.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org
... If you have multiple views on the slave containing
the same zone, you must either give them different IP and send notify to
both IPs or you can configure one view to fetch the zone from master and
notify the second view, which will fetch the zone from master or the first
view.
--
Matus UHLAR
recursion allowed on it.
If there is no correct nameserver list in /etc/resolv.conf, then this
named can't find ns1.def.com and ns2.def.com?
the BIND has nothing to do with resolv.conf.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
normal?
this is normal log of a zone transfer.
On the slave: (before the rndc reload zonename)
what's on the slave AFTER reload zonename?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
), there is automatically a bind9 startup script in
/etc/init.d/ directory.
Why don't you use the version provided with debian?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Two words: Windows survives. - Craig Mundie, Microsoft senior strategist
So does syphillis. Good
/24)
$ host mydns.example.com
mydns.example.com has address 10.140.27.10
mydns.example.com has address 172.16.1.10
mydns.example.com has address 192.168.1.10
look at sortlist statement in bind's config.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
hard to deprecate it.
nslookup is often not a bind tool, and that's one of reasons you have to
deprecate it ;)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
, if yes i don't
find any documents that talks about that (nothing in the arm.pdf file)
no, you can not. It was already told to you. However there are quite
possible some DNS servers that support weighing. But, again, DNS is not
suited for such usage.
--
Matus UHLAR - fantomas, uh...@fantomas.sk
is newest BIND version, ESV versions are supported for 9.4 and 9.6
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam = (S)tupid (P)eople's
on these nets.
do you have recursion enabled?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life
that we
secondary for other organizations, slaved to masters at
their sites.
why?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu
distribution, even if you compile from source.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display 16.7
validation at the
# root, the root key below can be copied into named.conf.
Does this still apply? Do I really have to copy the key for . into
bind.conf in order for it to be used and it's not managed automatically?
Or did I misunderstand something here?
--
Matus UHLAR - fantomas, uh...@fantomas.sk
.example.com is failed to communicate with, the
remote MTA will continue to talk to m2 or m3?
It seems that RFC5321 orders to try SMTP servers with lowest priority first,
but allows limiting or disabling this feature for specific installations.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
Helo,
did anyone notice that hostname at google has an underscore?
lh6.ggpht.com. 86400 IN CNAME photos_ugc.l.google.com.
photos_ugc.l.google.com. 300IN A 74.125.39.132
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
On 13.02.11 09:25, Mark Andrews wrote:
zone xxx {
type master;
database _builtin empty nameserver contact;
};
In message 20110213155712.ga1...@fantomas.sk, Matus UHLAR - fantomas writes:
Nice, but is that documented enough so the behaviour won't change or get
removed
On 13.02.11 09:25, Mark Andrews wrote:
In message 20110212220459.ga23...@fantomas.sk, Matus UHLAR - fantomas
writes:
2011/2/12 Matus UHLAR - fantomas uh...@fantomas.sk:
Is it possible to add additional zones as empty?
On 12.02.11 11:15, Terry. wrote:
depends on what is empty
On 02/12/2011 02:04 PM, Matus UHLAR - fantomas wrote:
2011/2/12 Matus UHLAR - fantomasuh...@fantomas.sk:
Is it possible to add additional zones as empty?
On 12.02.11 14:25, Doug Barton wrote:
What it sounds like you're trying to do is to define additional zones in
a manner similar to what
2011/2/12 Matus UHLAR - fantomas uh...@fantomas.sk:
Is it possible to add additional zones as empty?
On 12.02.11 11:15, Terry. wrote:
depends on what is empty.
exactly the same what is used by disable-empty-zones option.
I'd like to have opposite option.
--
Matus UHLAR - fantomas, uh
. hostmaster.sk-nic.sk. 2011020956 28800 7200 360
86400
I'd really like to know where these came from.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
Hello,
Is it possible to add additional zones as empty?
Is that a planned feature?
I have many manually configured zones that are not empty by default in BIND.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
NOT CNAME a domain delegated from anywhere. you only could do it in .com
domain, instead of delegating it anywhere, including NS records that are in
.com for getaroomgetadeal.com.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
these and type forward zones?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use
, only its signature
may appear on it...
the server that returns multiple cnames is broken.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux
place.
If I'm right, this is not possible with type static-stub zones.
I wonder, what are expected usages for this kinds of zones?
Maybe blacklists, if we have local mirrors and traffic so high that we'd get
blocked imediately?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
server and 10.4.1.6 would tell you more.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Microsoft dick is soft to do no harm
on the
master. The slave needs take some time to fetch the zone and update it...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM
-traff is the hard way IMO.
I'd ask myself if you really need that much views, or views at all.
However, setting up keys coule wease the way a bit.
(I don't object against rsync, I'm just lazy and prefer way that is least
complicated)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
run rndc reload and bind will reload all zones (actually, it will
check files' timestamps and reload only files that have changed).
note that for rsync replication there's no real master and slave.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
, better point NS to correct nameservers in both delegation and zone
itself.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
BSE = Mad Cow
to include in
the script you want to write.
On 07.01.11 17:48, p...@mail.nsbeta.info wrote:
Looks nice. Thanks alot.
And I will continue to write a perl/ruby script for checking my DNS
servers.
are you sure you need all of this?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
when replying, which results into
multiple copies being sent here...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Quantum mechanics
the error that the DNS record allready exists. What is the
solution?
why is it shutting down?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu
Hello,
pardon my ignorance if this has been discussed (haven't notice), but
if BIND is configured to automatically sign dynamic zones, does it
distribute DS records to parent zones somehow? and if not, what are ways to
do that?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
In message 20101209220716.ga2...@fantomas.sk, Matus UHLAR - fantomas writes:
pardon my ignorance if this has been discussed (haven't notice), but
if BIND is configured to automatically sign dynamic zones, does it
distribute DS records to parent zones somehow? and if not, what are ways
In message 20101209222644.ga2...@fantomas.sk, Matus UHLAR - fantomas writes:
Is it possible(planned) for bind to sign slave zone?
On 10.12.10 09:41, Mark Andrews wrote:
The master signs the zone. The slaves just serve it.
The master still loads the zone somehow, from a file probably
(even
On 09.12.10 23:45, fakessh @ wrote:
webmin implement the mecanism of resign zones
good to know, but our system fille DNS data using some automatic processes
from more sources and I don't think they should use webmin for that ;)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
, the TTL is set to value of SOA
minimum, which is 300 in this case.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets
will not fetch glue records from abc.com.
And in fact, since games.abc.com is authoritative for games.abc.com (of
course... those in abc.com are JUST GLUE), there are probably no NS records
for games.abc.com.
get nothing.
try dig any games.abc.com @ns1.example.com
--
Matus UHLAR - fantomas, uh
.
Simply: don't do it.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics are made up on the spot
put it away from resolv.conf.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta test site
On 17.11.10 11:10, Moore, Mark A. wrote:
nslookup www.cnn.com
;; Got SERVFAIL reply from 192.243.160.18, trying next server
On 11/18/2010 5:16 AM, Matus UHLAR - fantomas wrote:
This server apparently does not provide recursion for you.
On 18.11.10 12:44, Kevin Darcy wrote:
The OP already
this?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have
In message 20101112135657.gb22...@fantomas.sk, Matus UHLAR - fantomas
writes:
On 29.10.10 12:49, Mark Andrews wrote:
And they can do a SMTP level rejection rather than waiting for the
sending server to abandon sending the email due to multiple timeouts.
Just return 550 for all mail
internet can do that, but on your
server you can either run recursive grep over named data directory, or dump
the named dsatabase and grep it...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na
in the
4TH edition but searching for something whose nomenclature is
uncertain is really hit and miss.
print-category yes;
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
means group bind and group-read privileges.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The early bird may get the worm, but the second
misconfigured server.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I drive way too fast to worry about cholesterol
...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam = (S)tupid (P)eople's (A)dvertising (M)ethod
use
/etc/hosts, while host/dig query DNS server directly...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Eagles may soar, but weasels
list.
This is NOT something BIND (or any DNS server) should do. Blocking web sites
is business for web proxies, firewalls etc. Doing this stuff at DNS level
could lead to many surprises.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
On 05.10.10 23:24, Phan Quoc Hien wrote:
Thank for your respond. I find for testing purpuse only.
like, testing how DNSSEC validation fails for such names?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address
must also have same NS records
in the parent zone, together with A records if NS point to the zone.
They are called glue records and are required for DNS traversal.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address
anything that short-lived, the whole DNS
architecture is based on cachind.
Are you doing any kind of DNS-based load balancing?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
On 29.09.10 10:43, Jonathan Petersson wrote:
I did some benchmarking on this about 1.5 yrs ago, here's a graph
representing the results: http://sedoss.com/bind.png
on how many processors was this ran?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
.
that there are no negative consequences for the client or the client
software to connect to the wrong address if the preferred one happens to
be unavailable.
if there are negative cinsequencies of something like that, you/we need load
balancing, failover switching etc.
--
Matus UHLAR - fantomas, uh
On 23.09.10 20:32, Bèrto ëd Sèra wrote:
Thanks for the answer :) Well, this is web-server, there is no such thing as
an internal user or network, let alone 127.0.0.1 (which is definitely in
internal only).
why do you use views then? I guess there's no need for it...
--
Matus UHLAR
.
in order to preserve simplicity I tend to remove proposed configurations and
use my own for bind, apache and some other software packages.
Those proposed configurations are usually for the very general cases
that don't exist anywhere.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
will it take for /48 (2^80 = 1208925819614629174706176) in ipv6
environment? :)
Attackers can gain a lot of info from this;
Correct
at present, yes. with ipv6, they will rely much more on DNS or other public
informations.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning
how big the TTL is.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam is for losers who can't get business any other way
time period) until I performed a hard
restart of named.
maybe journal for IXFR queries?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu
for DNSKEY records), see
https://lists.dns-oarc.net/pipermail/dns-operations/2009-June/thread.html#4018
well, the issue was with zero TTL coming from SOA, so the non-zero really is
common, a norm, or do I misunderstand you?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I
*maint.rameshops5526old.com A*
what do you want? What problem do you have?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool
wihcih is correct bind or my resolver?
yes.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest
slaves, they _must_ fetch the zone from one
of your servers, your public slaves if not the hidden master. So they can
send notifies.
And in fact there's nothing bad in your hidden master sending the notifies
to all NSs...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved
IN CNAME dns2.rhul.ac.uk.
dns1.rhbnc.ac.uk. 86400 IN CNAME dns3.rhul.ac.uk.
Is this still the case (that NS-CNAME is invalid)?
yes.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie
they should not point any services they provide to internal addresses
(until they assign private addresses to their clients which becomes quite
common), it doesn't have to cause troubles, Even if it is kind of
information leak.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
is another one.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I drive way too fast to worry about cholesterol
servers are all set to 172800
seconds (48 hours), so no matter how low the TTL is it can still take up to
48 hours to correct a problem if it involves redelegation, right?
correct.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
BOFHish, it works.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
They say when you play that M$ CD backward you can hear satanic messages
On 01.08.10 13:02, Rick Dicaire wrote:
I've seen no mention of this, but is it possible to implement dnssec
while using one of dlz or sdb backends that contain zone data?
You apparently mean if it's possible to use BIND's autosigning feature(s).
--
Matus UHLAR - fantomas, uh...@fantomas.sk
On 10.06.10 09:34, Matus UHLAR - fantomas wrote:
Jun 9 23:11:58 mydb02 named[1427]: general: error: zone ./IN:
ixfr-from-differences: failed: new serial (2010060900) out of range
[2010060901 - 4157544547]
In message 20100625060415.ga18...@fantomas.sk, Matus UHLAR
second?
deep parsing of e-mail headers by spam filtering software, I guess.
Apparently because of your fake ssmtp header.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
Am 2010-07-29 14:12:54, hacktest Du folgendes herunter:
On 28.07.10 23:24, Michelle Konzack wrote:
But why do they query my server 3 times per second?
Hello Matus UHLAR - fantomas,
deep parsing of e-mail headers by spam filtering software, I guess.
On 29.07.10 19:16, Michelle Konzack
views as well?
in that case, I think you can use the same filename, but (afaik) bind won't
detect change when reloading, so you will have to reload zones for all
views independently.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
the root servers even though
the hints zone is set up correctly.
recursion is not allowed for you. In such case, you can't resolve foreign
zones and even hint zone.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
On 09.07.10 15:08, rams wrote:
What is the cname chains limit ?
the logical limit is 1. The technical limit usually depends on how big
packet can your (stub) resolver accept.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
+trace
On Thu, 2010-07-08 at 10:37 +0200, Matus UHLAR - fantomas wrote:
Combining +trace and @server is useless, either you want to trace, or you
want to query specified server.
On 08.07.10 09:00, Kebba Foon wrote:
I dont want to query a specific server, this is my cache server that i
If you
independently and also make sure both views will reload the zone.
I think you can for example configure one view as slave of the other view, with
sending notifies from master to slave and using no zone file for the slave
part.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
-compatibility support that may
be required.
Please do not hesitate to contact me with any questions or concerns.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
On 10.06.10 09:34, Matus UHLAR - fantomas wrote:
Jun 9 23:11:58 mydb02 named[1427]: general: error: zone ./IN:
ixfr-from-differences: failed: new serial (2010060900) out of range
[2010060901 - 4157544547]
In message 20100625060415.ga18...@fantomas.sk, Matus UHLAR
Another attempt.
We get these quite often. Any idea where could be the problem?
On 10.06.10 09:34, Matus UHLAR - fantomas wrote:
I run slaves for root zone on two machines, they behave as one of masters
for each other and for all our resurcive servers providing ixfr
(I work for an ISP so I
in question is running bind 9.2.1.
There is your problem. You should upgrade to at least 9.4.
If you want better answer, you must provide more information than just the
firsst one.
And, please, configure your mailer to wrap lines below 80 characters per
line. 72 to 75 is usually OK.
--
Matus UHLAR
On 10.06.10 09:34, Matus UHLAR - fantomas wrote:
Jun 9 23:11:58 mydb02 named[1427]: general: error: zone ./IN:
ixfr-from-differences: failed: new serial (2010060900) out of range
[2010060901 - 4157544547]
In message 20100625060415.ga18...@fantomas.sk, Matus UHLAR - fantomas
the response. Do you have a NAT
that does DPI?
No firewall, DPI, NAT or any form of filtering involved on our side,
direct peering with GLBX.
did you try to recheck? What's your MTU?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
describes it nicely. If you need comments, just ask (here), but,
please: AFTER reading it.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu
expected that BIND should be quiet if the SOA on master is smaller.
However this looks like BIND notices higher serial on one of masters, but
then tried to fetch from different master where the SOA hasn't changed yet.
Is ther an bug/issue with multiple masters configuration?
--
Matus UHLAR - fantomas
/reserved: Too many open files
yes - there is, in security updates:
Version: 1:9.6.ESV.R1+dfsg-0+lenny1
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
productively.
On 13.05.10 10:26, Mark Andrews wrote:
rndc flushnamespace / rndc flushname -recurse would have to
walk the tree and remove each entry. This can be time consuming.
is this planned feature or does it already work somewhere?
--
Matus UHLAR - fantomas, uh...@fantomas.sk
and
authority is returned if it's known and configured.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer
the slave?
does:
dig axfr mydomain.com.cn @10.69.3.1 work?
does the master send NOTIFY to slave? is the slave listed as NS for the
domain? What are the SOA values fot refresh and retry?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
for
anything@mx2.chain.td3497.com. will go to 1.2.3.4
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just
in a single response from
the server.
it's pobbible but should be avoided.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Eagles may
file?
and there is nothing in the bind log files?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Due to unexpected conditions Windows
for a restart. I will post that once
obtained.
might be a memory problem.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows 2000: 640 MB
In article mailman.974.1269852204.21153.bind-us...@lists.isc.org,
Matus UHLAR - fantomas uh...@fantomas.sk wrote:
on one of my nameservers I see many of these messages in log files:
Mar 29 07:59:07 gtssk1 named[5012]: security: error: client
195.168.29.200#65293: view gtsi: check
UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.
___
bind-users
On 12.04.10 10:24, Michelle Konzack wrote:
Hello Matus UHLAR - fantomas,
Am 2010-04-12 09:52:03, hacktest Du folgendes herunter:
allow-access in zone statement.
sorry, I've meant allow-query.
[ STDIN ]---
Apr 12 10:16:48 samba3
701 - 800 of 924 matches
Mail list logo