Anyone using Radware Appdirector 12016 XL in front of the resolvers?

2012-11-24 Thread Barry Greene 
Hi Team,

My integrator is recommending the Radware Appdirector 12016 XL as load 
balancers in front of our resolvers. Does anyone have any experience or a POV 
on Radware? 

Thanks,

Barry

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: First usage of BIND9

2012-11-24 Thread Lyle Giese 

On 11/24/12 11:39, Daniele Imbrogino wrote:
I'd like to use BIND9 in the simplest way possible: I just want to 
install it and use it for name resolution of Internet hosts.
So, on Ubuntu 12.04, I run "sudo apt-get install bind9 bind9utils 
bind9-doc" and then "dig @127.0.0.1  www.amazon.com 
" (for example), but I ALWAYS obtain a SERVFAIL.

Why? Is it necessary a configuration for this minimal use, too?


Yes, it's necessary to have a named.conf in the proper location and you 
have to start named.  Is named even running?


See the ARM for a sample for a caching-only name server, which is what 
you are asking for.


Lyle Giese
LCR Computer Services, Inc.

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: First usage of BIND9

2012-11-24 Thread /dev/rob0 
On Sat, Nov 24, 2012 at 06:39:31PM +0100, Daniele Imbrogino wrote:
> I'd like to use BIND9 in the simplest way possible: I just want
> to install it and use it for name resolution of Internet hosts.
> So, on Ubuntu 12.04, I run "sudo apt-get install bind9 bind9utils
> bind9-doc" and then "dig @127.0.0.1 www.amazon.com" (for example),
> but I ALWAYS obtain a SERVFAIL.
> Why? Is it necessary a configuration for this minimal use, too?

No, but your distributor gave you one; it apparently does not work. 
You could empty out your named.conf(5) and get the result you want:

root@telescreen:~# cd /etc/
root@telescreen:/etc# mv named.conf named.conf.dist
root@telescreen:/etc# touch named.conf
root@telescreen:/etc# named
root@telescreen:/etc# dig @127.0.0.1 www.amazon.com any
...

By default you will allow recursion for "localnets" (the BIND built 
in ACL for all locally-attached networks.) If it's behind a router, 
this is probably what you want. If not, you might want to restrict 
your configuration (listen-on or allow-query) on the external 
interface, and/or block the traffic (inbound to both ports 53, TCP 
and UDP) in your firewall.

Offer void where taxed or prohibited, or where something funny is 
going on (like a router hijacking DNS.)
-- 
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: First usage of BIND9

2012-11-24 Thread /dev/rob0 
On Sat, Nov 24, 2012 at 12:09:47PM -0600, Lyle Giese wrote:
> On 11/24/12 11:39, Daniele Imbrogino wrote:
> >I'd like to use BIND9 in the simplest way possible: I just want
> >to install it and use it for name resolution of Internet hosts.
> >So, on Ubuntu 12.04, I run "sudo apt-get install bind9 bind9utils
> >bind9-doc" and then "dig @127.0.0.1 
> >www.amazon.com " (for example), but I

http:// ?? :)

> >ALWAYS obtain a SERVFAIL.
> >Why? Is it necessary a configuration for this minimal use, too?
> >
> >
> Yes, it's necessary to have a named.conf in the proper location and
> you have to start named.  Is named even running?

The SERVFAIL response does indeed indicate that named is running.

> See the ARM for a sample for a caching-only name server, which is
> what you are asking for.

Most "caching-only" servers are in fact "caching-mainly". You might 
want a zone "localhost", and empty-zones-enable. My blank named.conf 
example does work, but is probably too minimal for most needs.
-- 
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users