Re: MX is a numeric IP
On May 20, 2009, at 11:33 PM, "Tech W." wrote: What will be happened if a MX is an numeric IP? From a DNS perspective, You may or may not get an error in reload. I have seen both cases where I do a lookup and get an ip. I have seen cases where the DNS server will complain. From a MTA's (receiving email server) perspective, a good deal of email will be rejected. I believe Exim out of the box will reject the mail. I reject by my choice in my configuration. Further, the MX must also point specifically to an A record. I hope that helps. -- Scott ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
bind as slave DNS to windows AD dns server
Hi, I'm trying to setup BIND named to be a slave a MS Windows 2008 server's AD domain. I set it up to be the slave and it works fine and I can resolv A records from the domain on the slave bind. However I can't resolve some SRV records like _ldap._tcp.dc._msdcs.DOMAIN Without this functionality a windows PC is unable to connect to the windows domain. At first it looked like the Windows DNS server gave BIND a partial zone file. Later after some googling I realized it has something to do with dynamic updates which I don't know how to set up and am not familiar with. Most google replies deal with setting up bind as the master server. Is it at all possible for BIND to act as a slave and forward the SRV updates to the master? If so, please point me to relevant documentation. Regards, -- Aleksander Kamenik System Administrator Krediidiinfo AS an Experian Company Phone: +372 665 9649 Email: aleksan...@krediidiinfo.ee http://www.krediidiinfo.ee/ http://www.experiangroup.com/ ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
bind as slave DNS to windows AD dns server
Aleksander Kamenik wrote: >I'm trying to setup BIND named to be a slave a MS Windows 2008 server's >AD domain. > >I set it up to be the slave and it works fine and I can resolv A records >from the domain on the slave bind. However I can't resolve some SRV >records like > >_ldap._tcp.dc._msdcs.DOMAIN > >Without this functionality a windows PC is unable to connect to the >windows domain. > >At first it looked like the Windows DNS server gave BIND a partial zone >file. Later after some googling I realized it has something to do with >dynamic updates which I don't know how to set up and am not familiar with. > >Most google replies deal with setting up bind as the master server. Is >it at all possible for BIND to act as a slave and forward the SRV >updates to the master? If so, please point me to relevant documentation. What zones are you slaving on your BIND server? There should be six: DomainDNSZones.example.com ForestDNSZones.example.com _msdcs.example.com _sites.example.com _tcp.example.com _udp.example.com If you have these six zones slaved on your BIND server, and these zones are being transferred successfully, then there should be no problems. See the archives of this list, where there have been many BIND/AD-related postings over the past years. You wrote: Is it at all possible for BIND to act as a slave and forward the SRV updates to the master? I am not sure what you mean? The Windows Domain Controllers will send any SRV updates to the Windows DNS Server, if the AD structure is properly configured. Client machine might ask your BIND servers for SRV information, but the DCs should not be sending dynamic DNS updates to your BIND slave for SRV records. -- Barry S. Finkel Computing and Information Systems Division Argonne National Laboratory Phone:+1 (630) 252-7277 9700 South Cass Avenue Facsimile:+1 (630) 252-4601 Building 222, Room D209 Internet: bsfin...@anl.gov Argonne, IL 60439-4828 IBMMAIL: I1004994 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Delegation of DHCP blocks within same server?
In article ,
Matthew Pounsett wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> On 20-May-2009, at 19:03, John Cole wrote:
>
> > For a concrete example:
> >
> > 10.0.0.0/16 is presently handled by a single zone file.
> > 10.1.3.0/24 is DHCP issued
> > 10.1.4.0/24 is DHCP issued
Note 1: 10.1.3.0/24 and 10.1.4.0/24 are not subnets of 10.0.0.0/16. Did
you mean 10.1.0.0/16 or 10.0.0.0/8?
> I haven't tested this... but I'm 99% certain that you can simply load
> them as three separate zones, exactly as you might expect. BIND
> should recognize that the zone{} statements for 10.1.3/24 and
> 10.1.4/24 are more-specific than what's in 10.0/16 and act
> accordingly. Along those same lines, if you happen to have data for
> either 10.1.3/24 or 10.1.4/24 inside the 10.0/16 zone file, you should
> get an error.
You should put in proper delegations for 3.1.10.in-addr.arpa and
4.1.10.in-addr.arpa. Typically you'd do it like this if you're using
10.1.0.0/16:
; in zone 1.10.in-addr.arpa
$TTL ...
@ IN SOA ...
@ IN NS
@ IN NS
3 IN NS
3 IN NS
4 IN NS
4 IN NS
; rest of content for 1.10.in-addr.arpa
or like this if you're using 10.0.0.0/8:
; in zone 10.in-addr.arpa
$TTL ...
@ IN SOA ...
@ IN NS
@ IN NS
3.1 IN NS
3.1 IN NS
4.1 IN NS
4.1 IN NS
; rest of content for 10.in-addr.arpa
Sam
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: MX is a numeric IP
Tech W. wrote: What will be happened if a MX is an numeric IP? for example, # dig vip.online2.sh.cn mx +short 10 218.1.71.125. It's syntactically valid. But, since there is no "125" top-level domain, or, obviously, any subdomains of of that domain, semantically it's incorrect. To put it another way, it's a correctly-formed record, pointing at something that doesn't exist. It's also a flag that expresses "hey everybody, I don't know how to edit zone files properly!". - Kevin ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bind as slave DNS to windows AD dns server
b19...@anl.gov wrote: Aleksander Kamenik wrote: I'm trying to setup BIND named to be a slave a MS Windows 2008 server's AD domain. I set it up to be the slave and it works fine and I can resolv A records from the domain on the slave bind. However I can't resolve some SRV records like _ldap._tcp.dc._msdcs.DOMAIN Without this functionality a windows PC is unable to connect to the windows domain. At first it looked like the Windows DNS server gave BIND a partial zone file. Later after some googling I realized it has something to do with dynamic updates which I don't know how to set up and am not familiar with. Most google replies deal with setting up bind as the master server. Is it at all possible for BIND to act as a slave and forward the SRV updates to the master? If so, please point me to relevant documentation. What zones are you slaving on your BIND server? There should be six: DomainDNSZones.example.com ForestDNSZones.example.com _msdcs.example.com _sites.example.com _tcp.example.com _udp.example.com Ok, understood. I had only example.com slaved, turns out I have to get the subdomains instead. I'll try this when I get to work. Thanks! If you have these six zones slaved on your BIND server, and these zones are being transferred successfully, then there should be no problems. See the archives of this list, where there have been many BIND/AD-related postings over the past years. You wrote: Is it at all possible for BIND to act as a slave and forward the SRV updates to the master? I am not sure what you mean? The Windows Domain Controllers will send any SRV updates to the Windows DNS Server, if the AD structure is properly configured. Client machine might ask your BIND servers for SRV information, but the DCs should not be sending dynamic DNS updates to your BIND slave for SRV records. Ok, got it. Regards, -- Aleksander Kamenik System Administrator Krediidiinfo AS an Experian Company Phone: +372 665 9649 Email: aleksan...@krediidiinfo.ee http://www.krediidiinfo.ee/ http://www.experiangroup.com/ ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
