Re: DNSSEC and forward zones
Lyle wrote on 11/01/2011 04:19:18 PM: > Again, this has a disadvantage if they ever decide to make .internal a > real internet domain name and some people frown upon this practice. Be > sure you know what can go wrong. Is there an IETF/ICANN reserved TLD for internal use? I've seen plenty of .loc and .local, but I haven't seen an RFC reserving it. RFC 2606 reserves .example, .invalid, .localhost and .test but these don't seem approriate. Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNSSEC and forward zones
> Is there an IETF/ICANN reserved TLD for internal use? I've seen plenty of > .loc and .local, but I haven't seen an RFC reserving it. RFC 2606 > reserves .example, .invalid, .localhost and .test but these don't seem > approriate. Not IETF/ICANN reserved, but ISO 3166 [1] reserves the following code elements which could be used as "private" ccTLD :) "If users need code elements to represent country names not included in this part of ISO 3166, the series of letters AA, QM to QZ, XA to XZ, and ZZ, and the series AAA to AAZ, QMA to QZZ, XAA to XZZ, and ZZA to ZZZ respectively and the series of numbers 900 to 999 are available." Regards, -JP [1] http://www.iso.org/iso/customizing_iso_3166-1.htm ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNSSEC and forward zones
On Wednesday 02 November 2011 08:00:55 Jan-Piet Mens wrote: > > Is there an IETF/ICANN reserved TLD for internal use? I've seen > > plenty of .loc and .local, but I haven't seen an RFC reserving .local is used in MDNS, but AFAIK the RFC is still a draft. > > it. RFC 2606 reserves .example, .invalid, .localhost and .test > > but these don't seem approriate. > > Not IETF/ICANN reserved, but ISO 3166 [1] reserves the following > code elements which could be used as "private" ccTLD :) > > "If users need code elements to represent country names not > included in this part of ISO 3166, the series of letters > AA, QM to QZ, XA to XZ, and ZZ, and the series AAA to AAZ, > QMA to QZZ, XAA to XZZ, and ZZA to ZZZ respectively and the > series of numbers 900 to 999 are available." Note, the new .XXX TLD is included in that list. -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNSSEC and forward zones
On Wed, Nov 02, 2011 at 08:45:31AM -0400, wbr...@e1b.org wrote: > Lyle wrote on 11/01/2011 04:19:18 PM: > > > Again, this has a disadvantage if they ever decide to make .internal a > > real internet domain name and some people frown upon this practice. Be > > sure you know what can go wrong. > > Is there an IETF/ICANN reserved TLD for internal use? I've seen plenty of > .loc and .local, but I haven't seen an RFC reserving it. I happened to be looking for some other details on mDNS yesterday and noticed that the current draft version of the spec reserves .local: http://tools.ietf.org/html/draft-cheshire-dnsext-multicastdns-14 This document specifies that the DNS top-level domain ".local." is a special domain with special semantics, namely that any fully- qualified name ending in ".local." is link-local, and names within this domain are meaningful only on the link where they originate. At the same time it also specifies that .local can only be used with mDNS, so it isn't really suitable for this use. . . Bill. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNSSEC and forward zones
> Note, the new .XXX TLD is included in that list. Does that mean it is or isn't safe for work? ;-) -JP ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNSSEC and forward zones
Bill Owens wrote on 11/02/2011 09:26:07 AM: > I happened to be looking for some other details on mDNS yesterday > and noticed that the current draft version of the spec reserves .local: > > http://tools.ietf.org/html/draft-cheshire-dnsext-multicastdns-14 >This document specifies that the DNS top-level domain ".local." is a >special domain with special semantics, namely that any fully- >qualified name ending in ".local." is link-local, and names within >this domain are meaningful only on the link where they originate. > > At the same time it also specifies that .local can only be used with > mDNS, so it isn't really suitable for this use. . . But it does provide some alternatives: .intranet .internal .private .corp .home .lan But can we guarantee that they won't be approved as new public TLDs per the new rules adopted this summer where anything can be a TLD? Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNSSEC and forward zones
On Wed, Nov 02, 2011 at 10:02:45AM -0400, wbr...@e1b.org wrote: > But it does provide some alternatives: > > .intranet > .internal > .private > .corp > .home > .lan > > But can we guarantee that they won't be approved as new public TLDs per > the new rules adopted this summer where anything can be a TLD? Oops, I didn't read that far in the draft ;) Interesting question, and it forced me to download and crack open the 352-page ICANN guidebook for new gTLDs. Page 2-8 says: Top-Level Reserved Names List AFRINIC ALAC APNIC ARIN ASO CCNSO EXAMPLE* GAC GNSO GTLD-SERVERS IAB IANA IANA-SERVERS ICANN IESG IETF INTERNIC INVALID IRTF ISTF LACNIC LOCAL LOCALHOST NIC NRO RFC-EDITOR RIPE ROOT-SERVERS RSSAC SSAC TEST* TLD WHOIS WWW *Note that in addition to the above strings, ICANN will reserve translations of the terms “test” and “example” in multiple languages. The remainder of the strings are reserved only in the form included above. I suppose any of those could be used. I like .invalid, personally ;) Bill. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: DNSSEC and forward zones
On Nov 2 2011, Jan-Piet Mens wrote: Note, the new .XXX TLD is included in that list. Does that mean it is or isn't safe for work? ;-) It depends on whether the XXX TLD acquires a signed delegation or not. (Presumably it should, as you wouldn't want to get the *wrong* porn ...) -- Chris Thompson Email: c...@cam.ac.uk ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
DNS Bulk Query Tool
Dear All, I set up a new DNS Server using Bind 9.7 For meantime I open this server for the whole world. I wanna check how many queries it can handle. Is this any freeware available for checking this. Is there any tool available by which I can come to know after how much load my DNS will be down (Or it will stop responding) ??? Thanks and Regards, Gaurav Kansal 8860785630 9910118448 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: DNS Bulk Query Tool
Hi Gaurav, I would use dnsperf and the 1 million website list from Alexa: DNSPerf: Freebsd: http://www.freshports.org/dns/dnsperf Depending on your OS there are available ports too. Alexa's list: http://s3.amazonaws.com/alexa-static/top-1m.csv.zip Did that in the past and it worked pretty well. Thanks, ___ Marco Bicca -Original Message- From: bind-users-bounces+marco_bicca=symantec@lists.isc.org [mailto:bind-users-bounces+marco_bicca=symantec@lists.isc.org] On Behalf Of Gaurav Kansal Sent: Wednesday, November 02, 2011 10:49 AM To: bind-users@lists.isc.org Subject: DNS Bulk Query Tool Dear All, I set up a new DNS Server using Bind 9.7 For meantime I open this server for the whole world. I wanna check how many queries it can handle. Is this any freeware available for checking this. Is there any tool available by which I can come to know after how much load my DNS will be down (Or it will stop responding) ??? Thanks and Regards, Gaurav Kansal 8860785630 9910118448 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users smime.p7s Description: S/MIME cryptographic signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
