Re: Reverse Configuration

2010-10-19 Thread João Alberto Kuchnier 
Thanks everybody! Everything is fine now! 

My ISP included my reverse in their DNS.

João K.

Em Dom, 2010-10-17 às 10:25 +0100, Matthew Seaman escreveu:
> On 16/10/2010 21:48, Kevin Oberman wrote:
> > To be completely clear, unless there is special software on the client
> > to deal with PTRs, you really only want ONE PTR for each address. Most
> > standard network tools tend to assume only one PTR per address and some
> > get very confused when multiple PTRs are returned.
> 
> I'm intrigued as to what software it is that gets confused by having
> multiple PTRs for IPs?  Given I've been running with exactly that
> configuration for many years, and never noticed any problems nor had any
> complaints.
> 
> Still, I hope this whole argument will be rendered moot with the advent
> of IPv6, where addresses are available in such enormous bounty that the
> sensible admin would not only assign an IP per network interface, but
> pretty much an IP per service too.  No more fiddling about with TTLs or
> waiting for changes to propagate should you need to shuffle things
> about, and a natural consequence is that only one PTR would be needed
> per .
> 
>   Cheers,
> 
>   Matthew
> 
> ___
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users


___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Automated signing in 9.7.2

2010-10-19 Thread Brett Carr 
Hi,
   I'm currently doing some testing with 9.7.2-P2

I have a zone which is small (3 A records) and unsigned. I have
generated a KSK and a ZSK and made sure that named can read them and
placed them in /etc/bind.

I have added this to my config for the zone:

zone "ppgirl.org" IN {
type master;
file "/etc/bind/ppgirl.org";
allow-update {
key key-dnssigner.blacksun.localnet;
};
key-directory "/etc/bind";
auto-dnssec maintain;
sig-validity-interval 1;
notify yes;
also-notify { 192.168.1.249; };
};


Upon starting bind the ZSK and KSK have been added to the zone and I
also see the following records:

TYPE65534 \# 5 ( 05230B0001 )
TYPE65534 \# 5 ( 05D03E0001 )


However only 1 NSEC record and no signatures were added to the zone. I
have tried doing an rndc sign which does not add any signatures but
does write this to the logfile:

19-Oct-2010 08:35:43.255 general: info: received control channel
command 'sign ppgirl.org'
19-Oct-2010 08:35:43.255 general: info: zone ppgirl.org/IN:
reconfiguring zone keys
19-Oct-2010 08:35:43.283 general: info: zone ppgirl.org/IN: next key
event: 19-Oct-2010 20:35:43.283

Did I miss something??

Brett
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Multiple zones pointing to same zone file

2010-10-19 Thread John Wingenbach 
 I know that per Mark Andrews that named does not support having 
multiple zones pointing to the same zone file.  I can understand the 
issue if named does not support it for a slave server.  What about for a 
master server?  Are there any issues with named supporting that?


I would assume that whenever the zone file is changed, notifies for each 
zone utilizing that file would be sent out.  Is that correct?  Does 
named support that?  If not, are there any plans for named to support 
having multiple zones utilizing the same zone file?


I would prefer to make sure that we are using named in a supported 
fashion despite that it has been working this way. :)


-- John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Multiple zones pointing to same zone file

2010-10-19 Thread Jay Ford 

On Tue, 19 Oct 2010, John Wingenbach wrote:
I know that per Mark Andrews that named does not support having multiple 
zones pointing to the same zone file.  I can understand the issue if named 
does not support it for a slave server.  What about for a master server?  Are 
there any issues with named supporting that?


I would assume that whenever the zone file is changed, notifies for each zone 
utilizing that file would be sent out.  Is that correct?  Does named support 
that?  If not, are there any plans for named to support having multiple zones 
utilizing the same zone file?


I would prefer to make sure that we are using named in a supported fashion 
despite that it has been working this way. :)


"support" might a little strong, but it won't cause problems for non-dynamic
master zones like it will for slave zones.  Dynamic zones will break if 
you have them share files, just like slave zones will break.


Note that notifies are sent when the zone is (re)loaded, not when the 
associated file changes.  You'll have to reload each zone which is based on 
the file after you change the file.


This (along with other things) gets more interesting when you start signing
the zones for DNSSEC, but you might be able to play symlink games with the
unsigned file names to deal with that.


Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-f...@uiowa.edu, phone: 319-335-, fax: 319-335-2951
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users