On May 13, 2022, at 19.10, Felicia P wrote:
>
> Hello, I see that ISC updated terminology for BIND9 to use primary/secondary
> in addition to the original master/slave which many projects have been
> deprecating.
>
> In the context of BIND9, it seems that 'primary/secondary' is less clear
use unnecessary delays, increase code complexity,
>and prevent deployment of new DNS features. See
>https://dnsflagday.net for further details. [GL #150]
>
> BIND 9.14.0 is the first non development version with this behaviour.
>
> Mark
>
>> On 18 Apr 2020,
hi-
i'm seeing what i'm wondering if is a lot of "lame-servers: info: no valid
RRSIG resolving ..." messages in the logs [on average ~500 messages per day].
a small snippet:
15-Apr-2020 18:11:46.057 lame-servers: info: no valid RRSIG resolving
'jwplayer.com/DS/IN': 192.5.6.30#53
15-Apr-2020
hi-
i have an environment which over time has managed to accumulate various
"internal" zones [in this specific case, "foo.local"]. eventually, these zones
will be phased out, but unfortunately in the interim, i'm stuck with this. i'm
attempting to configure them as static-stub zones:
zone
On 6/27/17 12:13 PM, Michael W. Fleming wrote:
We're setting up a wireless printing service that uses
Zeroconf/bonjour/rendevouz dns entries. The product, Presto, has it's
own dns server for a private, on-campus only zone (presto.). We're
running bind 9.9 with a master server, three slaves and
On 2016.01.20 12.12, MURTARI, JOHN wrote:
Folks,
Had to do some testing where we wanted our own
insulated fake root environment. We wanted to start from simulated root
name servers. I was surprised I couldn’t find a complete example even
after some extensive searches.
hi-
i'm having a problem where notifies are not sent unless also-notify is used to
explicitly specify hosts.
here is the config from the computer serving the master zone:
named-checkconf -p
options {
bindkeys-file /etc/bind/keys/dnssec/bind.keys;
blackhole {
On Mar 29, 2015, at 18.09, Mark Andrews ma...@isc.org wrote:
The nameserver needs to be able to resolve the hostname of the
secondary itself, it does not use the servers listed in resolv.conf.
aha, that was the clue i needed, thanks.
-ben
___
hi-
in the arm, it says dnssec-enable: Enable DNSSEC support in named. Unless set
to yes, named behaves as if it does not support DNSSEC.. behaves as if it
does not support DNSSEC seemed quite unequivocal to me, so i interpreted this
to mean that if dnssec-enable no; is set, no dnssec
On 2013.08.22 00.39, Manish Rane wrote:
Well the main idea behind and have been struggling to configure for
almost last one year is to have a open source alternative to DNS
Based failover/System monitoring thus have inbound loadbalancer.
i guess it's worth noting, since i don't believe it's
On Jul 15, 2013, at 04.56, Grace Ingabire grac...@ricta.org.rw wrote:
Dear Team,
I have an issue where by my slave machine does not create/update new zones
while pulling zones from the master.
Nod2.ricta.org.rw is configured as my master, see result run from my
slave(ns1……)
dig
On Jul 12, 2013, at 09.14, sumsum 2000 sum2h...@gmail.com wrote:
Along the same lines as that of ipv4 address:
i have the following zone file configuration for reverse lookup:
Goal: 192.168.100.128/26 to be directed to 10.213.246.15
In this, the network part it 192.168.100.128 and
On 2013.07.09 03.18, sumsum 2000 wrote:
What I am trying to achieve is this:
I am using BIND9 only for forwarding DNS requests to other DNS Servers.
I want the entire hosts in the
network : 173.252.110.0
with the host range: 173.252.110.1 - 173.252.110.254
with a total 254 addresses to be
On 2013.06.05 10.02, Bryan Harris wrote:
Hi all,
I think I may be confused about a very basic DNS concept. Sorry if this has
been asked before.
1. I have a master and two slaves.
2. The master server is the SOA for my zone. The SOA record points to the
master server.
3. Each of the
On May 10, 2013, at 01.18, Dave Warren da...@hireahit.com wrote:
On 2013-05-08 11:13, btb wrote:
it's also mildly humorous that they used to quite religiously endorse
.local, in some documents even categorizing use of the same domain name on
an internal and external network as a security
On May 8, 2013, at 10.56, Jeremy P jpcra...@gmail.com wrote:
I am building a lab environment where there are several separate domains, all
of them ending in .local
on a side note, i would strongly discourage you from using .local in dns.
.local is a pseudo tld, reserved for use with mdns.
On 2013.05.08 13.20, Steven Carr wrote:
On 8 May 2013 18:09, wbr...@e1b.org wrote:
This just came up with a site I support. Thanks to this list and the
DNS-OARC list, I know better. Hopefully, I can redirect them to use
something below their real domain for Active Directory such as
On 2013.05.08 13.33, Jeremy P wrote:
I understand letter of the law, spirit of the law and playing it safe to
avoid headaches.
However, there are times where registering a real domain just isn't
practical. For example, I'm not going to ask all of the students in my
courses to go out and
On Mar 18, 2013, at 23.04, Gerry Reno gr...@verizon.net wrote:
On 03/18/2013 10:25 PM, b...@bitrate.net wrote:
On Mar 18, 2013, at 20.27, Gerry Reno gr...@verizon.net wrote:
Using BIND 9.8.2
When you setup Samba 4 AD DC using BIND9_DLZ and your domain has external
servers (eg: www,mail)
On Mar 19, 2013, at 20.30, Gerry Reno gr...@verizon.net wrote:
On 03/19/2013 08:10 PM, b...@bitrate.net wrote:
On Mar 18, 2013, at 23.04, Gerry Reno gr...@verizon.net wrote:
On 03/18/2013 10:25 PM, b...@bitrate.net wrote:
On Mar 18, 2013, at 20.27, Gerry Reno gr...@verizon.net wrote:
On Mar 18, 2013, at 20.27, Gerry Reno gr...@verizon.net wrote:
Using BIND 9.8.2
When you setup Samba 4 AD DC using BIND9_DLZ and your domain has external
servers (eg: www,mail) at external providers
this means that the ISP and the internal network nameservers will both have
SOA record
forwarders {
208.67.220.220;
208.67.222.222;
8.8.8.8;
};
on a semi-related note, i'd encourage you to not use forwarders. bind is
perfectly happy to lookup and cache any data necessary on its own.
-ben
On Feb 18, 2013, at 15.32, Robert Moskowitz r...@htt-consult.com wrote:
Delving further into my challenges.
Right now I use Network Solutions as my registrar. Just never changes as
they were the only show in town back then.
But they don't seem to support DNSSEC protected domains, and
On 2012.11.15 10.14, Novosielski, Ryan wrote:
Failing to operate a private TLD correctly is causing internal
data leaking to the Internet, which could be a security risk but in
all cases is a burden on the root server system.
Not that I think that I'm doing this (and as I'd said, the only
On 2012.11.15 11.39, Novosielski, Ryan wrote:
Great, thanks, sounds like I'm covered then (I have BIND running
authoritative for my zone on the firewall/NAT machine only accepting
queries from my local 1918 addresses) and DHCP providing its address
as the nameserver.
be sure that bind is also
On 2012.11.14 10.02, King, Harold Clyde (Hal) wrote:
I'm a bit confused by a user request. I think he is trying to keep some
hosts on the private side of DNS, but he wants to use a DNS name like
host.sub.local. I do not know of the use of the .local TLD except in
bonjure. Can anyone shed some
On Oct 19, 2012, at 13.27, Phil Mayers wrote:
Nicholas F Miller nicholas.mil...@colorado.edu wrote:
DDNS record scavenging is the only feature I'm aware of that MS DNS has
that Bind doesn't . On the flip side, ISC Bind can ACL who can add
certain record types to a dynamic zone using
On Aug 17, 2012, at 22.02, Michael Hoskins (michoski) wrote:
-Original Message-
From: Jeff Justice listacco...@starionline.com
Date: Friday, August 17, 2012 6:10 PM
To: bind-users@lists.isc.org bind-users@lists.isc.org
Subject: Re: Version statement...
Okay, here's what I know:
On 07/06/2012 06:30 AM, Tony Finch wrote:
Gaurav Kansal gaurav.kan...@nic.in wrote:
Somewhere I heard that one of the Root Servers allows you to take a zone
copy of that, so that if you want to look and feel about Root DNS
servers, you can do so.
Is it true? If yes then can anyone please
On 07/01/2012 02:42 PM, J P wrote:
Hello all!
I understand RFC compliant DNS servers use AXFR and IXFR for synching
bewteen masters and slaves... and that this is the general scenario for
that purpose.
However, I need somebody to technically explain to me why cant I use a
DNS resolver daemon
On 2012.05.02 13.01, David wrote:
Hello All,
I am new here but have been watching the list for a while.
I run a small WISP and we have just moved to a new carrier.
They have provided us with a cdir ipv4 block of /22 and a /23.
I am trying to get my reverse DNS working correctly but they will
On May 02, 2012, at 14.41, David wrote:
so far they are telling me that their systems require the forwards.
I think they have it backwards..
please keep replies on the list.
yes, it certainly seems so. if you indeed have been assigned a /22 and a /23,
then a number of things should happen
On May 02, 2012, at 18.41, Paul Marais wrote:
So it looks like I just need to make postfix use a longer timeout perhaps.
or, you could just not use your isp's nameservers, and let bind do what it
does. it's unlikely that your isp's nameservers are doing you great favors, if
any at all.
33 matches
Mail list logo