Re: How See what is Cached?
On Sun, Jul 5, 2009 at 8:37 AM, Alans wrote: > Hi, > > > > My boss wants to know what sites are cached? Is that possible with Bind 9 > (OS: CentOS). > > > > Regards, > > Alans, > > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > rndc dumpdb -cache Check the rndc manual. By default the data will be written to file named_dump.db. Check the "dump-file" option in Bind ARM. ena ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: How See what is Cached?
I run that command but nothing happened! And named.conf option is dump-file "/data/cache_dump.db"; , I checked that directory that file doesn't exist!! Do you think there is a problem in configuration? Thanks, Alans -Original Message- From: Emil Natan [mailto:shly...@gmail.com] Sent: Sunday, July 05, 2009 10:54 AM To: Alans Cc: bind-users@lists.isc.org Subject: Re: How See what is Cached? On Sun, Jul 5, 2009 at 8:37 AM, Alans wrote: > Hi, > > > > My boss wants to know what sites are cached? Is that possible with Bind 9 > (OS: CentOS). > > > > Regards, > > Alans, > > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > rndc dumpdb -cache Check the rndc manual. By default the data will be written to file named_dump.db. Check the "dump-file" option in Bind ARM. ena ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: How See what is Cached?
> From: "Alans" > Date: Sun, 5 Jul 2009 11:29:27 +0300 > > I run that command but nothing happened! And named.conf option is > dump-file "/data/cache_dump.db"; , I checked that directory that file > doesn't exist!! > Do you think there is a problem in configuration? File / directory permissions perhaps? > [...] > > rndc dumpdb -cache > > Check the rndc manual. By default the data will be written to file > named_dump.db. Check the "dump-file" option in Bind ARM. > > ena ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: How See what is Cached?
Thanks guys, it was a permission issue, I recreated the /data directory and setted the permission as it should be then I ran rndc dumpdb -cache now I can see a very long file.. Cheers, Alans -Original Message- From: Gregory Hicks [mailto:ghi...@hicks-net.net] Sent: Sunday, July 05, 2009 11:45 AM To: shly...@gmail.com; batpowe...@yahoo.co.uk Cc: bind-users@lists.isc.org Subject: RE: How See what is Cached? > From: "Alans" > Date: Sun, 5 Jul 2009 11:29:27 +0300 > > I run that command but nothing happened! And named.conf option is > dump-file "/data/cache_dump.db"; , I checked that directory that file > doesn't exist!! > Do you think there is a problem in configuration? File / directory permissions perhaps? > [...] > > rndc dumpdb -cache > > Check the rndc manual. By default the data will be written to file > named_dump.db. Check the "dump-file" option in Bind ARM. > > ena ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Automating a KSK rollover
I've added some automation around signing zones. For the KSK - it has a default life of 12 month. I'm looking at having two valid KSK's running with an overlap of 6 month. This means updating dlv.isc.org every 6 months, adding a new key, removing the old key and leaving the key thats 6 months old. My system should remind me when to do this. Of course - I'm still in the first 6 month cycle - so there is only one KSK for now - so I'll only be adding a KSK next maintenance cycle. This is fine for a few domains but I agree it would be painful for many domains. I'd like to see a system that I can tickle - so that it fetches the new KSK from me (all automated). Now that my zone is 'secure' - I could use it to distribute a public key (PGP - whatever). I still have the TXT DLV record in my zone. Just thinking out-loud - as I'm interested too. One day - I'd expect this to be built into Registry/Registrar EPP type interfaces - fine except I like to host my own DNS. On Sat, 2009-07-04 at 22:36 -0700, Shane W wrote: > Hello all, > > So I just did a KSK rollover, just to get a feel for how > it's done, updating dlv.isc.org in the process. My question > though is one of administration. When a domain rolls its > ksk, will it be necessary to manually login to a website > and paste the new keys, login again a month later and > delete the old ksk? How will this work for sites hosting > many domains? Is there some sort of standardized way as yet > to communicate key changes to an upstream zone or in this > case a lookaside provider? > > Shane -- . . ___. .__ Posix Systems - Sth Africa. e.164 VOIP ready /| /| / /__ m...@posix.co.za - Mark J Elkins, Cisco CCIE / |/ |ARK \_/ /__ LKINS Tel: +27 12 807 0590 Cell: +27 82 601 0496 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: How See what is Cached?
One more question regarding cache, ns1 cache file is 60+ MB while ns2 cache file is 5 MB!! How to improve this issue? And is there any way to make cache file same on both servers? Regards, Alans -Original Message- From: Alans [mailto:batpowe...@yahoo.co.uk] Sent: Sunday, July 05, 2009 12:17 PM To: 'Gregory Hicks'; 'shly...@gmail.com' Cc: 'bind-users@lists.isc.org' Subject: RE: How See what is Cached? Thanks guys, it was a permission issue, I recreated the /data directory and setted the permission as it should be then I ran rndc dumpdb -cache now I can see a very long file.. Cheers, Alans -Original Message- From: Gregory Hicks [mailto:ghi...@hicks-net.net] Sent: Sunday, July 05, 2009 11:45 AM To: shly...@gmail.com; batpowe...@yahoo.co.uk Cc: bind-users@lists.isc.org Subject: RE: How See what is Cached? > From: "Alans" > Date: Sun, 5 Jul 2009 11:29:27 +0300 > > I run that command but nothing happened! And named.conf option is > dump-file "/data/cache_dump.db"; , I checked that directory that file > doesn't exist!! > Do you think there is a problem in configuration? File / directory permissions perhaps? > [...] > > rndc dumpdb -cache > > Check the rndc manual. By default the data will be written to file > named_dump.db. Check the "dump-file" option in Bind ARM. > > ena ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
FW: Question about Log message
Hi, A reverse zone file changes when transfers from master to slave, see below; Master Zone: 2.3.1.in-addr.arpa $TTL1W @ IN SOA ns1.domainname.com. root.domiainname.com. ( 2008082716 15M 10M 4W 1W ) IN NS ns1.domainname.com. IN NS ns2. domainname.com. 1 IN PTR ns1. domainname.com. 3 IN PTR ns2. domainname.com. 2 IN PTR www. domainname.com. Slave zone (transferred): 2.3.1.in-addr.arpa $ORIGIN . $TTL 604800 ; 1 week 2.3.1.in-addr.arpa IN SOA ns1. domainname.com. root. domainname.com. ( 2008082716 ; serial 900; refresh (15 minutes) 600; retry (10 minutes) 2419200; expire (4 weeks) 604800 ; minimum (1 week) ) NS ns1. domainname.com. NS ns2. domainname.com. $ORIGIN 2.3.1.in-addr.arpa. 1 PTR ns1. domainname.com. 2 PTR www. domainname.com. 3 PTR ns2. domainname.com. Is this fine? Regards, Alans ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind 9.6.1 stops after few hours.
At Fri, 3 Jul 2009 17:31:57 -0300, "Laurence Stendard" wrote: > After an upgrade to 9.6.1 we noticed the Bind daemon stops after few > hours. What do you mean by "stop"? Did the daemon crash, simply not respond to queries, or something else? >From which version did you upgrade your named? How often does that happen? Does the problem change if you disable threads and/or epoll (via --disable-threads / --disable-epoll)? --- JINMEI, Tatuya Internet Systems Consortium, Inc. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: How See what is Cached?
At Sun, 5 Jul 2009 15:01:29 +0300, "Alans" wrote: > One more question regarding cache, ns1 cache file is 60+ MB while ns2 cache > file is 5 MB!! > > How to improve this issue? What do you mean by "improve"? Having both servers cache (approximately) the same amount of data? If the reason for the unbalanced cache content is that you specify a lower size for ns2, you can "improve" it by increasing the max-cache-size value for ns2 (or decreasing it for ns1). If the reason is due to client-side server selection algorithm (many Unix based resolvers only uses the first address in /etc/resolv.conf as long as it responds to their queries), there's basically nothing you can do as the server side operator. > And is there any way to make cache file same on > both servers? I don't understand this question, if it doesn't mean the size of cached data. --- JINMEI, Tatuya Internet Systems Consortium, Inc. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: FW: Question about Log message
In message <001601c9fd68$cefef010$6cfcd0...@co.uk>, "Alans" writes: > Hi, > > > > A reverse zone file changes when transfers from master to slave, see below; The DNS doesn't transfer "files". It transfers zones. As long as each representation expands to the same conents there is not problem. Mark > Master Zone: 2.3.1.in-addr.arpa > > > > $TTL1W > > @ IN SOA ns1.domainname.com. root.domiainname.com. ( > > 2008082716 > > 15M > > 10M > > 4W > > 1W ) > > > > IN NS ns1.domainname.com. > > IN NS ns2. domainname.com. > > 1 IN PTR ns1. domainname.com. > > 3 IN PTR ns2. domainname.com. > > 2 IN PTR www. domainname.com. > > > > Slave zone (transferred): 2.3.1.in-addr.arpa > > $ORIGIN . > > $TTL 604800 ; 1 week > > 2.3.1.in-addr.arpa IN SOA ns1. domainname.com. root. domainname.com. ( > > 2008082716 ; serial > > 900; refresh (15 minutes) > > 600; retry (10 minutes) > > 2419200; expire (4 weeks) > > 604800 ; minimum (1 week) > > ) > > NS ns1. domainname.com. > > NS ns2. domainname.com. > > $ORIGIN 2.3.1.in-addr.arpa. > > 1 PTR ns1. domainname.com. > > 2 PTR www. domainname.com. > > 3 PTR ns2. domainname.com. > > > > Is this fine? > > > > Regards, > > Alans > > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: How See what is Cached?
Yes, by improve I meant to have both files approximately same size. As for my last question, I thought maybe there is an option that makes us be able to define a shared directory for all DNS server so they all cache data in one place instead of caching on each server and therefore the issue of non balanced cache file appears. Thanks, Alans -Original Message- From: JINMEI Tatuya / 神明達哉 [mailto:jin...@isc.org] Sent: Monday, July 06, 2009 2:19 AM To: Alans Cc: bind-users@lists.isc.org Subject: Re: How See what is Cached? At Sun, 5 Jul 2009 15:01:29 +0300, "Alans" wrote: > One more question regarding cache, ns1 cache file is 60+ MB while ns2 cache > file is 5 MB!! > > How to improve this issue? What do you mean by "improve"? Having both servers cache (approximately) the same amount of data? If the reason for the unbalanced cache content is that you specify a lower size for ns2, you can "improve" it by increasing the max-cache-size value for ns2 (or decreasing it for ns1). If the reason is due to client-side server selection algorithm (many Unix based resolvers only uses the first address in /etc/resolv.conf as long as it responds to their queries), there's basically nothing you can do as the server side operator. > And is there any way to make cache file same on > both servers? I don't understand this question, if it doesn't mean the size of cached data. --- JINMEI, Tatuya Internet Systems Consortium, Inc. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: How See what is Cached?
> Yes, by improve I meant to have both files approximately same size. > As for my last question, I thought maybe there is an option that makes us be > able to define a shared directory for all DNS server so they all cache data > in one place instead of caching on each server and therefore the issue of > non balanced cache file appears. The BIND cache is an in-memory cache. Steinar Haug, Nethelp consulting, sth...@nethelp.no ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
