On Tue, Jan 29, 2019 at 10:56 AM @lbutlr wrote:
>
>
> > On 29 Jan 2019, at 00:25, ObNox wrote:
> >
> > On 24/01/2019 10:26, Sam Wilson wrote:
> >
> Note: I'm assuming a zone expiry of a week to a month. I think that
> would accommodate most outages.
> >>>
> >>> I thought of that too :-) A
> On 29 Jan 2019, at 00:25, ObNox wrote:
>
> On 24/01/2019 10:26, Sam Wilson wrote:
>
Note: I'm assuming a zone expiry of a week to a month. I think that
would accommodate most outages.
>>>
>>> I thought of that too :-) A week would be far enough in my case.
>> Be careful of what
On 23/01/2019 06:45, Grant Taylor via bind-users wrote:
[...]
I think I'm now geared towards this solutions which seems to be the
simpler one to implement.
I think it's at least worth playing out to see if it fails or if it
works well enough for your needs.
[...]
Please share what you end up
On 24/01/2019 10:26, Sam Wilson wrote:
Note: I'm assuming a zone expiry of a week to a month. I think that
would accommodate most outages.
I thought of that too :-) A week would be far enough in my case.
Be careful of what you mean by "a week". If a problem happens on a
Friday just after
On 2019-01-23 05:06:03 +, ObNox said:
On 22/01/2019 02:20, Grant Taylor via bind-users wrote:
Note: I'm assuming a zone expiry of a week to a month. I think that
would accommodate most outages.
I thought of that too :-) A week would be far enough in my case.
Be careful of what you me
ke) your multi-master OpenLDAP configuration.
Link - BIND DLZ > Driver Docs > LDAP
- http://bind-dlz.sourceforge.net/ldap_driver.html
That's because I didn't find anything in the docs about the multi-master
setup that I came up with the idea of a "selective forwarding" t
multi-master DNS
service like I already have with OpenLDAP! The multi-master setup of
OpenLDAP works so magically well that I really wished it was possible
for my DNS use case :-) I can update any LDAP server in the chain and it
magically propagates everywhere in an instant.
That's becau
e zone -and- forward dynamic updates to Site 1.
What I would like to have is some kind of selective forwarding like this :
- Each site have its own "example.net" zone for the DHCP dyn DNS
Why do you want to have multiple (three) distinct copies of the same zone?
Rather, why don't
app.example.net" residing at Site 1.
What I would like to have is some kind of selective forwarding like this :
- Each site have its own "example.net" zone for the DHCP dyn DNS
- If some host queries xxx.example.net via its local DNS server, try to
resolve it locally. If not found
On 19 August 2016 at 09:02, anup albal wrote:
> Below are the options on the external name server.
That's not the full configs, and from both DNS servers. I get you
don't want to expose some of the information but you're asking for
help, we can't do that if you keep things back and obfuscate deta
orking.
There is a firewall between the internal and external name servers. Other than
ensuring that port53 is open between the two name servers for TCP and UDP
traffic, is there anything else i need to check?
Thanks
Anup
From: anup albal
Sent: Friday, 19 August 2016
On 19 August 2016 at 07:25, anup albal wrote:
> After that I cannot run a "dig sharepoint.com" or "dig microsoft.com" from
> dns1. However it can resolve it if i run a "dig +trace sharepoint.com" or
> "dig +trace microsoft.com"
Can you post your full configs and the full dig outputs? Don't use
+t
er it can resolve it if i run a "dig +trace sharepoint.com" or "dig
+trace microsoft.com"
On the internal clients talking to dns1, I get an NXDOMAIN response.
--Anup
From: anup albal
Sent: Thursday, 18 August 2016 10:04 AM
To: BIND Users
S
boun...@lists.isc.org] On Behalf Of S Carr
Sent: Thursday, August 18, 2016 4:31 AM
To: BIND Users
Subject: Re: Selective forwarding from an internal only name server
On 18 August 2016 at 01:04, anup albal wrote:
> Does that mean I setup another forwarding zone called microsoft.com or
> s
compliance.
- Kevin
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry
Margolin
Sent: Wednesday, August 17, 2016 9:08 PM
To: comp-protocols-dns-b...@isc.org
Subject: Re: Selective forwarding from an internal only name server
In article
On 18 August 2016 at 01:04, anup albal wrote:
> Does that mean I setup another forwarding zone called microsoft.com or
> sharepoint.microsoft.com or both?
Ideally you should setup a completely separate caching/forwarding
server and not be using the external DNS box (NS1) for this purpose.
On the
On 18 August 2016 at 02:07, Barry Margolin wrote:
> That's why Cloudflare's method is "RFC-compliant", but what MS is doing
> with sharepoint.com is not.
Microsoft's DNS implementation allows CNAMEs at the zone apex, correct
it's not RFC compliant, but this is Microsoft...
___
point.com is not.
>
> - Kevin
>
> -Original Message-
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry
> Margolin
> Sent: Wednesday, August 17, 2016 4:34 PM
&
, 18 August 2016 9:47 AM
To: Chris Buxton
Cc: BIND Users
Subject: Re: Selective forwarding from an internal only name server
Hi Chris
Below is without "+trace" option. Also there is a firewall between internal
(dns1) and external (ns1) name servers and
we have opened up TCP/UDP port 53
ust 2016 2:26 AM
To: anup albal
Cc: BIND Users
Subject: Re: Selective forwarding from an internal only name server
Try it without "+trace".
Regards,
Chris
On Aug 17, 2016, at 2:59 AM, anup albal
mailto:anupal...@hotmail.com>> wrote:
Hi
First up apologies if this is not the
Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry
Margolin
Sent: Wednesday, August 17, 2016 4:34 PM
To: comp-protocols-dns-b...@isc.org
Subject: Re: Selective forwarding from an internal only name server
In article ,
"Darcy Kevin (FCA)" wrot
In article ,
"Darcy Kevin (FCA)" wrote:
> Well, sharepoint.com is a CNAME to sharepoint.microsoft.com, so you might
> need to make arrangements for that to be resolvable as well.
That doesn't seem valid to begin with. The .COM zone has delegation NS
records for sharepoint.com. Having a CNAME
sts.isc.org] On Behalf Of anup
albal
Sent: Wednesday, August 17, 2016 6:00 AM
To: bind-users@lists.isc.org
Subject: Selective forwarding from an internal only name server
Hi
First up apologies if this is not the right list to email and for a long email.
I am hoping you can give me a clue as to w
Try it without "+trace".
Regards,
Chris
> On Aug 17, 2016, at 2:59 AM, anup albal wrote:
>
> Hi
>
> First up apologies if this is not the right list to email and for a long
> email. I am hoping you can give me a clue as to what I am doing wrong here?
> Or may be this is not supposed to work
Hi
First up apologies if this is not the right list to email and for a long email.
I am hoping you can give me a clue as to what I am doing wrong here? Or may be
this is not supposed to work at all.
We have an internal only DNS server (dns1) with fake root zone. i.e a fake file
for the zone ".
25 matches
Mail list logo
