Re: RFC8482: Implementation through HINFO record

for DNSSEC or adding a HINFO record for every name in your zone when offline signing. Mark -- Mark Andrews > On 21 May 2024, at 00:31, Ondřej Surý wrote: > > I would suggest you to create a feature request in our GitLab. This way it > won't get lost > in the tides of time. >

Re: RFC8482: Implementation through HINFO record

set up a resource record of type HINFO so that it is > returned on every ANY request without all the other records in the zone? I'm > looking to implement RFC8482 as Cloudflare can do in the following article: > https://blog.cloudflare.com/rfc8482-saying-goodbye-to-any > >

Re: RFC8482: Implementation through HINFO record

Named does not support this. There is no requirement to support this. -- Mark Andrews > On 21 May 2024, at 00:04, Amaury Van Pevenaeyge > wrote: > >  > Hello everyone, > > How is it possible to set up a resource record of type HINFO so that it is > returned on e

RFC8482: Implementation through HINFO record

Hello everyone, How is it possible to set up a resource record of type HINFO so that it is returned on every ANY request without all the other records in the zone? I'm looking to implement RFC8482 as Cloudflare can do in the following article: https://blog.cloudflare.com/rfc8482-saying-goodbye

RE: record PTR

It's clear, thank you. De : Ben Croswell Envoyé : jeudi 14 mars 2024 13:26 À : RAHAL Sami SOFRECOM ; ML BIND Users Objet : Re: record PTR 181.242.197.in-addr.arpa. 3600 IN NS douala0.orange.cm<http://douala0.orange.cm>. 181.242.197.in-addr.arpa. 3600 IN NS nsbangui.orangerca.com. 181.2

Re: record PTR

of those servers would need to add the PTR records. On Thu, Mar 14, 2024, 8:19 AM wrote: > Thank you for your response. > > In my case, I have added a PTR record for mail.sami.tn pointing to > 197.242.181.69, but it is still not visible from the outside. However, when > I test 'dig @0 -x

Re: record PTR

Am 14.03.2024 schrieb sami.ra...@sofrecom.com: > Hello, please, I want to know if I need to delegate a range of IP > addresses to my authoritative DNS server with my registrar before > creating a PTR record or not. In other words, if I want to create a > PTR record on my authoritative

Re: record PTR

IP > addresses to my authoritative DNS server with my registrar before creating > a PTR record or not. In other words, if I want to create a PTR record on my > authoritative server (ns1.mydomain.com) for mail.mydomain.com pointing to > 41.226.22.50, should the range 41.226.22.0/24 be

record PTR

Hello, please, I want to know if I need to delegate a range of IP addresses to my authoritative DNS server with my registrar before creating a PTR record or not. In other words, if I want to create a PTR record on my authoritative server (ns1.mydomain.com) for mail.mydomain.com pointing

Re: Facing issues while resolving only one record

ote: > > This is odd. > “incometax.gov.in” hasn’t published a DS record, so no DNSSEC validation > should be occurring for any child. The registry object hasn’t been changed > since 2022, so its behaviour should be nothing new. > Testing various public verifying resolvers (google, cloudfl

Re: Facing issues while resolving only one record

This is odd. “incometax.gov.in” hasn’t published a DS record, so no DNSSEC validation should be occurring for any child. The registry object hasn’t been changed since 2022, so its behaviour should be nothing new. Testing various public verifying resolvers (google, cloudflare, local unbound

Re: Facing issues while resolving only one record

ers *On Behalf Of *John > W. Blue via bind-users > *Sent:* Wednesday, August 30, 2023 9:39 AM > *To:* bind-users > *Subject:* RE: Facing issues while resolving only one record > > > > *CAUTION*: *This email originated from outside of BLS. DO NOT click > (select) links o

Re: Facing issues while resolving only one record

This is why I try to read this list every day... Thanks Mark. I need to go back to RTFM (or read the man page) -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at

Re: Facing issues while resolving only one record

To disable DNSSEC validation for a domain from the command line - I use:   dig +cd eportal.incometax.gov.in Works as expected. Better answer is to get them to fix the problem. On 2023/08/30 17:08, Bob McDonald wrote: Turning off validation for that domain

Re: Facing issues while resolving only one record

Turning off validation for that domain fixes the issue. When using dig to diagnose this issue, one might be tempted to use the DNSSEC switch. However, the following command: dig eportal.incometax.gov.in. +NODNSSEC will NOT turn off DNSSEC validation. The DNSSEC switch in dig is used to display

RE: Facing issues while resolving only one record

On Behalf Of John W. Blue via bind-users Sent: Wednesday, August 30, 2023 9:39 AM To: bind-users Subject: RE: Facing issues while resolving only one record CAUTION: This email originated from outside of BLS. DO NOT click (select) links or open attachments unless you recognize the sender and know

Re: Facing issues while resolving only one record

46716 [1au] DNSKEY? incometax.gov.in. (57) > 18:47:25.597312 ens18 In IP 192.168.1.162.53963 > 192.168.1.133.53: 23+ > ? eportal.incometax.gov.in. (42) > 18:47:26.498891 ens18 Out IP 192.168.1.133.52631 > 125.16.225.122.53: > 12762 [1au] DNSKEY? incometax.gov.in. (57) &g

RE: Facing issues while resolving only one record

-users Subject: Facing issues while resolving only one record Hi all, I have bind BIND 9.18.17-1+ubuntu22.04.1+isc+1-Ubuntu (Extended Support Version) And I am facing this weird issue. Somehow eportal.incometax.gov.in<http://eportal.incometax.gov.in> site is not getting resolved through D

Facing issues while resolving only one record

47:26.498891 ens18 Out IP 192.168.1.133.52631 > 125.16.225.122.53: 12762 [1au] DNSKEY? incometax.gov.in. (57) I feel this is something related to DNS RRKEY Record size? Plus then I dumbdb on my server and went through cache using command *#rndc dumpdb -all* And here is the outp

Re: Bind to Bind DNS Lookup - Returns wildcard value for defined A record

} {dnsip} would get updated with the user's dynamic IP address. Thus, if you were to query specific.wildcard-test.dynx.me, it would send the traffic to their IP address to resolve, which is not correct, since the record is defined on the main server, not theirs. This makes it so queries

Re: Bind to Bind DNS Lookup - Returns wildcard value for defined A record

I turned logging on, but I'm still not seeing anything that can help me pinpoint why the query is failing? Audit log: 18-Jul-2023 19:45:14.938 client @0x7f26e6def368 23.29.117.19#44526 (*. wildcard-test.dynx.me): query: *.wildcard-test.dynx.me IN A -E(0)DCV (23.29.117.19) 18-Jul-2023

Re: Bind to Bind DNS Lookup - Returns wildcard value for defined A record

The output from "named-checkconf -px" is over a million lines long, but here you go: http://23.29.117.19/bindconf.zip My resolver servers are setup for ad-blocking, hence why there are so many defined zones. Here is a quick tcpdump sample where I do not see anything too helpful:

Re: Bind to Bind DNS Lookup - Returns wildcard value for defined A record

This time from the correct email alias! On Mon, 17 Jul 2023 at 22:58, Greg Choules wrote: > Hi. > Some observations: > - Please don't use nslookup. Please use dig, it is much more versatile and > gives much more information with which to try and interpret what might be > going on. > - If you're

Re: Bind to Bind DNS Lookup - Returns wildcard value for defined A record

Spam assassin is blocking my message, so here are all the details (my latest response message): https://pastebin.com/raw/jSm6aGfC -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions.

Re: Bind to Bind DNS Lookup - Returns wildcard value for defined A record

Also:- make the record self-contained, don’t make us go elsewhere, especially not to a place where data could disappear at the whim of the owner (as seen recently)- and finally, describe what you see, don’t speculate what it might be; by describing you are less likely to miss an important

Re: Bind to Bind DNS Lookup - Returns wildcard value for defined A record

t IP address A record when querying. I can't figure > out why my recursion enabled instance is not returning the correct IP > address for a specific host. Rather, it returns the wildcard value from > the zonefile rather than the specifically specified A record entry created > for that h

Re: Bind to Bind DNS Lookup - Returns wildcard value for defined A record

A record when querying. I can't figure out why my recursion enabled instance is not returning the correct IP address for a specific host. Rather, it returns the wildcard value from the zonefile rather than the specifically specified A record entry created for that host. It appears bind to bind

Bind to Bind DNS Lookup - Returns wildcard value for defined A record

I've got a bind recursion DNS server setup that is returning the wrong value for an outside domain that I also maintain and host on another server running a bind DNS server. Yet Google's DNS and other major DNS providers respond with the correct IP address A record when querying. I can't figure

Re: after DS RECORD publish/verify, DSStatus stuck @ "rumoured" after manual `rndc dnssec -checkds` update ?

On 24-10-2022 15:14, PGNet Dev wrote: The good news it is not stuck. What indicator flags that it IS 'stuck'?  Is it explicitly logged? Because the keymgr logs says it is just waiting time? 2022-10-21T16:55:22.690622-04:00 ns named[36683]: 21-Oct-2022 16:55:22.689 dnssec: debug 1: keymgr:

Re: after DS RECORD publish/verify, DSStatus stuck @ "rumoured" after manual `rndc dnssec -checkds` update ?

The good news it is not stuck. What indicator flags that it IS 'stuck'? Is it explicitly logged? BIND is waiting to make sure the new DS is also known to the validators. The time being evaluated here is the DS TTL, plus parent-propagation-delay, plus retire-safety. All these three values

Re: after DS RECORD publish/verify, DSStatus stuck @ "rumoured" after manual `rndc dnssec -checkds` update ?

ns named[36683]: 21-Oct-2022 16:55:22.689 dnssec: debug 1: keymgr: dnssec evaluation of KSK example.com/ECDSAP256SHA256/63917 record DS: rule1=(~true or true) rule2=(~true or true) rule3=(~false or false)   2022-10-21T16:55:22.690622-04:00 ns named[36683]: 21-Oct-2022 16:55:22.689 dnssec: debu

Re: after DS RECORD publish/verify, DSStatus stuck @ "rumoured" after manual `rndc dnssec -checkds` update ?

sec: debug 1: keymgr: dnssec evaluation of KSK example.com/ECDSAP256SHA256/63917 record DS: rule1=(~true or true) rule2=(~true or true) rule3=(~false or false) 2022-10-21T16:55:22.690622-04:00 ns named[36683]: 21-Oct-2022 16:55:22.689 dnssec: debug 1: keymgr: time says no to KSK example.

after DS RECORD publish/verify, DSStatus stuck @ "rumoured" after manual `rndc dnssec -checkds` update ?

zone's DS RECORD has been pushed to registrar->parent, it's fully propagated, and is passing all the external/online checks. reading @ https://kb.isc.org/docs/dnssec-key-and-signing-policy "Note: If you see the DSState stuck in rumoured after the migration, you need to run rnd

Re: Can't modify an existing SPF record

Ok now I understand.thanks a lot to you! El vie, 8 jul 2022 a las 19:58, Greg Choules () escribió: > > The SPF record type was deprecated in 2014 and the SPF definition string > *must* now be contained as data in a TXT record. > BIND will still load a zone containing

Re: Can't modify an existing SPF record

The SPF record type was deprecated in 2014 and the SPF definition string *must* now be contained as data in a TXT record. BIND will still load a zone containing SPF records, but it will check whether a TXT record also exists that contains the same string and will generate a log message telling you

Re: Can't modify an existing SPF record

On 2022-07-08 18:14, Crist Clark wrote: As far as BIND is concerned, this is arbitrary text in a TXT record. It doesn’t know or care about SPF syntax within it. TXT records is mostly used, and SPF records is in bind supported -- Visit https://lists.isc.org/mailman/listinfo/bind-users

Re: Can't modify an existing SPF record

t;ip:x.x.x.x" for example, this change goes ok to the slaves. ip: is invalid ip4: is valid :) ip6: is valid and lastly a: includes ip6 on the hostnames And from webmin interface, if I add the "a:relay.company.com" I get this error: Failed to save record : 'relay.company.com' is not a v

Re: Can't modify an existing SPF record

Thanks a lot, it's a webmin interface error because it doesn't accept characters in allowed host sender option. Sorry for my interruption. Greetings !!! El vie, 8 jul 2022 a las 13:14, Crist Clark () escribió: > > As far as BIND is concerned, this is arbitrary text in a TXT

Re: Can't modify an existing SPF record

quot; for example, this change goes ok to the slaves. And from webmin interface, if I add the "a:relay.company.com" I get this error: Failed to save record : 'relay.company.com' is not a valid host to allow sending from relay.company.com does not exist: % host -t a relay.company.com

Re: Can't modify an existing SPF record

As far as BIND is concerned, this is arbitrary text in a TXT record. It doesn’t know or care about SPF syntax within it. It sounds like you’re having webmin problems, not BIND. On Fri, Jul 8, 2022 at 9:08 AM Ondřej Surý wrote: > > > On 8. 7. 2022, at 18:05, Roberto Carna wrote: >

Re: Can't modify an existing SPF record

> On 8. 7. 2022, at 18:05, Roberto Carna wrote: > > using the CLI in the BIND master What does this mean and how exactly are you changing the zone? List all the steps that you are doing when changing the zone contents. Ondrej -- Ondřej Surý — ISC (He/Him) My working hours and your working

Re: Can't modify an existing SPF record

o the slaves. And from webmin interface, if I add the "a:relay.company.com" I get this error: Failed to save record : 'relay.company.com' is not a valid host to allow sending from I suspect the problem is with additional hostnames..I don't know. Thanks again! El vie, 8 jul 2022 a

Re: Can't modify an existing SPF record

There can only be one SFP TXT record per domain. A complete record could look like. domain1.com.  IN    TXT   "v=spf1 a:mail.domain1.com a:smtp.domain1.com a:relay.domain2.com -all" It should be logical to use a (domain) name because that name could have multiple IP addre

RE: Can't modify an existing SPF record

Hi Roberto, You need to prefix it with “a:” to indicate that this is an A-record, i.e.: a:relay.company.com Best, Richard. From: bind-users On Behalf Of Greg Choules via bind-users Sent: 08 July 2022 4:45 pm To: Roberto Carna Cc: ML BIND Users Subject: Re: Can't modify an existing SPF

Re: Can't modify an existing SPF record

Hi Roberto. What domain is this SPF for and exactly how are you trying to add the extra term? Cheers, Greg On Fri, 8 Jul 2022 at 16:38, Roberto Carna wrote: > Dear, from my webmin interface for BIND9, I try to add an additional > allowed sender host to our SPF record, but I get the fol

Can't modify an existing SPF record

Dear, from my webmin interface for BIND9, I try to add an additional allowed sender host to our SPF record, but I get the following error: Failed to save record : 'relay.company.com' is not a valid host to allow sending from What does this mean? Do I have to consider some important thing I'm

Re: Delete/update MX record

Using nsupdate when I try to delete an MX record for a domain, I get REFSUED. REFUSED is also reported when attempting to update a non-dynamic zone. Are you sure the zone you're trying to update is actually dynamic? How do I remove and replace the MX record for a domain with nsupdate? del

Re: Delete/update MX record

@lbutlr wrote: > Using nsupdate when I try to delete an MX record for a domain, I get > REFSUED. > > When I try to add an MX record with the same priority (or not), it > leaves the old record as well. > > How do I remove and replace the MX record for a domain with nsupdate?

Re: Delete/update MX record

Show your procedure. -- Mark Andrews > On 5 Jun 2022, at 06:37, @lbutlr wrote: > > Using nsupdate when I try to delete an MX record for a domain, I get REFSUED. > > When I try to add an MX record with the same priority (or not), it leaves the > old record as well. &g

Delete/update MX record

Using nsupdate when I try to delete an MX record for a domain, I get REFSUED. When I try to add an MX record with the same priority (or not), it leaves the old record as well. How do I remove and replace the MX record for a domain with nsupdate? -- A woman stays up all night with two men

Re: per record responses based on originating IP

iew: https://blog.apnic.net/2018/11/14/geoip-in-knot-dns-2-7/ Thanks Angus From: bind-users on behalf of Nick Tait via bind-users Sent: 16 May 2022 13:55 To: BIND Users Mailing List Subject: Re: per record responses based on originating IP On 16/05/22 20:05, Angus Cl

Re: per record responses based on originating IP

On 16/05/22 20:05, Angus Clarke wrote: As mentioned in a separate reply to Grant, the goal is to have (amongst other things) local recursors "find" the locally deployed authoritative servers through NS records. What hasn't been mentioned is that I am also looking to simplify configuration

Re: per record responses based on originating IP

alf of Nick Tait via bind-users Sent: 14 May 2022 02:34 To: bind-users@lists.isc.org Subject: Re: per record responses based on originating IP On 13/05/22 09:02, Grant Taylor via bind-users wrote: On 5/12/22 2:41 PM, Nick Tait via bind-users wrote: This sounds like exactly the sort of use case

Re: per record responses based on originating IP

On 5/15/22 7:28 AM, Angus Clarke wrote: Hi Grant Hi Angus, maybe, I'm reading up ... poking around the manual, are you alluding to the "sortlist" directive? Yes, that's what I was referring to. So the concern with returning an ordered RRset is that the set could be large: Okay. I

Re: per record responses based on originating IP

RRset. Maybe I can limit a RRset response to the first X number of entries? Thanks Angus From: bind-users on behalf of Grant Taylor via bind-users Sent: 12 May 2022 18:11 To: bind-users@lists.isc.org Subject: Re: per record responses based on originating IP

Re: per record responses based on originating IP

On 13/05/22 09:02, Grant Taylor via bind-users wrote: On 5/12/22 2:41 PM, Nick Tait via bind-users wrote: This sounds like exactly the sort of use case for Response Policy Zones: How are you going to have RPZ return different addresses for different clients?  Are you suggesting use different

Re: per record responses based on originating IP

On 5/12/22 2:41 PM, Nick Tait via bind-users wrote: This sounds like exactly the sort of use case for Response Policy Zones: How are you going to have RPZ return different addresses for different clients? Are you suggesting use different RPZs with different contents for different clients?

Re: per record responses based on originating IP

On 13/05/2022 12:30 am, Angus Clarke wrote: Does bind have some simple way to respond differently based on source address but on a per record basis? Or perhaps include a baseline zone in a view and separately include differences for that view - something like this perhaps? Hi Angus

Re: per record responses based on originating IP

based on different client criteria. Does bind have some simple way to respond differently based on source address but on a per record basis? Or perhaps include a baseline zone in a view and separately include differences for that view - something like this perhaps? If sorting of replies won't

per record responses based on originating IP

Hello I'm familiar with Dan Bernstein's aging DNS software. With it I can add location based responses to individual records, so that the DNS can respond differently to a name lookup according to the source network/IP on a per-record basis. With bind (and others) it seems that DNS views

AW: all resource record types and examples

ll" SPF IN TXT "v=spf1 mx -all" SRV IN SRV 0 0 5060 vgw1.a1.net. SSHFP IN SSHFP 4 1 8915504c4136d16f6c9c81d15e295b66089fa4e2 TLSAIN TLSA3 1 1 0eb9e66d24d72f85db53a982af5befa1e6043565b5792ba8cde2ae17c9b8d92e TXT IN TXT ganzk

Re: all resource record types and examples

Hi Ramesh, This is the kind of information that you can easily find by Googling, so please go and do the research yourself. Folk on this mailing list help others by volunteering their time for free, and get no compensation for it. We would be happy to help with specific questions about

Re: all resource record types and examples

On 12/04/2022 13:43, rams wrote: Could someone please share all supported DNS RRs and examples of each RR. That's a *very* big ask. IANA maintains a list of all RRs and pointers to the documentation for each of them:

all resource record types and examples

Hi, Greetings ... Could someone please share all supported DNS RRs and examples of each RR. Regards, Ramesh -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at

RE: Can an RPZ record be used for a non-existed domain?

you maybe have to use >>> qname-wait-recurse no to avoid DNS failures to be propgated. philippe From: bind-users On Behalf Of VASILAKIS GEORGIOS Sent: Thursday, 24 March 2022 09:53 To: bind-users@lists.isc.org Subject: Can an RPZ record be used for a non-existed domain? Hello

Re: Can an RPZ record be used for a non-existed domain?

-15 years since I've last done this. It could be very likely that things were quite different 25 years ago. For some users, for some (possibly all) senders, we require that d.c.b.a .in-addr.arpa has some PTR record where the corresponding A record resolves back to a.b.c.d. There is also

Re: Can an RPZ record be used for a non-existed domain?

ack of PTR via > /etc/hosts entries. How do you do that in /etc/hosts? Suppose the mail arrives from a.b.c.d, and they have some name outbound.example.com A a.b.c.d, but d.c.b.a.in- addr.arpa does not exist. For some users, for some (possibly all) senders, we require that d.c.b.a .in-addr.arpa h

Re: Can an RPZ record be used for a non-existed domain?

on a bunch of customer mail servers, their dns server just zone transfers the rpz zone using notify/ixfr. ACK Using standard zone transfers for RPZ(s) is one of the many features of RPZ. And many times, their error is in an incorrect or missing PTR record, so /etc/hosts does not help there. We must

Re: Can an RPZ record be used for a non-existed domain?

error is in an incorrect or missing PTR record, so /etc/hosts does not help there. I have many other cases where we do take over the entire domain, like princetonprivacystudy.orgA 127.0.0.2 *.princetonprivacystudy.org A 127.0.0.2 which makes any host name like abc.princetonprivacystu

Re: Can an RPZ record be used for a non-existed domain?

On 3/24/22 10:02 AM, Carl Byington via bind-users wrote: I think so. Agreed. Presumably to create those domains locally. Of course the rest of the world won't see them. 1.0.0.127.in-addr.arpaPTR outbound.example.com. outbound.example.com A 127.0.0.1 What advantage does

Re: Can an RPZ record be used for a non-existed domain?

On Thu, 24 Mar 2022, VASILAKIS GEORGIOS wrote: I have an RPZ containing 2700 Records using A record redirection. I've got an RPZ with thousands of PTR records! I don't know how many domains that means I took over, although some of them clearly don't exist because I get NXDOMAIN when trying

Re: Can an RPZ record be used for a non-existed domain?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Thu, 2022-03-24 at 16:48 +0100, Benny Pedersen wrote: > > Is it possible to add records for non-existing domains to the RPZ? I think so. > what is the point ? Presumably to create those domains locally. Of course the rest of the world won't

Re: Can an RPZ record be used for a non-existed domain?

On 2022-03-24 09:52, VASILAKIS GEORGIOS wrote: I have an RPZ containing 2700 Records using A record redirection. congrats :) Is it possible to add records for non-existing domains to the RPZ? what is the point ? dont waste resources -- Visit https://lists.isc.org/mailman/listinfo/bind

Can an RPZ record be used for a non-existed domain?

Hello, I have an RPZ containing 2700 Records using A record redirection. Is it possible to add records for non-existing domains to the RPZ? BR, Giorgos CONFIDENTIALITY NOTE: This e-mail is originated from WIND Hellas Telecommunications S.A.. Both this message and any attachments hereto

Re: RPZ rule to apply to NS record requests?

On 11/16/2021 2:41 AM, Tony Finch wrote: John Thurston wrote: If I have a Reverse Policy Zone (RPZ) defined, I can define a specific answer to be sent for a specific record-type for a specific name: foo.bar.com IN A 10.11.12.13 foo.bar.com IN TXT "Hello World" But I

Re: RPZ rule to apply to NS record requests?

John Thurston wrote: > If I have a Reverse Policy Zone (RPZ) defined, I can define a specific answer > to be sent for a specific record-type for a specific name: > >foo.bar.com IN A 10.11.12.13 >foo.bar.com IN TXT "Hello World" > > But I can't seen to

RPZ rule to apply to NS record requests?

If I have a Reverse Policy Zone (RPZ) defined, I can define a specific answer to be sent for a specific record-type for a specific name: foo.bar.com IN A 10.11.12.13 foo.bar.com IN TXT "Hello World" But I can't seen to define one for the record-type NS Is this possible?

Re: A record for @?

@lbutlr via bind-users wrote: > I have a domain that I hot DNS and email for, but not web. I set the A > record for www.example.com to the IP of the web server with nsupdate, > removing the old CNAME the pointed to the local webserver, but the web > monkey for the new website is say

A record for @?

I have a domain that I hot DNS and email for, but not web. I set the A record for www.example.com to the IP of the web server with nsupdate, removing the old CNAME the pointed to the local webserver, but the web monkey for the new website is saying that www has to be a CNAME and the @ record

Re: Odd A record in our hosts zone file

On 25.06.21 18:29, Bruce Johnson wrote: Thank you…this is very useful information; I thought TTL could only be specified on a per-zone basis, not per-host. not even per-host. Different RR types for the same host can have different TTL. mail1m IN A

Re: Odd A record in our hosts zone file

r-fqdn} is only valid for 60 seconds. As you say, a cheap load balancing attempt! Best, Richard. -Original Message- From: bind-users On Behalf Of Bruce Johnson Sent: 25 June 2021 6:56 pm To: bind-users@lists.isc.org Subject: Odd A record in our hosts zone file I ran across these A r

Re: Odd A record in our hosts zone file

Time to live in the cache. Short time to live is useful when you need to change the A record to swing one host to another. > On Jun 25, 2021, at 12:56, Bruce Johnson wrote: > > I ran across these A records in one of our zone files: > > ;EXCHANGE STUFF >

RE: Odd A record in our hosts zone file

@lists.isc.org Subject: Odd A record in our hosts zone file I ran across these A records in one of our zone files: ;EXCHANGE STUFF mail1m IN A xxx.xxx.xxx.52; dhbex1 mail1m IN A xxx.xxx.xxx.54; dhbex2 I can see that this is a cheap load

Odd A record in our hosts zone file

I ran across these A records in one of our zone files: ;EXCHANGE STUFF mail1m IN A xxx.xxx.xxx.52; dhbex1 mail1m IN A xxx.xxx.xxx.54; dhbex2 I can see that this is a cheap load-balancing for our exchange OWA servers, but what is the ‘1m’

Re: Reverse Lookup / PTR record

On 2021-06-21 12:00, Matus UHLAR - fantomas wrote: On 21.06.21 09:41, techli...@phpcoderusa.com wrote: I am configuring a home office PHP webserver on my cable company's business connection that allows for servers. My cable company provides the reverse lookup / PTR record. Given

Re: Reverse Lookup / PTR record

On 21.06.21 09:41, techli...@phpcoderusa.com wrote: I am configuring a home office PHP webserver on my cable company's business connection that allows for servers. My cable company provides the reverse lookup / PTR record. Given that, I'm thinking I need to provide only the zone file

Reverse Lookup / PTR record

Hi, I am configuring a home office PHP webserver on my cable company's business connection that allows for servers. My cable company provides the reverse lookup / PTR record. Given that, I'm thinking I need to provide only the zone file, no reverse lookup. Any thoughts are much

Re: Bind9.16 zone SOA record issue.

On 5/23/21 9:27 AM, Ondřej Surý wrote: Nope, that’s how you enter email to SOA with dot in user part as the first dot gets converted to @. #TodayIlearned I agree with Ondřej. I think it's the missing $ in front of ORIGIN. Remember the $ lines are directives to BIND and not zone data.

Re: Bind9.16 zone SOA record issue.

Nope, that’s how you enter email to SOA with dot in user part as the first dot gets converted to @. -- Ondřej Surý — ISC (He/Him) My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. > On 23. 5. 2021, at 17:15, Sten

Re: Bind9.16 zone SOA record issue.

> On 23 May 2021, at 16.24, Thomas Strike wrote: > > ZONE FILE: > $ttl 3600 > ORIGIN ancienttom.us . > @IN SOA ancienttom.us . > thomas\.strike.sleepyvalley.net . ( The "\" above is what I would

Re: Bind9.16 zone SOA record issue.

$ORIGIN ancienttom.us. ? -- Ondřej Surý — ISC (He/Him) My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. > On 23. 5. 2021, at 16:24, Thomas Strike wrote: > > ORIGIN ancienttom.us.

Bind9.16 zone SOA record issue.

I've been pounding my head over this issue all day with no results. I am hosting Bind9.16 on a Ubuntu 20.04 server. I have several zone records that report the same problem but I also have several zoned that are configured with this same template and run okay on the server. I've surfed the

Re: TXT & SPF Record Syntax

On 2021-02-28 17:52, Mark Andrews wrote: Domain names without a trailing period are relative to the current origin. Domain names with a trailing period are absolute. snip On 1 Mar 2021, at 10:41, Tim Daneliuk via bind-users wrote: I am trying to understand when the LHS of a TXT record

Re: TXT & SPF Record Syntax

On 2/28/21 5:52 PM, Mark Andrews wrote: > Domain names without a trailing period are relative to the current origin. > > Domain names with a trailing period are absolute. > > If you want to add the record > > foo.bar.example.com. TXT … > > and the current ori

Re: TXT & SPF Record Syntax

Domain names without a trailing period are relative to the current origin. Domain names with a trailing period are absolute. If you want to add the record foo.bar.example.com. TXT … and the current origin is example.com. You can enter it as foo.bar TXT

TXT & SPF Record Syntax

I am trying to understand when the LHS of a TXT record needs to be terminated with '.'. For example, I see this one of the machines I am managing. The server in question is the zone authority for foo.com: foo.com. IN TXT "v=spf1 ... foo.com. IN SPF &q

Re: SRV Record Server Availability

> - fantomas > Sent: Wednesday, January 6, 2021 8:51 AM > To: bind-users@lists.isc.org > Subject: Re: SRV Record Server Availability > > On 06.01.21 21:41, Wilfred Sarmiento via bind-users wrote: >> Your understanding is correct, i just thought that SRV can detect whose &g

Re: SRV Record Server Availability

Subject: Re: SRV Record Server Availability On 06.01.21 21:41, Wilfred Sarmiento via bind-users wrote: >Your understanding is correct, i just thought that SRV can detect whose >server is alive so it can choose and provide an answer with the available >Server. DNS is not designed t

Re: SRV Record Server Availability

change contents of DNS depending on which servers are alive and which are not, it's almost never a good idea. That means, BIND has nothing like this built in. On Tue, Jan 5, 2021 at 4:30 AM Wilfred Sarmiento via bind-users wrote: > Is DNS Bind SRV record can detect the Server's availability? If

Re: SRV Record Server Availability

ind-users > wrote: > > Is DNS Bind SRV record can detect the Server's availability? If yes, how? > > Could you provide more information about your goal? I don't fully > understand the question. > > For my reading, the answer is basically no, in that an SRV record just &g

  1   2   3   4   5   6   7   8   9   10   >