Hello friends, Please find my response below in highlighted text. Regards Parashar
On Tue, Apr 12, 2011 at 5:21 AM, <bind-users-requ...@lists.isc.org> wrote: > Send bind-users mailing list submissions to > bind-users@lists.isc.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.isc.org/mailman/listinfo/bind-users > or, via email, send a message with subject or body 'help' to > bind-users-requ...@lists.isc.org > > You can reach the person managing the list at > bind-users-ow...@lists.isc.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of bind-users digest..." > > > Today's Topics: > > 1. dns record delegation (Parashar Singh) > 2. Re: dns record delegation (terry) > 3. Re: dns record delegation (Matus UHLAR - fantomas) > 4. Re: BIND9 fails resolving after connecting to VPN (kapetr) > 5. NS record, nameserver down. (fddi) > 6. Re: NS record, nameserver down. (terry) > 7. AW: ipv6 PTR in zone file (walter.jontofs...@t-systems.com) > 8. Re: AW: ipv6 PTR in zone file (Marco Davids (SIDN)) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 12 Apr 2011 09:25:15 +0530 > From: Parashar Singh <parashar.singh2...@gmail.com> > Subject: dns record delegation > To: bind-users@lists.isc.org > Message-ID: <BANLkTikjyGeSsobQ7OHms-fOK2R=ruw...@mail.gmail.com> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Friends, > I'm using bind 9.7.I want to delegate all wild card (*) request to another > name server. Hence whenever any request, say a.example.com or > b.example.comor > c.example.com comes to Authoritative name server for example.com, it > should > be delegated (redirected) to another name server GLB. This GLB name server > will be containing database for those records in example.com, and it > should > be doing resolution for example.com. > For this, when I'm trying to configure the zone file for example.com with > following: > > * IN NS ns1.GLB.com <http://ns1.glb.com/> > but it's not working. Can anyone suggest, how to configure this in bind? > > Regards > Parashar > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > https://lists.isc.org/pipermail/bind-users/attachments/20110412/a8ca5e46/attachment-0001.html > > > > ------------------------------ > > Message: 2 > Date: Tue, 12 Apr 2011 12:15:50 +0800 > From: terry <te...@geekmail.de> > Subject: Re: dns record delegation > To: bind-users@lists.isc.org > Message-ID: <4da3d1f6.9080...@geekmail.de> > Content-Type: text/plain; charset=UTF-8; format=flowed > > ? 2011-4-12 11:55, Parashar Singh ??: > > * IN NS ns1.GLB.com <http://ns1.glb.com/> > > <http://ns1.GLB.com<http://ns1.glb.com/> > > > > but it's not working. Can anyone suggest, how to configure this in bind? > > I was thinking you need a forward zone rather than the wild. > > Hi Terry, The zone file example.com, already containing 10-20 A records. For rest of records only it should forward request to ns1.GLB.com. > -- > terry - te...@geekmail.de > > > ------------------------------ > > Message: 3 > Date: Tue, 12 Apr 2011 08:50:06 +0200 > From: Matus UHLAR - fantomas <uh...@fantomas.sk> > Subject: Re: dns record delegation > To: bind-users@lists.isc.org > Message-ID: <20110412065006.ga27...@fantomas.sk> > Content-Type: text/plain; charset=us-ascii > > On 12.04.11 09:25, Parashar Singh wrote: > > I'm using bind 9.7.I want to delegate all wild card (*) request to > another > > name server. > > what _exactly_ do you mean by "wildcard requests"? > Here wild card * means all RRs, which are not explicitely defined within zone file example.com. Re-iterating my requirement: All RRs already defined within zone file example.com shall be resolved locally, for all othere requests, the requests should be delegated to another name server ns1.glb.com. > > > Hence whenever any request, say a.example.com or b.example.comor > > c.example.com comes to Authoritative name server for example.com, it > should > > be delegated (redirected) to another name server GLB. This GLB name > server > > will be containing database for those records in example.com, and it > should > > be doing resolution for example.com. > > You can delegate example.com to another server, all requests for > example.com > and anything under example.com will be directed to it. > > > For this, when I'm trying to configure the zone file for example.comwith > > following: > > > > * IN NS ns1.GLB.com <http://ns1.glb.com/> > > but it's not working. Can anyone suggest, how to configure this in bind? > > you don't need to create wildcard delegation. > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > "Two words: Windows survives." - Craig Mundie, Microsoft senior strategist > "So does syphillis. Good thing we have penicillin." - Matthew Alton > > > ------------------------------ > > Message: 4 > Date: Tue, 12 Apr 2011 10:33:57 +0200 (CEST) > From: "kapetr" <kap...@mizera.cz> > Subject: Re: BIND9 fails resolving after connecting to VPN > To: bind-users@lists.isc.org > Message-ID: <694540cee07f53909e24c78390734...@mail3.volny.cz> > Content-Type: text/plain; charset="us-ascii" > > Hello, > > Kevin Darcy <k...@chrysler.com> WROTE: > > > > Do You thing, that this VPN provider > > > - blocks direct (not recursive) DNS questions > > > and > > > > - manipulates recursive queries ? [catch them, > > > make query itself and > > > > answers with manipulated server IP] > > > > > > ??? > > None of your queries were non-recursive (you'd > > need "+norec" on your dig > > command line for that), so I wouldn't jump to the > > conclusion that > > non-recursive queries are being blocked. > > I did mean queries from my local BIND, not from dig command. > > > > > What's more likely happening is that *all* of your > > queries are being > > transparently redirected to a recursive resolver. > > Although, I'd be > > curious to see what responses you get if you > > actually generate > > non-recursive queries (with the "+norec"). > > > > I have try it. Unfortunately ... > > I have get normal answers (from DNS server in Internet, which was > accessed over the new default route == over VPN) even with > +norecurse or +trace. These non-recurse queries have go over the VPN > and I have get normal answers. :-( > > I have hope/thing, we are on the right way to solve the problem ... > > But the only who get crazy is still only the local BIND. > Recurse and non-recurse queries goes over the VPN without problems. > I have follow that in wireshark and routing and source addresses > seems to be OK. > > > > If it's redirecting non-recursive queries to some > > caching nameserver, > > then that probably explains why named goes stupid > > when the VPN is up, > > since it won't be able to use the > > non-authoritative answers it sees. > > > As I wrote in previous post, there must be something ..., while the > root server has give recursive answer while VPN and not while normal > direct connection to Internet. > > But about the non-recurse queries ... see above. > > > > > > - Kevin > > Any other Ideas ? > > Thanks > > --kapetr > > > > ------------------------------ > > Message: 5 > Date: Tue, 12 Apr 2011 10:34:30 +0200 > From: fddi <f...@gmx.it> > Subject: NS record, nameserver down. > To: Bind Users Mailing List <bind-users@lists.isc.org> > Message-ID: <4da40e96.5040...@gmx.it> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Hello, > I have a domain.com > > with w nameservers defined, for example > > ;; ANSWER SECTION: > domain.com. 86400 IN NS ns1.domain.com. > domain.com. 86400 IN NS ns2.domain.com. > > ;; ANSWER SECTION: > ns1.domain.com. 86400 IN A 172.16.16.1 > ns2.domain.com. 86400 IN A 172.16.16.2 > > ;; ANSWER SECTION: > www.domain.com. 86400 IN A 172.16.16.80 > > > ns1 and ns2 are two nameservers with DLZ backend on mysql so the > architecture is multi-master. > > I wanted to ask what happens if one of the nameservers is down and a > remote host wants to resolve > a hostname on my domain. > > let's say ns1.domain.com. is down > > if a remote host does a query for www.domain.com will the query always > be succesful even if ns1 is down ? > or the NS records are just round-robin so that if the query arrives to > the one which is down, the query will fail ? > > thank you > > Rick > > > > > > > ------------------------------ > > Message: 6 > Date: Tue, 12 Apr 2011 16:50:52 +0800 > From: terry <te...@geekmail.de> > Subject: Re: NS record, nameserver down. > To: bind-users@lists.isc.org > Message-ID: <4da4126c.3020...@geekmail.de> > Content-Type: text/plain; charset=UTF-8; format=flowed > > ? 2011-4-12 16:34, fddi ??: > > if a remote host does a query for www.domain.com will the query always > > be succesful even if ns1 is down ? > > or the NS records are just round-robin so that if the query arrives to > > the one which is down, the query will fail ? > > > The clients will always try the second alive nameserver so your doman > names will be resolved without much problem. > > -- > terry - te...@geekmail.de > > > ------------------------------ > > Message: 7 > Date: Tue, 12 Apr 2011 10:50:16 +0200 > From: <walter.jontofs...@t-systems.com> > Subject: AW: ipv6 PTR in zone file > To: <bind-users@lists.isc.org> > Message-ID: > < > 901586ca8f92d543bfffd6e1122f5a36026bbe19a...@he101453.emea1.cds.t-internal.com > > > > Content-Type: text/plain; charset="us-ascii" > > > Hello, > > you could use ipv6calc (ftp://ftp.bieringer.de/pub/linux/ipv6/ipv6calc) to > calculate the reverse strings. > Then you can put them into the zone file. > > With Best regards, > > Walter > > > Im Auftrag von Michel de Nostredame > >Gesendet: Montag, 11. April 2011 20:44 > >An: bind-users > >Betreff: ipv6 PTR in zone file > > > >Hi BIND Users, > > > >I am not sure if my post here is proper or not. If not please > >kindly guide me to a correct list. > > > >I have lot of "static" IPv6 address needs to add into DNS PTR record. > >Most of them are server IP addresses and addresses on router > >interfaces. > >Compose proper PTR records, without human errors, is highly > >difficult (compares to IPv4 PTR records), as we encode some > >customer information into the address. > > > >I tried to look into bit-string and soon realized it is > >already removed from recent BIND versions. Then tried to > >search "$REVERSE" and "$INVERSE" on Google but got no much > >luck; seems not much development / discussion recently. > > > >For example, today we probably do PTR list this, > > > >$ORIGIN 0.0.0.0.0.0.d.4.1.a.1.0.1.0.0.2.ip6.arpa. > >1.0.1.a.0.0.0.5.6.0.c.1.0.0.5.6 PTR > >xe-3-0-3-101.ar.par1.fr.netname.net. > > > > > >What I am think about is if there is any potential possibility > >to compose IPv6 PTR records in ZONE files in a little easier method? > >something like > > > >$ORIGIN $REVERSE(2001:01a1:4d00:0000).ip6.arpa. > >$REVERSE(6500:1c06:5000:a101) PTR > >xe-3-0-3-101.ar.par1.fr.netname.net. > > > > > ------------------------------ > > Message: 8 > Date: Tue, 12 Apr 2011 11:21:14 +0200 > From: "Marco Davids (SIDN)" <marco.dav...@sidn.nl> > Subject: Re: AW: ipv6 PTR in zone file > To: <bind-users@lists.isc.org> > Message-ID: <4da4198a.6010...@sidn.nl> > Content-Type: text/plain; charset="ISO-8859-1" > > On 04/12/11 10:50, walter.jontofs...@t-systems.com wrote: > > > you could use ipv6calc (ftp://ftp.bieringer.de/pub/linux/ipv6/ipv6calc) > to calculate the reverse strings. > > Yes. > > Or do it 'the BIND way': > > dig -x 2001:7b8:c05::80:1 | grep ip6.arpa | tail -1 | awk '{print $1}' > > -- > Marco > > > Im Auftrag von Michel de Nostredame > >> Gesendet: Montag, 11. April 2011 20:44 > >> An: bind-users > >> Betreff: ipv6 PTR in zone file > >> > >> Hi BIND Users, > >> > >> I am not sure if my post here is proper or not. If not please > >> kindly guide me to a correct list. > >> > >> I have lot of "static" IPv6 address needs to add into DNS PTR record. > >> Most of them are server IP addresses and addresses on router > >> interfaces. > >> Compose proper PTR records, without human errors, is highly > >> difficult (compares to IPv4 PTR records), as we encode some > >> customer information into the address. > >> > >> I tried to look into bit-string and soon realized it is > >> already removed from recent BIND versions. Then tried to > >> search "$REVERSE" and "$INVERSE" on Google but got no much > >> luck; seems not much development / discussion recently. > >> > >> For example, today we probably do PTR list this, > >> > >> $ORIGIN 0.0.0.0.0.0.d.4.1.a.1.0.1.0.0.2.ip6.arpa. > >> 1.0.1.a.0.0.0.5.6.0.c.1.0.0.5.6 PTR > >> xe-3-0-3-101.ar.par1.fr.netname.net. > >> > >> > >> What I am think about is if there is any potential possibility > >> to compose IPv6 PTR records in ZONE files in a little easier method? > >> something like > >> > >> $ORIGIN $REVERSE(2001:01a1:4d00:0000).ip6.arpa. > >> $REVERSE(6500:1c06:5000:a101) PTR > >> xe-3-0-3-101.ar.par1.fr.netname.net. > > > ------------------------------ > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > End of bind-users Digest, Vol 829, Issue 1 > ****************************************** >
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
