t; Gokan Atmaca wrote:
> > > I want to do dns failover. There is no such feature in the bind
> > > service. It has RR feature but no Failover. I have 2 services. I want
> > > the A record to change automatically when one is inaccessible. Is
> > > there a tool you
The feature you need to look for is GSLB. I’d Google opensource and GSLB. I
saw a few projects that should give you the functionality you need.
On Mon, Jul 12, 2021 at 8:23 AM Dan Ritter wrote:
> Gokan Atmaca wrote:
> > I want to do dns failover. There is no such feature in the bind
&g
Gokan Atmaca wrote:
> I want to do dns failover. There is no such feature in the bind
> service. It has RR feature but no Failover. I have 2 services. I want
> the A record to change automatically when one is inaccessible. Is
> there a tool you can recommend for this ?
The most
>
>
> I have 2 services. I want
> the A record to change automatically when one is inaccessible.
Do you want the DNS server to ping your service and change "A" record?
There is no such feature AFAIK. You can use two different IPs for services
and provide bo
Hello
I want to do dns failover. There is no such feature in the bind
service. It has RR feature but no Failover. I have 2 services. I want
the A record to change automatically when one is inaccessible. Is
there a tool you can recommend for this ?
Thanks.
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian
Bonjour,
Donc en approfondissant le sujet, voici le contournement que je mets en
place.
Hypothèses/prérequis de départ
1. il faut que le serveur dns windows permette les modifications
dynamique => voir avec son admin windows, on verra le pb de
l'authentification plus tard...
2. utilisation
Pour ton malheur (vu mon niveau en réseau: quasiment double zéro) je
profère mes élucubrations à haute voix, un peu au hasard ;-)
peut-être que tu peux récupérer les données de tes fichiers de baux DHCP
(je ne sais même pas exactement ce qu'il y a dedans, j'ai jamais monté
de serveur DHCP)
Bonjour,
La situation est la suivante :
Je dispose d'un petit morceau de LAN sur lequel est utiliser dnsmasq
pour assurer DHCP et DNS et servir le domaine lab.toto.local.
Ce morceau de LAN est interconnecté avec une infrastructure tout
windows en terme de serveur DHCP et DNS.
Il n'est pas
On Wed, Mar 31, 2021, 4:26 PM Moritz Kempe
wrote:
> Up until now i used my AVM Fritz!Box (my router) with the (supported)
> firmware version FRITZ!OS-Version 07.21.
>
> Just now, i upgraded the firmware to FRITZ!OS-Version 07.25 and the DNS
> is now working on my Raspberry Pi 400.
Up until now i used my AVM Fritz!Box (my router) with the (supported)
firmware version FRITZ!OS-Version 07.21.
Just now, i upgraded the firmware to FRITZ!OS-Version 07.25 and the DNS
is now working on my Raspberry Pi 400.
I cannot yet say, if my problem is solved but it seems like it. I
gt;> 2(SERVFAIL)
>>> grep ^hosts: /etc/nsswitch.conf
>> --
>> hosts: files mdns4_minimal [NOTFOUND=return] dns
mymachines
> I don't trust multicast dns, so in addition to turning it off
I've also got
> $ grep host /etc/nsswitch
ke@rpi4-20201112:~$ host github.com Host github.com not found:
> >>>> 2(SERVFAIL)
> >>> grep ^hosts: /etc/nsswitch.conf
> >> --
> >> hosts: files mdns4_minimal [NOTFOUND=return] dns mymachines
> > I don't trust multicast dns, so in addition to tur
On 3/31/21 2:44 PM, Greg Wooledge wrote:
On Wed, Mar 31, 2021 at 01:42:36PM +0200, Moritz Kempe wrote:
grep ^hosts: /etc/nsswitch.conf
--
hosts: files mdns4_minimal [NOTFOUND=return] dns mymachines
I don't know what "mymachines" is. I don't see it in the man page.
Wh
can’t be reachedCheck if there is a typo in
github.com. DNS_PROBE_FINISHED_NXDOMAIN
moke@rpi4-20201112:~$ host github.com Host github.com not found:
2(SERVFAIL)
grep ^hosts: /etc/nsswitch.conf
--
hosts: files mdns4_minimal [NOTFOUND=return] dns mymachines
I don't trust multicast dns, so
On Wed, Mar 31, 2021 at 01:42:36PM +0200, Moritz Kempe wrote:
> > grep ^hosts: /etc/nsswitch.conf
> --
> hosts: files mdns4_minimal [NOTFOUND=return] dns mymachines
I don't know what "mymachines" is. I don't see it in the man page.
What happens if you get rid of
mium This site can’t be reachedCheck if there is a typo in
>>> github.com. DNS_PROBE_FINISHED_NXDOMAIN
>>> moke@rpi4-20201112:~$ host github.com Host github.com not found:
>>> 2(SERVFAIL)
>> grep ^hosts: /etc/nsswitch.conf
> --
> hosts: files mdns
. DNS_PROBE_FINISHED_NXDOMAIN
moke@rpi4-20201112:~$ host github.com Host github.com not found:
2(SERVFAIL)
grep ^hosts: /etc/nsswitch.conf
--
hosts: files mdns4_minimal [NOTFOUND=return] dns mymachines
--
ls -ld /etc/resolv.conf
--
-rw-r--r-- 1 root root 54 Mar 31 13:28 /etc/resolv.conf
On Wed, Mar 31, 2021 at 12:14:59AM +0200, Moritz Kempe wrote:
> -- Firefox
> Hmm. We’re having trouble finding that site.
>
> We can’t connect to the server at github.com.
> -- Chromium
> This site can’t be reachedCheck if there is a typo in github.com.
> DNS_PROBE_FINISHED_NXDOMAIN
>
I changed DNS configuration at my DSL router.
I enabled on my DSL router: TLS for DNS, and, parallel, switched to
public, non-censored DNS servers, as suggested by a large German computer
magazine.
I've done this too. I also activated dns over tls with a privacy dns
server in my router but i
I changed DNS configuration at my DSL router.
I enabled on my DSL router: TLS for DNS, and, parallel, switched to
public, non-censored DNS servers, as suggested by a large German computer
magazine.
I've done this too. I also activated dns over tls with a privacy dns
server in my router but i
Moritz Kempe wrote:
[...]
> I noticed the problem, while i was browsing the internet and got confused
> because after a while some domains could not longer be found/connected to by
> the browser. (On both, Firefox and Chromium)
I had similar issues, when I changed DNS configuration
On Tue, Mar 30, 2021, 5:33 PM Moritz Kempe wrote:
> Hello,
>
> since i upgraded my Raspberry Pi 400 (with regular Debian 10, not
> Raspberry PI OS) to the latest buster version, i am experiencing
> problems with dns, which i cannot replicate with any of my other devices
> (De
Hello,
since i upgraded my Raspberry Pi 400 (with regular Debian 10, not
Raspberry PI OS) to the latest buster version, i am experiencing
problems with dns, which i cannot replicate with any of my other devices
(Debian Stretch amd64 workstation, Debian Buster amd64 server, Raspberry
Pi 3b
better off with one 'A' record pointing at
a load balancer that fronts a DMZ containing the eight servers. A
second load balancer can be added with suitable tricks to deal with one
balancer breaking.)
While you have no control over the news.newsguy.com DNS settings, you
could pick one of those
ique* resolver, because browsers are
special snowflakes), may have cached some information, such as the
contents of resolv.conf.
Thus, you would be well-advised to restart any running browsers, mail
transport agents, NFS servers, and so on. Any or all of these programs
that use DNS results may
gt; > each item in the search list will be appended in turn and a
> > > > lookup made. So, for example you could have "search example.com
> > > > example.net" and a lookup for "gateway" would try
> > > > "gateway.example.com" then &
On 24/03/2021 12:57, Greg Wooledge wrote:
On Wed, Mar 24, 2021 at 12:20:23PM +, pioruns2019 wrote:
You can use DNS Benchmark by Steve Gibson, written like 20 years ago in
assembly language. This will test your various DNS configurations and
diagnose them:
Or, you could simply run
dig
zed.
>> nameserver 2001:568:ff09:10b::122
> The 20-30 seconds hint at a DNS timeout.
>
> Try removing your first entry (192.168.0.1) from resolv.conf and
> see whether this changes (don't restart, NM will clobber your
> changes!)
I tried removing the 192.168.0.1 line alo
short name (e.g. "printer"
> > > or "my-laptop" etc), then each item in the search list will be appended
> > > in turn and a lookup made. So, for example you could have "search
> > > example.com example.net" and a lookup for "gateway" w
to the office
and run slrnpull there, it connects instantly. I've mentioned this
to people in the past, and the consensus seems to be that it's some
sort of DNS problem.
My laptop is running NetworkManager. When I wake it up at
a new location, resolv.conf (which is actually a link to
/run/NetworkManager
So, for example you could have "search
> > example.com example.net" and a lookup for "gateway" would try
> > "gateway.example.com" then "gateway.example.net" in turn.
>
> [...]
>
> Well spotted. The "search telus" looks completely bog
On Wed, Mar 24, 2021 at 12:20:23PM +, pioruns2019 wrote:
> You can use DNS Benchmark by Steve Gibson, written like 20 years ago in
> assembly language. This will test your various DNS configurations and
> diagnose them:
>
> https://www.grc.com/dns/benchmark.htm
>
You can use DNS Benchmark by Steve Gibson, written like 20 years ago in
assembly language. This will test your various DNS configurations and
diagnose them:
https://www.grc.com/dns/benchmark.htm
Use Wine to run it.
wine DNSBench.exe
It will tell you what's wrong, if anything, with your DNS
quot;
> or "my-laptop" etc), then each item in the search list will be appended
> in turn and a lookup made. So, for example you could have "search
> example.com example.net" and a lookup for "gateway" would try
> "gateway.example.com" the
ke my laptop to the office
> and run slrnpull there, it connects instantly. I've mentioned this
> to people in the past, and the consensus seems to be that it's some
> sort of DNS problem.
>
> My laptop is running NetworkManager. When I wake it up at
> a new location, resolv.
y.com. If I take my laptop to the office
> and run slrnpull there, it connects instantly. I've mentioned this
> to people in the past, and the consensus seems to be that it's some
> sort of DNS problem.
>
> My laptop is running NetworkManager. When I wake it up at
> a ne
to the office
and run slrnpull there, it connects instantly. I've mentioned this
to people in the past, and the consensus seems to be that it's some
sort of DNS problem.
My laptop is running NetworkManager. When I wake it up at
a new location, resolv.conf (which is actually a link to
/run/NetworkManager
instantly. I've mentioned this
to people in the past, and the consensus seems to be that it's some
sort of DNS problem.
My laptop is running NetworkManager. When I wake it up at
a new location, resolv.conf (which is actually a link to
/run/NetworkManager/resolv.conf) gets overwritten with
information
Hi
On 12/7/20 9:02 AM, Reco wrote:
A followup. They have released Debian 10.7 last weekend, kernel version
4.19.0-13 fixes this vulnerability.
Yes, and we have installed it! :-)
Thanks again!
MJ
Hi.
On Mon, Dec 07, 2020 at 08:31:27AM +0100, mj wrote:
> Hi Roberto and Reco,
>
> Thanks for the replies!
A followup. They have released Debian 10.7 last weekend, kernel version
4.19.0-13 fixes this vulnerability.
Reco
Hi Roberto and Reco,
Thanks for the replies!
MJ
On 12/4/20 3:58 PM, Roberto C. Sánchez wrote:
On Fri, Dec 04, 2020 at 12:13:02PM +0100, mj wrote:
Hi,
I am wondering about the SAD DNS vulnerability, and wether or not it is
solved in up-to-date debian 10.6.
https://blog.kernelcare.com
On Fri, Dec 04, 2020 at 12:13:02PM +0100, mj wrote:
> Hi,
>
> I am wondering about the SAD DNS vulnerability, and wether or not it is
> solved in up-to-date debian 10.6.
>
> https://blog.kernelcare.com/vulnerability/kernelcare-patches-for-sad-dns-are-on-the-way
>
> It
Hi.
On Fri, Dec 04, 2020 at 12:13:02PM +0100, mj wrote:
> I am wondering about the SAD DNS vulnerability, and wether or not it is
> solved in up-to-date debian 10.6.
> https://blog.kernelcare.com/vulnerability/kernelcare-patches-for-sad-dns-are-on-the-way
> It says, bottom
Hi,
I am wondering about the SAD DNS vulnerability, and wether or not it is
solved in up-to-date debian 10.6.
https://blog.kernelcare.com/vulnerability/kernelcare-patches-for-sad-dns-are-on-the-way
It says, bottom of the page, that fixes are scheduled to in week 48 for
debian and ubuntu
ich said:
>
> > Est-il possible d'utiliser cela avec un autre serveur DNS que Bind9 ? Si
> > oui, lesquels ?
>
> Il faut un serveur faisant autorité qui accepte les mises à jour
> dynamiques (dynamic updates). Je n'ai jamais essayé mais je crois que
> ça marche avec Knot ou avec PowerDNS.
>
On Mon, Aug 31, 2020 at 10:01:58AM +0200,
Olivier wrote
a message of 40 lines which said:
> Est-il possible d'utiliser cela avec un autre serveur DNS que Bind9 ? Si
> oui, lesquels ?
Il faut un serveur faisant autorité qui accepte les mises à jour
dynamiques (dynamic updates). Je n'ai
Bonjour,
Le serveur isc-dhcp-server a la possibilité de mettre à jour les données
d'un serveur DNS à chaque fois qu'il affecte une adresse à un hôte dont
l'adresse MAC est connue (paramètres ddns-*).
Le Wiki de Debian décrit comment mettre en place cela avec les serveurs
isc-dhcp-server et bind9
Noted.
On 2020-08-16 20:01, Henning Follmann wrote:
On Sun, Aug 16, 2020 at 05:44:51PM +0800, Turritopsis Dohrnii Teo En
Ming wrote:
Subject: I discovered a bug in the no-ip dynamic dns free hostname
auto
renewal/confirmation script written by loblab
[...]
Then I downloaded the no-ip ddns
Does ddclient support automatic confirmation of noip.com free hostnames?
On 2020-08-16 21:55, Charles Curley wrote:
On Sun, 16 Aug 2020 17:44:51 +0800
Turritopsis Dohrnii Teo En Ming wrote:
Subject: I discovered a bug in the no-ip dynamic dns free hostname
auto renewal/confirmation script
On Sun, 16 Aug 2020 17:44:51 +0800
Turritopsis Dohrnii Teo En Ming wrote:
> Subject: I discovered a bug in the no-ip dynamic dns free hostname
> auto renewal/confirmation script written by loblab
You may be better off using the debian package ddclient. It supports
no-ip.com.
--
Does a
On Sun, Aug 16, 2020 at 05:44:51PM +0800, Turritopsis Dohrnii Teo En Ming wrote:
> Subject: I discovered a bug in the no-ip dynamic dns free hostname auto
> renewal/confirmation script written by loblab
>
[...]
> Then I downloaded the no-ip ddns free hostname auto renewal/confirmat
Subject: I discovered a bug in the no-ip dynamic dns free hostname auto
renewal/confirmation script written by loblab
Good day from Singapore,
Programming code troubleshooting person: Mr. Turritopsis Dohrnii Teo En
Ming (Targeted Individual)
Country: Singapore
Date: 15 to 16 August 2020
On Wed, Aug 12, 2020 at 03:51:11PM +0200, Patrick Frank wrote:
>
> On 12.08.20 15:28, Dan Ritter wrote:
> >Greg Wooledge wrote:
> >>On Wed, Aug 12, 2020 at 02:59:23PM +0200, Patrick Frank wrote:
>
>
> Greg writes: You can execute the "./run" script by hand for testing
> purposes [...]
>
> When
On Wed, Aug 12, 2020 at 03:51:11PM +0200, Patrick Frank wrote:
> Greg writes: You can execute the "./run" script by hand for testing
> purposes [...]
>
> When I tried "exec envuidgid Gnscache ..." it logged me out.
So don't do that. Test it with ./run instead, like I said.
> Greg writes:
On 12.08.20 15:28, Dan Ritter wrote:
Greg Wooledge wrote:
On Wed, Aug 12, 2020 at 02:59:23PM +0200, Patrick Frank wrote:
Greg writes: You can execute the "./run" script by hand for testing
purposes [...]
When I tried "exec envuidgid Gnscache ..." it logged me out.
Greg writes:
Greg Wooledge wrote:
> On Wed, Aug 12, 2020 at 02:59:23PM +0200, Patrick Frank wrote:
> > Hello,
> >
> > on a Debian 10 host I created a virtual machine with very basic features
> > to build a dns cache for my home network with djbdns. I fail to understand
> >
On Wed, Aug 12, 2020 at 02:59:23PM +0200, Patrick Frank wrote:
> Hello,
>
> on a Debian 10 host I created a virtual machine with very basic features
> to build a dns cache for my home network with djbdns. I fail to understand
> how Daemontools are used properly.
>
> Follo
Hello,
on a Debian 10 host I created a virtual machine with very basic features
to build a dns cache for my home network with djbdns. I fail to understand
how Daemontools are used properly.
Following the instructions on http://cr.yp.to/djbdns/install.html went okay.
http://cr.yp.to/djbdns/run
Le 26/05/2020 à 09:17, BERTRAND Joël a écrit :
RR at 'surf.homeg.lan' A 192.168.0.34
May 26 08:54:21 canoe kernel: [ 164.300678] audit: type=1400
audit(1590476061.014:21): apparmor="DENIED" operation="mknod"
profile="/usr/sbin/named" name="/etc/bind/db.homeg.lan.jnl" pid=923
Migrec a écrit :
> Bonjour,
Bonjour,
> Depuis le dernier redémarrage de mon serveur, j'ai un problème
> d'écriture des fichiers journaux de bind :
> May 26 08:54:20 canoe dhcpd[1303]: DHCPREQUEST for 192.168.0.34 from
> ac:fd:ce:c6:11:32 via enp2s0
> May 26 08:54:20 canoe dhcpd[1303]:
Bonjour,
Depuis le dernier redémarrage de mon serveur, j'ai un problème
d'écriture des fichiers journaux de bind :
May 26 08:54:20 canoe dhcpd[1303]: DHCPREQUEST for 192.168.0.34 from
ac:fd:ce:c6:11:32 via enp2s0
May 26 08:54:20 canoe dhcpd[1303]: DHCPACK on 192.168.0.34 to
ac:fd:ce:c6:11:32
t; secondary mail server.
> >
>
> Just curious, if I have multiple MX records, how would you sync the incoming
> emails (*) ? I can see with an NFS mounted home directory with Maildir
> mailboxes that could work and dovecot could probably run on multiple hosts
> (or
> at le
ple hosts
> (or
> at least it would be possible to switch the imap DNS entry if needed). But
> then the NFS server is the single point of failure. Are there better ways to
> sync the mail servers behind the MX records than NFS?
You're assuming the secondary MX performs actual loca
Am Montag, 18. Mai 2020, 19:58:06 CEST schrieb Dan Ritter:
> Rainer Dorsch wrote:
> > Hi,
> >
> > I am just wondering how a efficient setup for TLS/DNS for exim looks like:
> >
> > Right now I have an A entry in the DNS server for smtp. and a
> > letsenc
> > But what about a client like Thunderbird, kmail or Android mail clients.
> > They need an *outgoing* server.
> >
> > Do they handle MX records?
>
> No, if you need high availability for those, you need load
> balancing. DNS is not a good way of doing that;
a
> > fallback_relay option, Exim can accept multiple hosts in a
> > route_list statement, and so forth.)
>
> Thanks again for your reply.
>
> But what about a client like Thunderbird, kmail or Android mail clients. They
> need an *outgoing* server.
>
> Do they handle MX records?
Am Montag, 18. Mai 2020, 20:50:49 CEST schrieb Dan Ritter:
> Rainer Dorsch wrote:
> > Am Montag, 18. Mai 2020, 19:58:06 CEST schrieb Dan Ritter:
> > > I think you're overcomplicating it.
> > >
> > > Your domain can and should have two or more MX records, with
> > > different priority levels. The
Rainer Dorsch wrote:
> Am Montag, 18. Mai 2020, 19:58:06 CEST schrieb Dan Ritter:
> > I think you're overcomplicating it.
> >
> > Your domain can and should have two or more MX records, with
> > different priority levels. The MX records don't even have to
> > point to names in your domain.
> >
Am Montag, 18. Mai 2020, 19:58:06 CEST schrieb Dan Ritter:
> Rainer Dorsch wrote:
> > Hi,
> >
> > I am just wondering how a efficient setup for TLS/DNS for exim looks like:
> >
> > Right now I have an A entry in the DNS server for smtp. and a
> > letsenc
Rainer Dorsch wrote:
> Hi,
>
> I am just wondering how a efficient setup for TLS/DNS for exim looks like:
>
> Right now I have an A entry in the DNS server for smtp. and a
> letsencrypt certificate as well.
>
> If I setup a new server and call it SMTP2, I need to
Hi,
I am just wondering how a efficient setup for TLS/DNS for exim looks like:
Right now I have an A entry in the DNS server for smtp. and a
letsencrypt certificate as well.
If I setup a new server and call it SMTP2, I need to reconfigure this in all my
email clients. If I install the SMTP
On Mon, 30 Mar 2020 15:33:03 +0200
mj wrote:
> Maar is het punt niet dat ook wanneer lieden hun DNS niet op orde
> hebben, een NXDOMAIN nog steeds instant zou moeten komen...
Uhhh, nee, een NXDOMAIN is een antwoord van een server, een server die
kapot of down is geeft geen antwoord, oo
Hoi!
On 3/30/20 2:16 PM, Richard Lucassen wrote:
Gebruik iptables -nL dan heb je dat reverse lookup gezeur niet. Er zijn
altijd figuren die de boel niet op orde hebben en bovendien gaat -n
vele malen sneller, ook al werkt de DNS.
Maar is het punt niet dat ook wanneer lieden hun DNS niet op
Hoi allemaal!
On 3/30/20 2:35 PM, Richard Lucassen wrote:
On Mon, 30 Mar 2020 12:51:54 +0200
mj wrote:
Weet iemand waar ik iets zou kunnen checken?
Hier geprobeerd, de eerste keer 3 sec, de tweede keer (cache) net zo
snel als -n
Het lijkt niks met een cache te maken te hebben: tien keer
NS record. Is het niet zoiets?
Bij mij krijg ik vanaf die server dus wel antwoord van DNS, en telkens
ook instant. Er lijkt op zich dus niks met DNS aan de hand te zijn.
En inderdaad geen timeout, maar NXDOMAIN.
MJ
On Mon, 30 Mar 2020 14:33:32 +0200
Richard Lucassen wrote:
> > Echter: beide "not founds" zijn instant.
>
> En ook als je dat na die "host " doet? Dan zit de NXDOMAIN in de
> cache.
Ik heb wel op een firewall met 3000 rules dat de -L blijft hangen op
een server die niet werkt:
$ host
On Mon, 30 Mar 2020 12:51:54 +0200
mj wrote:
> Weet iemand waar ik iets zou kunnen checken?
Hier geprobeerd, de eerste keer 3 sec, de tweede keer (cache) net zo
snel als -n
--
richard lucassen
http://contact.xaq.nl/
On Mon, 30 Mar 2020 12:51:54 +0200
mj wrote:
> Maar: ik verwacht dus dat er op dat systeem een probleem is mbt dns
> resolving. Dus verwacht dat het volgnde ook traag is:
>
> > root@server:/etc# host 45.142.195.2
> > Host 2.195.142.45.in-addr.arpa. not found: 3(NXDOMAIN)
ook al werkt de DNS.
R.
--
richard lucassen
http://contact.xaq.nl/
mp-port-unreachable
> > REJECT all -- ip-38-82.ZervDNS anywhere reject-with
> > icmp-port-unreachable
> > RETURN all -- anywhere anywhere
>
> Ik kan natuurlijk met iptables -L -n zorgen dat de output nummeriek blijft,
> en dan is ie i
anywhere
Ik kan natuurlijk met iptables -L -n zorgen dat de output nummeriek
blijft, en dan is ie inderdaad snel.
Maar: ik verwacht dus dat er op dat systeem een probleem is mbt dns
resolving. Dus verwacht dat het volgnde ook traag is:
root@server:/etc# host 45.142.195.2
Host
en policy routing
gebruiken, dan hoef je niet zo moeilijk te doen. Zodra de
tunnel opkomt gewoon een andere routetabel kiezen en die heeft z'n
eigen [ip|nf]tables scripts. Overigens draait openvpn bij hen wel als
root, ik ben daar niet zo'n voorstander van.
Misschien is het handig het eindpunt van
gt;>> ln -s /etc/openvpn/resolv/resolv.conf /etc/resolv.conf
>>
>> Networkmanager heeft de neiging om /etc/resolv.conf te veranderen. Het
>> zet er bij IPv6 een lokale nameserver bij die DNS-leaks kan geven. In
>> de praktijk doet hij dat niet, maar als de andere uitvalt
and er meer aan mogen zitten. Vandaar dat ik er
een link van zou maken die naar een andere dir wijst.
> > ln -s /etc/openvpn/resolv/resolv.conf /etc/resolv.conf
>
> Networkmanager heeft de neiging om /etc/resolv.conf te veranderen. Het
> zet er bij IPv6 een lokale nameserver bij die D
en aanmaken en daar in die specifieke dir /etc/openvpn/resolv (die
> writable is voor de user openvpn) een "ln -sf resolv.conf" op
> kunnen loslaten door dat script dat openvpn aanstuurt. En dan maak
> je als root in de /etc/ dir een link naar
>
> ln -s /etc/openvpn/r
solv-default.conf
kunnen aanmaken en daar in die specifieke dir /etc/openvpn/resolv (die
writable is voor de user openvpn) een "ln -sf resolv.conf" op
kunnen loslaten door dat script dat openvpn aanstuurt. En dan maak
je als root in de /etc/ dir een link naar
ln -s /etc/openvpn/resolv/resol
niet helemaal
>> wat ik wou. Ik gebruik het VPN-IP van VPN-server als nameserver.
>>
>> Geen DNS leakage meer volgens https://www.dnsleaktest.com/ .
>
> En je vertrouwt de DNS aan de andere kant van de tunnel wel?
Dat is mijn eigen DNS-server. Op het moment nog DNSmasq
v.conf laten aanpassen,
up is niet zo'n probleem (dan is-ie nog root), down heb je sudo voor
nodig.
> Tja, nu is alleen de nameserver wel statisch geworden, niet helemaal
> wat ik wou. Ik gebruik het VPN-IP van VPN-server als nameserver.
>
> Geen DNS leakage meer volgens https://www.d
Op 24-02-2020 om 18:50 schreef Paul van der Vlis:
> Hoi,
>
> Ik probeer OpenVPN zo op te zetten dat er geen "dns leakage" is.
>
> Als ik de VPN start dan wordt netjes de dns gewijzigd in
> /etc/resolv.conf door update-resolv-conf. Echter, er wordt hier alleen
> ee
Hoi,
Ik probeer OpenVPN zo op te zetten dat er geen "dns leakage" is.
Als ik de VPN start dan wordt netjes de dns gewijzigd in
/etc/resolv.conf door update-resolv-conf. Echter, er wordt hier alleen
een DNS toegevoegd, de oude is er ook nog. Ik wil dat alleen de DNS
wordt gebruik
60::, 2001:4860:4860::8844;
> >> >
> >> > avoids the error message, but has no visible effect I can see. The IPv6
> >> > DNS
> >> > servers still do not show in resolv.conf.
> >>
> >> You may receive IPv6 DNS information
message, but has no visible effect I can see. The IPv6
>> > DNS
>> > servers still do not show in resolv.conf.
>>
>> You may receive IPv6 DNS information from IPv6 Router Advertisements
>> (RA) with rdnssd, not DHCPv6.
>
> Many thanks, Pascal, that expla
Am Mittwoch, 15. Januar 2020, 00:09:16 CET schrieb Pascal Hambourg:
> Le 14/01/2020 à 21:14, Rainer Dorsch a écrit :
> > prepend dhcp6.name-servers 2001:4860:4860::, 2001:4860:4860::8844;
> >
> > avoids the error message, but has no visible effect I can see. The IPv6
>
On Tue, Jan 14, 2020 at 01:18:01PM -0500, Greg Wooledge wrote:
> On Tue, Jan 14, 2020 at 12:12:03PM -0500, Bob Weber wrote:
> > Just edit the file /etc/resolv.conf and make it immutable (chattr +i
[...]
> That is one of the options given on the wiki page.
>
>
Le 14/01/2020 à 21:14, Rainer Dorsch a écrit :
prepend dhcp6.name-servers 2001:4860:4860::, 2001:4860:4860::8844;
avoids the error message, but has no visible effect I can see. The IPv6 DNS
servers still do not show in resolv.conf.
You may receive IPv6 DNS information from IPv6 Router
t;
> Thank you for all the good replies to this thread.
>
> prepend dhcp6.name-servers 2001:4860:4860::, 2001:4860:4860::8844;
>
> avoids the error message, but has no visible effect I can see. The IPv6 DNS
> servers still do not show in resolv.conf.
>
> Unfortunately
he wiki page.
>
> https://wiki.debian.org/resolv.conf
>
> Be sure you work around bug #860928 if you use this approach.
Thank you for all the good replies to this thread.
prepend dhcp6.name-servers 2001:4860:4860::, 2001:4860:4860::8844;
avoids the error message, but has no
On Tue, Jan 14, 2020 at 12:12:03PM -0500, Bob Weber wrote:
> Just edit the file /etc/resolv.conf and make it immutable (chattr +i
> /etc/resolv.conf). At least you will know what is in the file and that it
> can't be changed (mistakes and all). I use this to keep chrome from
> changing the
Meanwhile, there are a few different ways to keep your resolv.conf
file untouched, rather than relying on isc-dhcp-client to continually
rewrite it in the form you want. The wiki page describes some of
those ways.
Personally, I do not understand the appeal of the "put lines in
configuration
On Tue, Jan 14, 2020 at 03:00:50PM +, Curt wrote:
> On 2020-01-14, Greg Wooledge wrote:
> > On Tue, Jan 14, 2020 at 09:37:05AM +0100, Rainer Dorsch wrote:
> >> I tried to switch to other servers, e.g. Google, but this does not work,
> >> since
> >>
> >> /etc/resolv.conf gets overwritten
201 - 300 of 6814 matches
Mail list logo
