How is DNS organized for the national VPN? Is someone running root nameservers?
A "private" version of the .cu namespace, that the rest of us can't see,
perhaps?
If you're trying to build this from scratch, then you can start by setting up
your own root zone. But I suspect there's something already available, and you
just need to ask around and find out how to configure your local nameserver to
access the national DNS infrastructure.
- Kevin
-----Original Message-----
From: bind-users-boun...@lists.isc.org
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Int
Sent: Wednesday, August 26, 2015 5:41 PM
To: bind-users@lists.isc.org
Cc: n...@eml.cc
Subject: DNS connection refused : round-robin pools
Importance: High
I do not have access to Internet in my case, only have access to a national
VPN, As I can disable the zone "."
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
As I can avoid that the DNS try to get connected to consult db.root In order
that in the DNS you not get lost time trying to access addresses IP unreachable
or refused for my NET
Regularly I check my Log and I find the following: The DNS trying to access
places of Internet
I need to publish in my DNS for my very NET'S correct functioning Addresses my
servers's IP premises in DMZ, And that this out-of-doors only upon command
sites .cu, Should solve it the server DNS making another servers forward DNS
authorized in our national VPN
# tail -1000 /var/log/syslog |grep named
Aug 26 21:17:26 ns2 named[1093]: error (connection refused) resolving
'G.ROOT-SERVERS.NET/AAAA/IN': 192.58.128.30#53 Aug 26 21:17:26 ns2 named[1093]:
error (connection refused) resolving 'D.ROOT-SERVERS.NET/AAAA/IN':
128.8.10.90#53 Aug 26 21:17:26 ns2 named[1093]: error (connection refused)
resolving 'C.ROOT-SERVERS.NET/AAAA/IN': 192.228.79.201#53 Aug 26 21:17:26 ns2
named[1093]: error (connection refused) resolving 'B.ROOT-SERVERS.NET/AAAA/IN':
192.228.79.201#53 Aug 26 21:17:26 ns2 named[1093]: error (connection refused)
resolving 'E.ROOT-SERVERS.NET/AAAA/IN': 192.112.36.4#53
Tell me if they have any suggestion for my case.
Greetings from Cuba
William
-----------------------------------
I run bind 9.10.2-P3.
I have three classes of forwarders that I'd like to use:
(1) my own, hosted forwarder. fast & private, but not redundant infrastructure
(2) private/encrypted hosted forwarders. slow, private, and redundant
infrastructure.
(3) reliable ISP & public forwarders. fast, redundant, privacy-challenged
(Google, OpenDNS, AT&T, etc).
Reading the Arm & chatting in #irc IIUC 'forwarders' are NOT queried in order
listed, and there's no option to set priority, failover, round-robin etc.
I'm requesting such a feature.
For example,
Forwaders would be queried in order of priority, and pools of multiple
forwarders would be round-robin weighted within a given priority level.
So in conf, we could have
forward only;
forwarders { 11.11.11.11 port 11111 prio 1; 22.22.22.1 port 53 prio 2;
22.22.22.2 port 53 prio 2; 8.8.8.8 prio 3; 8.8.4.4 prio 3; };
Thanks!
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
