Re: Separate DNS slaves as internal and external

2018-03-22 Thread McDonald, Daniel (Dan)
I've hidden those sort of things using response policy zones. On 3/19/18, 6:34 AM, "bind-users on behalf of King, Harold Clyde (Hal)" wrote: I have DNS slaves for internal and external entities. I don't know how to work the NS

Re: dkim cname records replication

2017-05-22 Thread McDonald, Daniel (Dan)
M does no use A, or MX records at these names. This is also why SRV uses records with underscore prefixes. Mark > Get Outlook for iOS > > > > On Mon, May 22, 2017 at 8:45 PM -0500, "Mark Andrews" > > wrote: > > > > In message , "McDonald,

Re: dkim cname records replication

2017-05-22 Thread McDonald, Daniel (Dan)
kef> On Mon, May 22, 2017 at 8:45 PM -0500, "Mark Andrews" <ma...@isc.org<mailto:ma...@isc.org>> wrote: In message , "McDonald, Daniel (Dan)" writes: > You need to add check-names ignore; to the zone definition when dealing > with active directory. That ign

Re: dkim cname records replication

2017-05-22 Thread McDonald, Daniel (Dan)
You need to add “check-names ignore; “ to the zone definition when dealing with active directory. That ignores the invalid underscore character. From: bind-users on behalf of Vidal Garza Date: Monday, May 22, 2017 at 10:31 To: Bind

global server load balancing with the domain name

2017-04-14 Thread McDonald, Daniel (Dan)
Setting up global server load balancing seems easy enough – just add ns records pointing at the load balancer and away you go: example.com. 38400INSOAns20.example.net. dan\.mcdonald.example.com. 2017011107 10800 3600 604800 3600 example.com. 38400IN

Re: Difference between delegation and forward zone

2017-03-06 Thread McDonald, Daniel (Dan)
Yes, you can forward to a subdomain. Just define it as a separate zone and include the forwarders and forward-only lines. I believe you need allow-query-cache for this to work. Delegated zones don’t necessarily need to respond with SOA and NS records. Many load balancers use delegated zones

Re: defines ip to acl

2016-10-17 Thread McDonald, Daniel (Dan)
Acls don’t support ranges, only prefixes. You don’t want the whole /24. I think you want: acl net1 {192.168.1.0/26; 192.168.1.64/27; 192.168.1.96/30; } acl net2 {192.168.1.100/30; 192.168.104/29; 192.168.1.112/28; 192.168.1.128/26; 192.168.1.192/29; } On 2016-10-17, 13:41, "bind-users on

Re: Load balancer for Bind

2016-09-14 Thread McDonald, Daniel (Dan)
I’ve had great success using A10networks Thunder series and AX series for load balancing dns servers, performing GSLB, and for setting up anycast addresses for dns. On 2016-09-14, 11:18, "bind-users on behalf of Job"

Re: Reducing memory usage by using db storage - performance?

2016-03-24 Thread McDonald, Daniel (Dan)
> On Mar 24, 2016, at 6:28 AM, MURTARI, JOHN wrote: > > Folks, > Recently been looking at servers that host almost 200K ARPA > zones and load about 80 million resource records. They run on good hardware > and take only a few minutes to load the zones on a

Re: monitoring/graphing/tracking named queries

2015-11-13 Thread McDonald, Daniel (Dan)
On 11/13/15, 4:46 PM, "bind-users-boun...@lists.isc.org on behalf of Frank Even" wrote: >What does everyone do for monitoring their DNS traffic, if anything? We feed the query-logs into splunk, so they can be correlated