Re: bind-users Digest, Vol 1917, Issue 1
On 21.08.14 01:17, Bazy V wrote: My confusion arises from these 2 sections in replies from bind-users Digest, Vol 1916, Issue 2# 4 reply states it "should be" it could be to read if you have subscribed to non-digest list, or set your digest to MIME format. # 4 -> Note that either 0.220/24 wasn't technically correct, it should be: 220/24 NS ns2.sub.test.com. 0.220 CNAME 0.220/24 yes, because even your attempt to create /24 RFC 2317 delegation was invalid - you have delegated one /32 IP. But the latter still applies: but that's an overkill as Phil correctly pointed out. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Boost your system's speed by 500% - DEL C:\WINDOWS\*.* ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: no servers found
I had someone at our main campus ensure port 53 is open for this zone. The zone does have its own IP. Even with opening the ports, I still get time out errors. Does anyone have any other ideas? Thank you. Larry On Tue, Aug 19, 2014 at 4:07 PM, Adamiec, Lawrence wrote: > I should have said it was a Solaris 10 zone (container). I am not using > VirtualBox, VMware, or other third party software. > > Larry > > > > On Tue, Aug 19, 2014 at 3:54 PM, Charles Swiger wrote: > >> Hi-- >> >> On Aug 19, 2014, at 1:47 PM, "Adamiec, Lawrence" < >> ladam...@kentlaw.iit.edu> wrote: >> >> I am running BIND 9.6-ESV-R5-P1 on a Solaris 10 server. I can run >> queries without specifying a name server on my Solaris servers >> successfully. When I try to run a query on a Solaris 10 virtual server, I >> get "connection timed out; no servers could be reached" error. >> >> If I add the name servers from our main campus (or 8.8.8.8) to the >> virtual server's resolv.conf file, then dig will use the other name server >> and skip my name server to resolve the query which is successful. >> >> >> It's fairly normal for virtualization stuff to forbid network access from >> a VM to the host, via some combination of network interface configuration >> and NAT/firewall rules. >> >> If you're using VirtualBox, look into "bridged adaptor", ie: >> >> https://www.virtualbox.org/manual/ch06.html#network_bridged >> >> Regards, >> -- >> -Chuck >> >> > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
geoip asnum matching
Hi everybody,
I've got an issue with bind 9.10 and GeoIP asnum based matching.
As far as I can tell I need to match not only the AS number but also
the org name?
This works:
match-clients { geoip asnum "AS8767 M-net Telekommunikations GmbH,
Germany"; };
While these do not:
match-clients { geoip asnum "AS8767"; };
match-clients { geoip asnum "8767"; };
match-clients { geoip asnum 8767; };
This makes working with this feature unnecessarily complicated, especially
when dealing with non-ASCII characters for example with
"AS27699 TELEFÔNICA BRASIL S.A" or "AS28573 Serviços de Comunicação S.A.".
Is there a way to only match the as number without the org name?
I'm using the free geolite maxmind asn database from
http://dev.maxmind.com/geoip/legacy/geolite/
Thanks, DO
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: no servers found
In the virtual server, use dig @a.b.c.d with the IP address of the DNS servers you want to use to see if that works. If you are running named in that same virtual server, try dig @127.0.0.1. If that works, then just change your resolv.conf to point to only that nameserver 127.0.0.1 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: no servers found
Hi, Using dig @My-NAME-SERVER works. I am not running named on the virtual server using dig @ 127.0.0.1 does not work. Thank you. Larry On Thu, Aug 21, 2014 at 11:10 AM, Jeremy C. Reed wrote: > In the virtual server, use dig @a.b.c.d with the IP address of the DNS > servers you want to use to see if that works. > > If you are running named in that same virtual server, try dig > @127.0.0.1. If that works, then just change your resolv.conf to point > to only that nameserver 127.0.0.1 > > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: no servers found
On Thu, 21 Aug 2014, Adamiec, Lawrence wrote: > Using dig @My-NAME-SERVER works. I am not running named on the virtual > server using dig @ 127.0.0.1 does not work. Okay. Then change your /etc/resolv.conf to contain just the "nameserver " and IP of that name server (and a couple others if you want) that works. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: no servers found
Jeremy, I did have "nameserver"and the IP in the resolv.conf file. I just found the trouble. I entered the wrong IP in the resolv.conf for my name servers. Now that I have corrected the IPs, everything seems to work OK. Thanks to everyone who replied. Thank you. Larry On Thu, Aug 21, 2014 at 11:48 AM, Jeremy C. Reed wrote: > On Thu, 21 Aug 2014, Adamiec, Lawrence wrote: > > > Using dig @My-NAME-SERVER works. I am not running named on the virtual > > server using dig @ 127.0.0.1 does not work. > > Okay. Then change your /etc/resolv.conf to contain just the "nameserver > " and IP of that name server (and a couple others if you want) that > works. > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: geoip asnum matching
On Thu, 21 Aug 2014, Dietrich Oberhausen wrote:
> I've got an issue with bind 9.10 and GeoIP asnum based matching.
> As far as I can tell I need to match not only the AS number but also
> the org name?
>
> This works:
> match-clients { geoip asnum "AS8767 M-net Telekommunikations GmbH,
> Germany"; };
>
> While these do not:
> match-clients { geoip asnum "AS8767"; };
> match-clients { geoip asnum "8767"; };
> match-clients { geoip asnum 8767; };
>
> This makes working with this feature unnecessarily complicated, especially
> when dealing with non-ASCII characters for example with
> "AS27699 TELEF?NICA BRASIL S.A" or "AS28573 Servi?os de Comunica??o S.A.".
>
> Is there a way to only match the as number without the org name?
>
> I'm using the free geolite maxmind asn database from
> http://dev.maxmind.com/geoip/legacy/geolite/
It is the strings as defined as a single entry in the original database.
I agree that the just matching the first part (up to first space) is
good enough (like "AS8767"). (I looked at the 209K entries in the
database and no AS number was ever reused with a different name as
expected but maybe there could have been a mistake.)
I will forward this on to bind9-bugs so this can be improved. (Also the
documentation didn't have any example about it, but the system tests
did.)
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
