz 4GB of RAM
Centos 5x 32bit(kernel2.6.18-164.15.1.el5PAE)
bind9.4.2
|
rndc status: recursive clients: 666/4900/5000
Bind always uses
On 4/9/2010 8:59 PM, Steven Wilmot wrote:
1 - The original server-configuration (or response) from primary-dns.co.uk
is NOT VALID
If this is the case, could you please help let me know exactly which RFC or
configuration that you believe is not valid.
Note: 'primary-dns.co.uk is owned and
On 2/13/2010 9:42 PM, kalpesh varyani wrote:
Hi Rick,
I am aware that it is a somewhat odd (but not incorrect, am I right ?)
to put a non-recursive name server in the resolv.conf but I am not
able to understand the behavioral difference of ping/dig and nslookup.
But logically shouldn't it
On 2/9/2010 7:28 PM, Mark Andrews wrote:
In message4b719346.4020...@arcelormittal.com, Cedric Lejeune writes:
In fact, our firewall was doing some kind of traffic shaping (thanks
Robert ;): if the number of requests of any type goes above a define
number, then block further requests.
On Wed, Dec 2, 2009 at 9:43 AM, Dmitry Rybin kirg...@corbina.net wrote:
I found answer for my feature request - simple C proxer:
http://www.wolfermann.org/dnsproxy.html
It can forward queries to auth or recursion server. Based on client IPs.
What if one of your access customers is running
On Mon, Nov 16, 2009 at 7:08 AM, Agarwal Vivek-RNGB36
rng...@motorola.com wrote:
Iam running BIND-9.3.3 on Linux Server. I have configured match-clients in
the named.conf file. I added some more IPS to
this and restarted the named process. The issue is its not getting updated and
the new added
On Wed, Sep 23, 2009 at 8:00 AM, Marcos Lorenzo de Santiago
marcos.lore...@ayto-getafe.org wrote:
I no longer manage one of our DNS domain. As I use 'rndc reconfig' to
load newly created zones I was wondering if exists a way to do the same
as reconfig but inversely, I mean, reload configuration
Based on the answer size for the query you presented, I'd focus on
looking for an upstream filter/device that is blocking answers that
are 512 bytes.
On Wed, Sep 9, 2009 at 5:34 AM, Matthias Brehmmatthias.br...@dpd.com wrote:
Dear all,
we use bind9.5.0-P2 for the internet dns server.
Scott Haneda wrote:
On Jul 15, 2009, at 12:29 PM, Dave Sparro wrote:
Scott Haneda wrote:
... However, I would like to just get DNS response times.
Perhaps take the list of hosts and feed them to a iterative script
calling dig, and fish out the response time? This does add the
problem
Alan Clegg wrote:
ponga2...@gmail.com wrote:
I'm seeing name queries from a couple clients on the network that
occur around every two minutes - the queries are evidently random and
are looking for A IN records of this form, as an example:
ungzbvyf.lzghmccim
They always look like this, 8
32 matches
Mail list logo
