Hi Vicky,I received one of these and it felt "phishy." Particularly since they
didn't know the "C" in ISC was for "consortium."Thanks for clarifying./John
Original message From: Victoria Risk Update:
This was not the fraud we thought it was
ould, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 6/17/2024 2:32 AM, Michał Kępień wrote:
While I don't have a specific date for you, we plan to do such a
"rollover" again when BIND 9.20.1 or 9.20.2 get
Sorry did not spend too much time thinking about this but if you are checking
DKIM should that be a TXT query instead of an A record?
John
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Thomas
Barth via bind-users
Sent: Friday, May 31, 2024
It doesn't answer your original question, but I suggest looking at the
'algorithm' of that key.
Might it be a hmac-md5 ?
If you 'named-conf -px' does it appear in the list of keys?
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs
Assurance you are actually trying to compile current code.
A statement of what your operating system is.
Actual output of your compile steps.
Actual logged output of your attempt to launch.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs
be hammered into our RPZ ?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds
things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 5/5/2024 8:15 AM, Luca vom Bruch via bind-users wrote:
Hello,
I use bind (stock from alma 9.3) as a nameserver for a webhosting
server
atalog-zones?
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the develo
. Is there a way to narrow it down?
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 4/17/2024 9:21 AM, Ondřej Surý wrote:
Let me guess - you are running on RHEL (without SHA-1 support
08:40:40.323 validating www.dnssec-failed.org/A: no
supported algorithm/digest (dnssec-failed.org/DS)
17-Apr-2024 08:40:40.323 validating www.dnssec-failed.org/A: marking
as answer (proveunsecure (2))
17-Apr-2024 08:40:40.323 validator @0x7fb8722b8e00: dns_validator_destroy
--
Do thing
;; ANSWER SECTION:
www.dnssec-failed.org. 7198 IN A 68.87.109.242
www.dnssec-failed.org. 7198 IN A 69.252.193.191
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(localhost) (UDP)
;; WHEN: Tue Apr 16 15:21:46 AKDT 2024
;; MSG SIZE rcvd: 110
--
--
Do things
. We found what we wanted in the cache of bad
entries)
Can anyone confirm my hypothesis?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman
I can use dig to request a zone transfer:
dig AXFR foo.com
I am unable to find a simple way to craft a NOTIFY message. Can anyone
help me out?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 2/26/2024 7:35 AM, Victoria Risk wrote:
The BIND 9.16 release branch is approaching EOL as of April, 2024. We
encourage users running 9.16
why should my clients be trusting *me* to validate them?
Can someone make a good case to me for continuing to perform DNSSEC
validation on my central resolvers?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
e best way to correct
this?
Or maybe add the un-used RFC 1918 zones to our RPZ?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/
hours were of diminishing value, as
my caffeine wore off and my frustration grew. After a night's sleep, and
a pot of fresh tea I figured it out.
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administra
s from all of the
possible DNS services in the environment. But this is achievable, and
will address the problem (of our own making) which is causing pain.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administra
an NXDOMAIN with
confidence.
And since writing my earlier note, I have re-located the code I think I
stumbled across earlier
Tony Finch's "nsdiff"
https://dotat.at/prog/nsdiff/
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@
, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions
Recommend you turn off DNSSEC validation and see if it starts working.
If it does, then you know the issue is with how DNSSEC is configured on your
server.
John
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Blason R
Sent: Wednesday, August 30, 2023 8:20 AM
To: bind
Huzzah!
Original message From: Greg Choules Please raise
a beverage of choice and celebrate the 25th birthday of BIND9:commit
7ee52cc7d195433bb8f55972e2a8ab29668f7bceDate: Mon Aug 17 22:05:58 1998 +--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
Welp, there I have it. I thought I had until April 2028 :(
Sorry for the noise.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 6/23/2023 12:04 PM, Ondřej Surý wrote
amd64 Packages
500 http://security.ubuntu.com/ubuntu bionic-security/main
amd64 Packages
1:9.11.3+dfsg-1ubuntu1 500
500 http://azure.archive.ubuntu.com/ubuntu bionic/main amd64
Packages
--
Do things because you should, not just because you can.
John Thurston907-465
/+archive/ubuntu/bind I think
it is telling me that 1:9.18.16-1+ubuntu22.04.1+isc+1 should be available.
Has anyone successfully updated to 9.18.16 from this PPA? Can you
suggest what I'm doing wrong today?
--
--
Do things because you should, not just because you can.
John Thurston907-465
view testing without
needing to rip n replace DHCP configs.
John
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Kereszt
Vezeték
Sent: Monday, May 15, 2023 1:58 PM
To: bind-users@lists.isc.org
Subject: host restriction
Hi Everybody
Can someone help me with the following
Were you able to do it with your RPZ?
*
https://learn.microsoft.com/en-us/azure/app-service/environment/create-ilb-ase
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://l
hese tests.
Arguments against:
* Maybe I misunderstand, and such NS records aren't actually benign
Unknown:
* Does the answer change if we want to start signing either zone?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.go
Petr,
Thanks for sharing that tidbit of info. Off the top of your head do you know
if that can be disabled?
John
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Petr
Menšík
Sent: Friday, March 24, 2023 8:32 AM
To: bind-users@lists.isc.org
Keep in mind that SHA1 may not have been included by choice.
If gpo.gov is using Infoblox there is a, what I like to call, Infoblox-ism in
play regarding DNSSEC where even if you choose RSA256 or RSA512 or whatever it
will create a SHA1.
John
-Original Message-
From: bind-users
could be many things but
at least you know your putting them out there. Armed with that info you might
be able to convince the ISP to dig (no pun intended .. okay intended) harder.
Good hunting.
John
Sent from Nine<http://www.9folders.com/>
From: Mike Lie
+XHeB8O8GTLqk7HgfdM8=
) ; KSK; alg = RSASHA256 ; key
id = 46144
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org
s because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid supp
ld, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 2/17/2023 10:46 AM, Ondřej Surý wrote:
Well, the serial number arithmetics is there for a reason - you
usually don’t want to rollback to previous version of the
the other views, would be
uninterrupted.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 2/17/2023 10:23 AM, Ondřej Surý wrote:
*CAUTION:* This email originated fr
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software w
At the risk of stating the obvious .. have you tried 9.16.37 or 9.18.11?
While I am usually down for an off in the weeds hardcore root cause analysis of
problem is nice to get a quick win with a different version.
John
-Original Message-
From: bind-users [mailto:bind-users-boun
al
number, and waiting patiently for the refresh interval to expire before
checking again.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 1/27/2023 1:53 AM, Ondřej Surý wrote:
FTR I am
imilar behavior?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the develop
s because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 1/25/2023 8:36 AM, John Thurston wrote:
Off-list, it was suggested to me that I _could_ handle this in my RPZ,
by enumerating all 255 illegal TLDs (
and ignore the
rest. I think this will get me what I want, at a level of complexity I
can accept.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 1/24/2023 10:26 PM, Greg Cho
urns a SERVFAIL to the customer.
I haven't yet tried, but I don't expect I can define an RPZ to trap such
illegal names. Can I? If I could, it would reduce the traffic to Akamai,
and the number of validations I'm trying to do.
--
--
Do things because you should, not just bec
have my suspicions of what's happening, but not enough information to
form a solid hypothesis or perform tests. I want higher confidence that
I'm recognizing the important lines in the logs before I start casting
stones.
--
Do things because you should, not just because you can.
John Thurston
gning information for wunderkind.co and found
none. That's cool, we didn't expect them to be."
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman
only answers with 421. Or, if you
all are able, you could roll your own SMTP server to answer 421.
Obviously standard do-not-test-in-prod, don’t wing it and hope for the best ..
have a step-by-step playbook disclaimers apply and there is nothing wrong with
a lower TTL of 60 seconds or less to fa
on of BIND?
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 12/7/2022 10:32 AM, Ben Bridges wrote:
The BIND version is 9.16.1 running on a fully patched Ubuntu 20.04.5
server.--
V
for other RR types.”
There may be an updated RFC that states the same thing differently but it is a
well-known DNS rule.
valimail.com’s blackbox might be able to get around it but I would not know for
sure.
John
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Chris
Liesfield
Hi Greg,Great points! I must have forgotten how messy this got :) ./John
Original message From: Greg Choules
Hi John.Yes, you *could* forward and that
was a setup I inherited a good few years ago. The appeal is obvious: it's easy
to do; just chuck queries over there and get
Hi Bob,I've been able to do this with 'forward' zones. The config would go in
the resolver but the files would not./John
Original message From: Bob McDonald I'm
thinking about redesigning an internal DNS environment. To beginwith, all
internal DNS zones would reside on non
s.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 9/6/2022 2:31 PM, Greg Choules via bind-users wrote:
Hi Michael.
Have you tried without the "allow-transfer" state
Sandeep,
Are you all using CISA's Protective DNS? If so, there might be a ruleset that
is causing problems.
If not, and I have not checked, but is DNSSEC for SSA working correctly?
John
Sent from Nine<http://www.9folders.com/>
From: "Bhangui, Sa
Also John .. how SSHA and TLSA be used if the internal zone fails validation?
John
-Original Message-
From: John Franklin [mailto:frank...@sentaidigital.com]
Sent: Monday, August 1, 2022 12:45 PM
To: John W. Blue
Cc: bind-users@lists.isc.org
Subject: Re: DNSSEC signing of an internal
-only zones
authoritatively from their recursive servers”
John
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Mark
Elkins via bind-users
Sent: Monday, August 1, 2022 1:12 PM
To: bind-users@lists.isc.org
Subject: Re: DNSSEC signing of an internal zone gains nothing (unless
Also do not disagree.
However, the intent of the thread is to talk about the lack of an AD flag from
a non-public internal authoritative server. Based upon what I am seeing only
the AA flag is set.
John
-Original Message-
From: John Franklin [mailto:frank...@sentaidigital.com]
Sent
And that is my point .. show me your +dnssec dig against an internal
authoritative server that has AD set.
John
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Grant
Taylor via bind-users
Sent: Monday, August 1, 2022 11:29 AM
To: bind-users
have not tested it yet, I would assume that if a non-authoritative
internal server was queried it would be able to walk the chain of trust and
return AD.
Thoughts?
John
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development
@mail.mil
james.j.decaro3@mail.smil.mil
-Original Message-
From: Michał Kępień
Sent: Monday, May 9, 2022 7:53 AM
To: DeCaro, James John (Jim) CIV DISA FE (USA)
Cc: bind-users@lists.isc.org; Mcallister, Reginald CTR DISA FE (USA)
Subject: Re: [URL Verdict: Neutral][Non-DoD Source] Re
I tried this utility and got the following message: gnutls-cli: command not
found...
Thank you
V/R
Jim DeCaro
-Original Message-
From: Ondřej Surý
Sent: Thursday, April 28, 2022 5:15 PM
Cc: DeCaro, James John (Jim) CIV DISA FE (USA) ;
bind-users@lists.isc.org; Mcallister, Reginald
extras-rpms: [Errno 256] No
more mirrors to try.
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/extras/os/repodata/repomd.xml:
[Errno 14] HTTPS Error 403 - Forbidden
I don't have access to the red hat repos yet.
Is this helpful?
V/R
Jim DeCaro
-Original Message-
From
nd in part to the locally
created repo file for testing. All variations resulted in the same error.
Thank you so much for your input, I will hopefully test it sometime today.
V/R
Jim DeCaro
-Original Message-
From: Michał Kępień
Sent: Thursday, April 28, 2022 4:55 PM
To: DeCaro, James John
Information Systems Agency
☎ 301-225-8180
☎ 301-375-8180
james.j.decaro3@mail.mil
james.j.decaro3@mail.smil.mil
-Original Message-
From: bind-users On Behalf Of DeCaro, James
John (Jim) CIV DISA FE (USA) via bind-users
Sent: Thursday, April 28, 2022 2:29 PM
To: Anand Buddhdev
, James John (Jim) CIV DISA FE (USA) ;
Michal Nowak ; bind-users@lists.isc.org
Subject: Re: [URL Verdict: Neutral][Non-DoD Source] Re: Attempting to configure
an ISC BIND repository on Red Hat Linux 7.9
All active links contained in this email were disabled. Please verify the
identity
identity of the sender, and confirm the authenticity of all links contained
within the message prior to copying and pasting the address to a Web browser.
On 28/04/2022 16:52, DeCaro, James John (Jim) CIV DISA FE (USA) via
bind-users wrote:
> Dnf is not available. Therefore using yum
>
>
james.j.decaro3@mail.mil
james.j.decaro3@mail.smil.mil
-Original Message-
From: Anand Buddhdev
Sent: Thursday, April 28, 2022 11:06 AM
To: DeCaro, James John (Jim) CIV DISA FE (USA) ;
bind-users@lists.isc.org
Cc: Mcallister, Reginald CTR DISA FE (USA)
Subject: [URL Verdict: Neutral
Dnf is not available. Therefore using yum
Linux Red Hat 7.9 virtual machine on VMware, has internet connectivity
Set up local repository in
/etc/yum.repos.d/download.copr.fedorainfracloud.org_results_isc_bind_epel-8-_.repo:
[copr:copr.fedorainfracloud.org:isc:bind]
name=Copr repo for bind
, and bind-dev
Is it reasonable to expect these changes will occur in about the middle
of the month?
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org
r compiled in), then named-checkconf isn't
going to help. To learn those, I think you'll need to query the
operating system for information about the specif process. I'd be
looking at pgrep and ps, but there's probably better ways to do it.
--
Do things because you should, not just because you
On 2/9/2022 2:36 AM, Tony Finch wrote:
John Thurston wrote:
Are we not able to use catalog zones to propagate zone-configuration for
anything other than 'master' zones?
>
It is only for configuring authoritative secondary zones.
That's unfortunate, but thanks for the confirmation
gov' is defined on the primary like so:
zone "ak.gov" {type forward;forward only;forwarders
{ 10..11.12.13; };
};
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of
Check the list archives beginning April 2021 for the thread:
Deprecating BIND 9.18+ on Windows (or making it community improved and
supported)
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
' and 'user' mailing lists. I need to find
and plug this communication hole.)
B) What are the plans for the 'bind-esv' COPR? (Will it soon start
serving 9.16? Do I need to manually switch from 'bind-esv' to 'bind'? Is
COPR dead?)
--
--
Do things because you should, not just because you can.
mail
Am 16.01.22 um 04:47 schrieb John W. Blue via bind-users:
> Lol. I am not going to do that either. Lol.
can you do us all a favor and stop writing useless mails to lists at saturday
night?
that footer is for morons which send messages with "unsubscribe" to mailing
lists
Lol. I am not going to do that either. Lol.
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Reindl
Harald
Sent: Saturday, January 15, 2022 9:44 PM
To: bind-users@lists.isc.org
Subject: Re: your mail
Please visit
anymore.
*shrug*
John
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of G.W.
Haywood via bind-users
Sent: Saturday, January 15, 2022 9:29 AM
To: bind-users@lists.isc.org
Subject: Re: your mail
Please do not top post. Some of us are on the digest list
and one from the server is ideal.
John
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Diego
Garcia
Sent: Saturday, January 15, 2022 7:38 AM
To: bind-users@lists.isc.org
Subject: Re: your mail
hello.
really? my first post have a tcpdump capture packet, dig trace...
On Sat
stupid domains; there must be an explicit 'forward' zone
defined.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
___
Please visit https
Define an explicit forward-zone on the recursive server for
private.dns.com In the zone definition, put the addresses of the
servers which can answer for private.dns.com.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
someone spoofs a well formed UDP query
that does what the above does and you block it, what if the spoofed
source is something you don't want blocked? This doesn't happen often,
but I've seen it happen and people have gotten badly burned by it.
John
_
If you update your resolver to 9.16, I think you can do exactly what you
want with the "validate-execpt" option.
{rolls eyes} been there. done that. for exactly the same reason :/
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
On 11/16/2021 2:41 AM, Tony Finch wrote:
John Thurston wrote:
If I have a Reverse Policy Zone (RPZ) defined, I can define a specific answer
to be sent for a specific record-type for a specific name:
foo.bar.com IN A 10.11.12.13
foo.bar.com IN TXT "Hello World"
But I
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this
On 11/10/2021 6:25 AM, Giddings, Bret wrote:
Is there any other facility for including effectively the same grant
statements within multiple zones?
I am not aware of any
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
some validity checks
into your edit/deploy process.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
___
Please visit https://lists.isc.org
Your using the wrong tools to troubleshoot or investigate this error.
Instead of relying upon resolvers to provide situational awareness you need to
inspect DNSSEC itself using dnsviz.net:
https://dnsviz.net/d/pms.psc.gov/dnssec/
psc.gov is giving the world ID 5089 when they need to handing
ld, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the developm
TXT
records, while letting the current key continue to work.
Is there a way to get the configuration I want? or must I make a
wholesale swap of each md5 key for something newer?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thur
exactly what you are trying to accomplish, I think if you were take
one of those Core2 systems and install PfSense on it you would be very pleased.
John
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Peter
via bind-users
Sent: Thursday, July 22, 2021 2:43 PM
To: bind-users
ase do not feel
obligated to reply outside your normal working hours.
On 6. 7. 2021, at 14:44, MURTARI, JOHN wrote:
Folks, let me add my desire for a quick download dig supporting DoH. It could
really help with some testing, some ready stuff for Ubuntu 18/20,
Redhat/CentOS, could make
Folks, let me add my desire for a quick download dig supporting DoH. It could
really help with some testing, some ready stuff for Ubuntu 18/20,
Redhat/CentOS, could make a lot of people happy. Maybe the libs included and
we set the LD_LIBRARY_PATH, or a 'static' link?
It only takes a 'few
Hello Brett,
Have you seen the webinar videos on ISC's youtube channel?
https://www.youtube.com/user/ISCdotorg/search?query=DNSSEC
I would encourage you to attend them as they are presented. One even had a
VM's for the attendees to practice the information presented and ask questions.
John
provide
a config snippet, I would be very eager to receive it.
Thank you,
John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions
urn
BIND 9.16.17 (Stable Release)
BIND 9.16.18-Ubuntu (Stable Release)
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
___
Please v
ask for "status" without also letting it ask
for "reload" or "flushname".
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
__
for a while I and was hoping for something
a little more elegant.Having said this, your suggestion holds true and is
appreciated!Thanks,John
Original message > From: Tony Finch > You can
sort of do what you want already, by defining> named ACLs. ACLs can refer to
named ACLs
Greetings, I would like to request a new feature which I hope will make
management of the 'allow' match-lists a tad easier.In short, an option such as
'allow-transfer' in view or zone contexts could extend the match-list as
defined in the options section. This would flow from
I'm using the following role, but only for a very simple secondary setup.
ansible-galaxy install bertvv.bind
It's not the fastest, and I'm sure my ansible-foo isn't the best, but it's
working for me so far.
John
Sr. Storage Architect
TOSHIBA AMERICA, INC.
290 Donald Lynch Blvd - Suite 201
arning: When started for the first time, imfile will read the existing
file and start forwarding. If the query log already contains 800MB of
lines, those will all be read in and passed through the parser and
output modules.
--
Do things because you should, not just because you can.
John Thurston907
to madness.
The only thing I can come up with is to activate dnstap, and have some
other process absorbing the data and spewing it directly to the central
syslogd.
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department
as
pretty easy. Had some experience with Puppet in the past. Ansible's use of
simple SSH for access instead of requiring a remote client installed does make
it a lot easier.
Best regards!
John
From: bind-users on behalf of Jan-Piet Mens
via bind-users
mote servers, use just ssh for access. Works
across RHEL, CENTOS, & UBUNTU.
Thanks!
John
---
John Murtari
Orion Inc.
office: 315-944-0998
cell: 315-430-2702
___
Please visit https://lists.isc.org/mailman/listinfo/bi
1 - 100 of 750 matches
Mail list logo