/pipermail/bind-users/2007-February/065751.html
Good to know that the resolver handles this nowadays.
John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
Google search for 'bind resolver source
address bug' didn't yield much.
John
--
John Miller
Systems Engineer
Brandeis University
781-736-4619
johnm...@brandeis.edu
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
Thanks to all that replied. I think the solution I want to pursue is to
integrate AD 2012 DNS with BIND. Talk about bleeding edge huh??
From: Tony Finch d...@dotat.at
To: Marc Lampo marc.la...@eurid.eu
Cc: John Williams john.1...@yahoo.com; bind-users
will
not allow that. That would be ideal though.
Thanks,
JT
From: Marc Lampo marc.la...@eurid.eu
To: 'John Williams' john.1...@yahoo.com; bind-users@lists.isc.org
Sent: Friday, June 29, 2012 3:07 AM
Subject: RE: BIND, DNSSEC AD
Hello,
(not a Bind related
I have an environment that hosts a BIND based internet facing domain, call it
abc.com. I also have an internal Active Directory instance that hosts a MS
based DNS instance called abc.com as well. Everything works fine until we
decided to implement DNSSEC on Active Directory.
Here is my
We've just resolved this amicably--I'd missed the
commercial.service@rcn.comaddress, but was contacted off-list by one
of RCN's engineers, who read
this thread and has removed our domain from their nameservers. He was
quite helpful. No cease-and-desist letter needed--not by a long shot!
John
answering queries for brandeis.edu.
As others have mentioned, change your DNS servers with your domain
registrar, and you'll be fine.
John
On 06/18/2012 11:49 AM, Alexander Gurvitz wrote:
Can someone enlighten me on the following scenario
(I guess it's explained somewhere, but can't find
Will bind run on VMware?
Yes, if the guest operating system supports it.
Of more interest to me is: are there limitations?
Types of configs or workloads that should
not be run under VMware?
John
P.S. Aps are sometimes distributed bundled with an OS,
i.e., forming a package that does run
Is there a command for bind that will list all Options default names and
settings in named.conf?
Might be helpful in understanding why bind is acting a certin way.
Thanks
John Manson
CAO/HIR/NI Data-Communications | U.S. House of Representatives | Washington, DC
20515
Desk: 202-226-4244
Will bind run on VMware?
John Manson
CAO/HIR/NI Data-Communications | U.S. House of Representatives | Washington, DC
20515
Desk: 202-226-4244 | Team: 202-225-5552 | john.man...@mail.house.gov
___
Please visit https://lists.isc.org/mailman/listinfo
defaults for 'view' and 'zone'.
Thanks
-Original Message-
From: Evan Hunt [mailto:e...@isc.org]
Sent: Tuesday, June 05, 2012 3:04 PM
To: Mike Hoskins
Cc: Manson, John; 'bind-users@lists.isc.org'
Subject: Re: Default Options
Is there a command for bind that will list all Options default names
In theory, you would use views to serve up different data to subnets. For
example, you may want to show your internal clients one set of IP addresses
while the external world see's a subset of that data. That is a perfect
utilization of views.
You may want to setup different instances of
How can I find out which Unix files/libraries bind requires before I do the
compile?
Thanks
John Manson
CAO/HIR/NI Data-Communications | U.S. House of Representatives | Washington, DC
20515
Desk: 202-226-4244 | Team: 202-225-5552 | john.man...@mail.house.gov
Yes
It would help if you could add the version of each listed below.
What are the 'few others?
Thanks
-Original Message-
From: Dennis Clarke [mailto:dcla...@blastwave.org]
Sent: Tuesday, May 22, 2012 12:14 PM
To: Manson, John
Cc: 'bind-users@lists.isc.org'
Subject: Re: Bind9.9.1
for that zone?
We are also looking at the app rsync for db transfers so we will have mirrored
masters, IP traffic separated by routers.
Thanks
https://help.ubuntu.com/8.04/serverguide/dns-configuration.html
John Manson
CAO/HIR/NI/Data-Communications
U.S. House of Representatives
Desk: 202-226-4244
the flipping of masters which requires intelligent scripting to make it
failure resistant.
It would be nice if bind natively supported the concept. However, until
such time, manual / scripting means are needed.
On 05/11/2012 11:27 AM, wbr...@e1b.org wrote:
John wrote on 05/11/2012 11:05:58 AM
If that's an exact copy of your record, I'm going to also assume that
the ORIGIN at the time of the record is toto.be. As such, the
resulting record becomes:
www.toto.be.toto.be. 86400 IN CNAME www.titi.be.toto.be.
Note that trailing '.'s are required to prevent the automatic addition
of
s6 is a subdomain of the parent domain. Unless otherwise specified,
subdomains are mastered (NS'd) by the parent (or extended parent domain)
containing NS records. As such, because you didn't put any NS records
in the zone file for s6, it follows the NS records of the parent which
happen to
Hi Samad,
It's entirely possible to roll out a parallel BIND installation. We're
doing something similar at Brandeis right now--a mix of BIND and
PowerDNS servers. I take it that your current BIND setup is purely
authoritative? Or is it also handling recursive requests?
John
On 05/03
.in-addr.arpa
from you, instead of just delegating all of the /24 blocks to your servers.
regards
john
[1]also suggested as we get Refused for the following
dig NS admin.windstream.net. @NS1-AUTH.WINDSTREAM.NET.
___
Please visit https://lists.isc.org
I've noticed the support in ARM for specifying both the forward and
forwarders configuration in a zone stanza for slave zones. What is
the purpose and value of specifying such? It seems contradictory and
confusing.
-- John
___
Please visit https
is an addendum to the BIND 9.5 ARM.
Thanks
John Manson
CAO/HIR/NI Data-Communications | U.S. House of Representatives | Washington, DC
20515
Desk: 202-226-4244 | Team: 202-225-5552 | john.man...@mail.house.gov
___
Please visit https://lists.isc.org/mailman
What I would like to have happen is for the IPv6 () query
for evil-domain.com to return no data, but for the IPv4 (A)
query for evil-domain.com to return CNAME our-walled-garden.
Is this possible? If so, how?
Thanks,
John
___
Please visit https
are ghosts (new different ghost names
could, of course, be created).Is this correct?
Thanks,
John
---
John Hascall, j...@iastate.edu
Team Lead, NIADS (Network Infrastructure, Authentication Directory Services)
IT Services
' will do the same.
Thanks - we're doing a nightly restart for other reasons.
John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman
You copied over the zone files. However, the bind 9 server is
responding with NXDOMAIN. It appears to me that the server does not
believe it is authoritative for the zone. Verify that the server indeed
believes it is (look at the logs on startup). Take a look at your named
configuration to
Hi guys,
I've looked hard but can't find any reference to using wildcards inside
an include directive. Does this feature exist in 9?
I've found this setup quite useful for other services like Apache etc.
What I want to do is be able to configure multiple zones by something
like:
include
Hi Mark,
On Tue, Jan 24, 2012 at 07:48:25PM +1100, Mark Andrews wrote:
Named supports adding and removing zones via rndc.
rndc addzone
rndc delzone
Thanks for the pointer. I didn't know about the rndc commands (the man
pages say nothing). However, looking at the online
Hi SM,
On Tue, Jan 24, 2012 at 12:55:25AM -0800, SM wrote:
At 00:29 24-01-2012, Alfie John wrote:
I've looked hard but can't find any reference to using wildcards inside
an include directive. Does this feature exist in 9?
http://ftp.isc.org/isc/bind9/cur/9.8/doc/arm/Bv9ARM.ch06.html
Hi Jan-Piet,
On Tue, Jan 24, 2012 at 09:58:49AM +0100, Jan-Piet Mens wrote:
What you could do though is to create the content of the file you're
including, which ought to solve your problem.
cd /var/path
ls /etc/bind/sites-enabled.include
And then in named.conf [ include
to implement
policy, e.g.
to make it less likely to reach known phishing sites.
John Wobus
Cornell
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https
with your
diagnosis.
John Wobus
Cornell
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
could cause such a different.
John Wobus
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
to accomplish.
John Wobus
Cornell U
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-file-equivalent is arbitrary.
Makes DNSSEC interesting.
It's always helpful to be able to tell your customer yes, we gave
you a CNAME, just like you asked for. We do it even if our competitors
say no!
John Wobus
P.S. Hm, I wonder if a TLD will give me a three part CNAME:
if they've given me
advantages you'd get from running separate
instances.
John Wobus
Cornell University
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https
independent of your
client's dns-related behavior and configuration. It's the one
widely-distributed tool with that property. Such a tool
is invaluable when trying to determine or confirm specific server
behavior.
John Wobus
Cornell U
___
Please visit
also gets an IP of its own.
With the latter solution, depending on the situation, you might
figure out some short cuts. But TSIG looks awfully attractive
in comparison.
The book DNS BIND Cookbook addresses the issue.
John Wobus
Cornell U
___
Please
create a
subsequent, more obscure crash. I assume the fact
that bad data triggered an abort is due to a bug.
That said, in this case they might be changing this
specific abort to a warning, fixing up what state
they can and crossing their fingers.
John
On Nov 16, 2011, at 7:35 AM, David Ford
the port number in zone file A record?
You can't.
nameservice SRV record? :)
John
P.S. I'm fully aware that no DNS record is of any use if
clients don't look it up.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
.
I'm a BIND user who is clamoring to keep such a feature out of BIND.
John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman
to work around such a thing wouldn't be a good strategy.
John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind
On Sep 14, 2011, at 4:35 PM, Ronald F. Guilmette wrote:
Is there a rule that says how a resolver should behave in cases where
there is both an A record and also a CNAME record for the same FQDN?
Which one should take precedence, the A or the CNAME?
RFC 1034, Section 3.6.2: If a CNAME RR is
My company (as many) run Microsoft Active Directory internally and we use BIND
for our Internet DNS presence. We have had our domain singed for some time.
Now I've been tasked to look into Signing our AD implementation. MS has their
own version of DNSSEC for their DNS but my question is
--- On Tue, 8/9/11, Chris Buxton chris.p.bux...@gmail.com wrote:
From: Chris Buxton chris.p.bux...@gmail.com
Subject: Re: DNSSEC and MS AD
To: John Williams john.1...@yahoo.com
Cc: bind-users@lists.isc.org
Date: Tuesday, August 9, 2011, 5:00 PM
On Aug 9, 2011, at 9:13 AM, John
Williams
On 7/28/11 9:43 AM, Stephane Bortzmeyer wrote:
Did you try to obtain an independent confirmation from a reliable
source? (I do not know this product, but I distrust private black
boxes.) I recommend:
NeXpose is a good vulnerability auditor, it is a product by Rapid7 the
owners of metasploit.
not aware of and I'm wrong.
John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
filter retrieves
its data via dns records, that could push up your
query rate and cache size.
John Wobus
On Jun 15, 2011, at 5:52 PM, Mark K. Pettit wrote:
One of the things that got us is we didn't know BIND 8 automatically
created delegation records in a zone at the zone cut
cases?
John Wobus
Cornell University
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Has the newsgroup gateway been switched off or is it just broken? The
most recent post for this newsgroup in Google groups is 15-Feb-2011.
--
John Marshall
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo
everything else to go to 10.10.10.5
*.project A 10.10.10.5
Is this possible?
Thanks,
John
--
John Kennedy
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
That worked. Thanks guys.
John
On Tue, May 24, 2011 at 10:25, Matus UHLAR - fantomas uh...@fantomas.skwrote:
On 24.05.11 09:55, John Kennedy wrote:
I tried to google this but could not hit the right keywords (been a long
week)...
I have 3 hosts on a domain (example.com) like so
happening long before
the expiration, and if the zone is pretty static (e.g. a single
www.example.com address), you don't have to jump very fast to
address things if the expire interval is weeks. If folks are
depending upon records that are dynamic, you want to respond
pretty quickly.
John Wobus
}
==
Regards
John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
From my signed domain when I query www.isc.org (w/ +dnssec) I get the ad flag
as expected. I don't see that flag when I query whitehouse.gov (w/ +dnssec)
and I know that zone is signed.
Is anyone else seeing this behavior? Also, is there a link that addresses
troubleshooting or diagnosing
{ sprintf '%04s',$_; } split /:/,$_; }
split /::/, $addr . '::', 3;
my $hex32 = '0' x 32;
substr( $hex32, 0, length($head) ) = $head;
substr( $hex32, 32, -length($tail) ) = $tail;
join '.', ( reverse split //, $hex32 ), 'ip6.arpa';
};
John
the * A record.
DNS's rules for wildcarding have been known to trip
up a lot of people, so look for a full explanation.
John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
an A record in the zone file, but perhaps my
memory is playing tricks on me.
John W
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
, the
pattern should shift, i.e., it wouldn't always be that this
one IP gets most of the load. If the clients are daemons
that stick to a server for months based upon a single
DNS lookup, then this time might be very long.
If you're dealing with typical web hits, such a scenario
is unlikely.
John
to provide two top-level PTR
domains for IPV6: one for full records, and the other for
subnet-wide wildcards.)
John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Mar 10, 2011, at 4:24 PM, Matt Rae wrote:
Thanks guys, sounds like a solution would be to transfer the zone
files outside of bind. I'll give some of the suggestions a try.
Matt
I can't help but be curious. What problem would be solved by
transferring the zone files outside of bind?
John
just a convenience for abbreviating the
file.
If you need a consistent format for
some purpose, you could use the output
of named-compilezone.
John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
no answering queries.
We did an emergency upgrade to 9.8 so we won't have any
more details about 9.7.3, sorry.
John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
of a server D to
be used only if C is down as well. Address C or D could be configured
to be 0.0.0.0 and configured with no test for up-ness.
(Not that I'm completely happy with 0.0.0.0 or any other address that
local folks could conceivably have figured out some crazy use for.)
John
much.
John Wobus
Cornell
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
How sure are we that 9.7.3 fixes CVE-2011-0414?
Because we are seeing behaviour that looks like CVE-2011-0414
on our 9.7.3 server...
Thanks,
John
---
John Hascall, j...@iastate.edu
Team Lead, NIADS (Network
resolves to something or other. We also have
an incentive to get rid of that app, tell others about its weaknesses,
etc.
John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
To add to the story, I added a rule to our DNS administration
system that we'll only allow hostnames that include
at least one alphabetic.
John
On Feb 4, 2011, at 11:26 AM, John Wobus wrote:
So 10.14.22.11 is a legal hostname, right?
We had a recent experience where our DNS administration
to www.example.com just fine.
John Wobus
Cornell
On Jan 30, 2011, at 7:30 AM, p...@mail.nsbeta.info wrote:
From RFC 1123
One aspect of host name syntax is hereby changed: the
restriction on the first character is relaxed to allow either a
letter or a digit. Host software MUST support
It might not be your bug. It might be other sites.
As was said, bind can log info that would help
explain it.
Or if the number is rising continuously, you can capture a
bunch of dns queries with tcpdump or a similar program
and look over a sample of the rejected queries.
On Jan 18, 2011, at
If I have a Linux host with multiple IP's, is there a way to utilize the DIG
command such that the query appears like it's coming from different IP
addresses?
So If I have 10 virtual IP's, is there a way to control the source IP of the
query?
I've referenced the DIG man page and it doesn't
I'm being told there is an RSA verification failure on the .US domain. I''m
getting details from the following; http://dnsviz.net/d/us/dnssec/ I have a
signed zone under us. How does this affect my domain and other signed zones
under .US?
, RFC 1035.
-- John
On 10/22/2010 8:39 AM, Stephane Bortzmeyer wrote:
On Fri, Oct 22, 2010 at 06:01:22PM +0530,
ramsbrames...@gmail.com wrote
a message of 42 lines which said:
I have a record in BIND as follows:
mxdomain.com. 86400 IN MX 65536 gmail.com.
I don't think you tell us the truth
instead, or it simply leave out that record. RFCs merely say 65535
is the maximum allowed. Specifying what to do when reading a
zone file that exceeds this maximum is one of an infinite
number of possible input errors that RFCs have nothing specific
about.
John Wobus
in a supported
fashion despite that it has been working this way. :)
-- John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Simply set the file option to the same name on the slave server.
On 10/2/2010 2:59 PM, Doug Barton wrote:
On 10/2/2010 11:16 AM, online-reg wrote:
Hi All: I’m building a new Bind 9.7.1-P2 slave server and am taking an
opportunity to review my conf files.
I have a number of zones on the
Doesn't support it? Since when does named not allow you to use the
same file name for more then one zone? I've been doing that for several
years.
-- John Wingenbach
On 10/2/2010 6:49 PM, Mark Andrews wrote:
In message58f2f2eb90f24743a050575c87c7c...@nyoffice.enigmedia.local, online
-reg
NS records must point to an A record. ns1 and ns2 .nsdomain.com do
not have A records defined for them according to the zone file.
-- John
On 10/1/2010 12:14 AM, rams wrote:
Hi,
I have configured records as follows in bind. When we start the bind
9.7, bind is not starting.
But bind
,
and they remain consistent after an update.
Many thanks to people for the replies.
John.
--
John Horne Tel: +44 (0)1752 587287
University of Plymouth, UK Fax: +44 (0)1752 587001
___
bind-users mailing list
bind-users@lists.isc.org
https
for each view it appears in.
As such since this zone is in both the internal and external views, I
would expect the serial number to always be the same.
I am a little confused as to where the difference is coming from. I
assume I am missing something obvious!?
Thanks,
John.
--
John Horne, University
On Thu, 2010-07-08 at 07:34 -0400, Alan Clegg wrote:
On 7/8/2010 7:26 AM, John Horne wrote:
However, when checking the SOA serial number of our reverse zone we are
seeing different values depending on whether we are inside or outside of
the campus. This zone is maintained internally by MS
On Thu, 2010-07-08 at 13:37 +0200, Matus UHLAR - fantomas wrote:
I think you can for example configure one view as slave of the other view,
with
sending notifies from master to slave and using no zone file for the slave
part.
Interesting idea. I will look into that.
Thanks,
John
On Thu, 2010-07-08 at 07:34 -0400, Alan Clegg wrote:
On 7/8/2010 7:26 AM, John Horne wrote:
However, when checking the SOA serial number of our reverse zone we are
seeing different values depending on whether we are inside or outside of
the campus. This zone is maintained internally by MS
.
I used to think my ISP was eating the DNS packets, but now the same
thing is happening over VPN to my workplace, and they're pretty good
about DNS...
Thanks,
John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman
On Sun, 13 Jun 2010, 12:53 -0700, Doug Barton wrote:
On 06/11/10 02:51, John Marshall wrote:
Is there something
else I need to do to nudge BIND in the direction of libgssapi_krb5 in
/usr/local ?
Until now I've never built BIND with gssapi, so I'm prepared to be told
I've missed something
On Wed, 16 Jun 2010, 09:12 +1000, Mark Andrews wrote:
In message slrni1ea5q.10j.j...@rwpc12.mby.riverwillow.net.au, John Marshall
w
rites:
On Tue, 15 Jun 2010 16:52:05 +1000, Mark Andrews wrote:
So what was in config.log? With libgssapi_krb5 you are trying to link
against MIT
$ */
const char *heimdal_long_version = @(#)$Version: Heimdal 1.1.0 (FreeBSD) $;
const char *heimdal_version = Heimdal 1.1.0;
rwsrv05 find /usr/src/kerberos5 -name libgssapi\*
/usr/src/kerberos5/lib/libgssapi_krb5
/usr/src/kerberos5/lib/libgssapi_ntlm
/usr/src/kerberos5/lib/libgssapi_spnego
--
John
to spend my time. It
includes helpful comments about /usr vs /usr/local and KTH vs MIT.
--
John Marshall
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Tue, 15 Jun 2010, 10:31 +1000, Mark Andrews wrote:
On 06/11/10 02:51, John Marshall wrote:
Telling configure --with-openssl=/usr/local does the trick for OpenSSL.
Telling configure --with-gssapi=/usr/local makes all the right kind of
impressions on config.log, but the linker still
.
Thank you.
--
John Marshall
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
with the *.weather.gov
domains?
Thank You,
John Z. Bohach
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
.
John Wobus
Cornell IT
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
.
--
John Marshall
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Tue, 16 Mar 2010 08:14:40 + (UTC), John Marshall wrote:
Client: 192.168.25.71 is querying the PTR record for its own address.
Server: 172.25.24.16 is querying itself for the DS record for the
parent of the zone which the client is querying (Why?).
There is no DS record
On Wed, 17 Mar 2010, 09:03 +1100, Mark Andrews wrote:
In message slrnhpummo.2ter.j...@rwpc12.mby.riverwillow.net.au, John
Marshall
writes:
I don't understand this. If the client needs an answer from
25.168.192.in-addr.arpa. and we are hosting that zone and its parent
zone (both
On Wed, 17 Mar 2010, 11:11 +1100, Mark Andrews wrote:
In message 20100316234500.ga99...@rwpc12.mby.riverwillow.net.au, John
Marshal
l writes:
In message slrnhpummo.2ter.j...@rwpc12.mby.riverwillow.net.au, John
Marsh
all
writes:
If I grant the guest clients access
this bind instance never receives
traffic
from your own private space (e.g. if you aren't even using private
space),
then you could certainly add such filtering to bind's normal access
list.
John
___
bind-users mailing list
bind-users@lists.isc.org
Hi Stace,
Sorry, I didn't think this was necessarily a Solaris problem. I'm running this
on Solaris 10 (SPARC 64bit), built with Sun Studio 12.1. Why did it occur on
OpenSolaris?
Thanks.
-John
From: stacey.marsh...@sun.com [stacey.marsh
to resolve this issue?
Thanks.
-John
--
John Center
Villanova University
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
own database: just load the data on all the
authoritative nameservers instead of one.
But it's either more difficult or impossible if you provide dynamic DNS.
(2) Run scripts periodically to check SOA serial numbers and report if
they are sitting longer than
they should out of synch.
John
601 - 700 of 751 matches
Mail list logo