.2 key external; };
also-notify { 10.0.0.2 key internal; };
allow-transfer { key external; };
allow-transfer { key internal; };
Mark
On 24 May 2023, at 08:13, Kaya Saman wrote:
Not sure if I did something wrong? Unfortunately the same thing has happened,
the internal zone file got trans
The !all-keys is to prevent matching by IP for the listed keys.
Do similar for all views.
Then add keys to primary definitions and server clauses with keys at
the view level for notify.
I’m pretty sure there is a knowledge base article with full details.
--
Mark Andrews
On 24 May 2023, at 05:4
On 5/23/23 20:18, Sten Carlsen wrote:
On 23 May 2023, at 19.46, Kaya Saman wrote:
On 5/23/23 18:07, Sten Carlsen wrote:
On 23 May 2023, at 19.00, Kaya Saman wrote:
On 5/23/23 12:47, Matus UHLAR - fantomas wrote:
On 23.05.23 12:22, Kaya Saman wrote:
I've got a very strange problem
On 5/23/23 18:07, Sten Carlsen wrote:
On 23 May 2023, at 19.00, Kaya Saman wrote:
On 5/23/23 12:47, Matus UHLAR - fantomas wrote:
On 23.05.23 12:22, Kaya Saman wrote:
I've got a very strange problem that has emerged somehow after migrating my isp.
My setup previously used 2x servers
On 5/23/23 12:47, Matus UHLAR - fantomas wrote:
On 23.05.23 12:22, Kaya Saman wrote:
I've got a very strange problem that has emerged somehow after
migrating my isp.
My setup previously used 2x servers in master/slave configuration for
my public "view" and then had
On 5/23/23 12:47, Matus UHLAR - fantomas wrote:
On 23.05.23 12:22, Kaya Saman wrote:
I've got a very strange problem that has emerged somehow after
migrating my isp.
My setup previously used 2x servers in master/slave configuration for
my public "view" and then had
Hi,
I've got a very strange problem that has emerged somehow after migrating
my isp.
My setup previously used 2x servers in master/slave configuration for my
public "view" and then had 3x servers for the "internal" view. This was
working fine for years and I have been regularly testing
[...]
Erm, are you *sure* that you want to do this?
Really really sure?
It's probably a bad idea, but
Step 1: Make yourself authoritative for www2, www3 -- in named.conf:
zone www2.example.com {
type master;
file /etc/namedb/www2.example.com;
};
zone www3.example.com {
Jason Fesler wrote:
On Jan 11, 2010, at 9:39 AM, Kaya Saman wrote:
Hi, since I got no responses for this question could I rephrase it to
asking if Bind will do a zone transfer over public internet if the
servers have private IP addresses and are behind NAT with static port
definitions
Jason Fesler wrote:
On Jan 14, 2010, at 3:00 AM, Kaya Saman wrote:
Thanks Jason! Will this work as Bind will examine the packet and will
have a different IP in the sendto: part
If your firewall/NAT is forwarding a public address to your private internal
address, it will rewrite
Kaya Saman wrote:
Hi all,
this is the first time I'm going to be playing around with a setup
like this so I'd like to get some advice:
I would like to run a master/slave configuration of Bind servers but
am confused about how to implement such a setup and the underlying
network fabric
Hi all,
this is the first time I'm going to be playing around with a setup like
this so I'd like to get some advice:
I would like to run a master/slave configuration of Bind servers but am
confused about how to implement such a setup and the underlying network
fabric involved!!
First up,
Sorry, just to mention in addition that I currently run a master/slave
configuration for internal DNS queries within the NAT! Since the current
location of servers has only one static IP available I have only exposed
one of the servers to the web but in the new location I plan to get as
many
Ok I will try to explain with a diagram as I'm pretty certain that still
no one gets what I'm on about:
+-+
Ok I think I've figured this out as I did a little test to change the IP
within the remote authoritative DNS server to 172.16.1.100.
of course there is no machine at that IP address within my networks but
there was some address confusion as the DNS server had the same IP
address as the
Hi Kevin,
first up thanks for the response!
Secondly the non-recursive query you asked for shows this:
% dig +norec rd1.optiplex-networks.com
; DiG 9.5.1-P2.1 +norec rd1.optiplex-networks.com
;; global options: printcmd
;; connection timed out; no servers could be reached
Sorry for the
it should be attempting a transfer.
Frank Pikelner
On 2009-12-01, at 6:21 PM, Kaya Saman samank...@netscape.net wrote:
Unfortunately the only place I can find anything to do with Bind
log-wise is in /var/adm/messages there is no specific /var/log/bind
or named log like in Linux with my
Joseph S D Yao wrote:
On Thu, Dec 03, 2009 at 12:59:51AM +0200, Kaya Saman wrote:
...
I just hope this doesn't take up many CPU cycles and memory as the debug
commands do in Cisco devices rendering them almost unusable in a fully
setup network environment.
...
I'm glad
Major thanks Joseph
Added below:
// logging clause - who, what, where, why, when, how, how long?
logging {
channel querylog {
file /var/log/named/query.log versions 15 size 25m;
// severity debug;
severity info;
print-time yes;
print-category
Hi,
I'm wondering if it's possible in Bind like my domain providers DNS
servers to use a different domain as the name server ns record for
another domain??
Excuse the horrific explanation I will try to describe what I mean:
I am about to start hosting a domain called birimgrup.com in my
Ok I think I have got somewhere but still a bit unsure of what's going on!!
dig birimgrup.com
; DiG 9.6.0-P1 birimgrup.com
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 567
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;;
name on the right hand side. Your PTR records will go in the reverse zone you
already have.
Chris Buxton
Professional Services
Men Mice
On Dec 1, 2009, at 9:11 AM, Kaya Saman wrote:
___
bind-users mailing list
bind-users@lists.isc.org
https
Services
Men Mice
On Dec 1, 2009, at 9:35 AM, Kaya Saman wrote:
Chris if you're referring to this:
birimgrup.com. IN A 192.168.1.170
www.birimgrup.com. IN A 192.168.1.170
It didn't come out right on the email
birimgrup.com. IN A
192.168.1.170 www.birimgrup.com. IN A
192.168.1.170
___
ok this is really weird!
In the actual zone file they are stacked on top of each other
Hi,
now that I have my zones and reverse files sorted out I have managed to
come across a problem which seems I had before even beginning any of this!
Basically for some reason my reverse zone for the external view isn't
transferring to my slave server this is quite strange as all the
Acl's are first match.
What you had devolves to
match-clients { any; };
Try.
match-clients { !192.168.0.0/22; !127.0.0.1; any; };
Adjust all the other acls
Ok so these are similar to Cisco IOS Acl's now I get it :-)
Unfortunately the reverse zone is still not
Many thanks for all the help first up :-) I really do appreciate it!
Am just wondering, I'm running BIND 9.6.0-P1 on Solaris 9 to achieve
this, so could this be a bug or something else yet not implemented into
Bind or perhaps somehow the way it was compiled as I'm using the
Blastwave
gmspro wrote:
I want to set-up dns server ,where to start from?
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Google is first place!!
Hi,
I'm not sure if there is a syntax error or if I've missed to include
something but for some reason my forward zone files don't seem to be
working :-(
I pulled the skeleton of the files straight off my working Solaris 9
boxes which use Bind 9 from Blastwave! I checked and double checked
Kevin Darcy wrote:
If you're loading a zone as sgd.test, then an owner name of
ns-m.test doesn't belong in it, and BIND is correct to reject it.
Either change that name to something under sgd.test, or set up a
separate zone for ns-m.test or anything above that in the hierarchy
(i.e. test or
Am I right in assuming this??
Otherwise, with my setup taking an example of google.com - I was trying
to use the .com with the .test where I actually wanted to use the .test
as the secondary level domain of google but not append a TLD to it.
I think this is against all DNS rules no??
Luc I. Suryo wrote:
you have to become auth for the .test and then in that zone define the
subdomain's NS
make sense?
nb: old company we had .prv for internal use :)
-ls
Thanks Luc,
I think I understand now! The TLD for my domain has become .test
therefor the secondary level domain
Other means:
The BIND manual tells how to turn on bind's query log, which is
normally turned off for performance/resource reasons.
On a very lightly loaded DNS server, it can be left on, and on a
medium-loaded server, it may be practical to
turn it on for a short while to collect some
James Pratt wrote:
You should really improve your google skills. If you can't even figure
out where I'm *at* well you probably really should not be in the DNS
business at all.. :)
-Original Message-
From: Kaya Saman [mailto:samank...@netscape.net]
Sent: Friday, September 18
Frank Bulk wrote:
Perhaps the inverse would be more interesting: what's the lowest-spec
hardware that could host an OS that would run the latest version of BIND. =)
Frank
Silly guess, but a cell phone running linux?? (with static IP could be a
mobile domain server)
As stated previously
Kaya Saman wrote:
Frank Bulk wrote:
Perhaps the inverse would be more interesting: what's the lowest-spec
hardware that could host an OS that would run the latest version of
BIND. =)
Frank
Silly guess, but a cell phone running linux?? (with static IP could be
a mobile domain server
Hi,
currently I have 2 Solaris 9 boxes in my home based data center running
as primary and secondary dns servers; they are Sun Netra T105's with
440MHz SPARC prcossors and 320MB of RAM.
http://www.optiplex-networks.com/lab/lab.html
Basically as I am going to be moving abroad since I have
Since you haven't mentioned how many zones and records you're hosting,
how do you expect anyone to guess how much hardware you need?
Yes thank you for pointing that out! I do apologize as I mentioned I've
just finished my studies and am as of yet quite in-experienced yet with
certain
In private email, he told me he has 59 forward and reverse records in
the internal view, and 22 of each in the external view.
This is nothing. A 10-year-old Pentium should be able to handle this
without breaking a sweat.
Thanks Barry, as I did mention in the beginning it is a home
[...]
Then. maybe you want to exchange Fedora with Red Hat's paid and
supported offering (RHEL ?). If that Server is mission critical
for you, the few bucks of yearly support contract shouldn't be
that much of a problem.
[...]
I have had many problems with Fedora 11 on a PPC as I run it for
40 matches
Mail list logo