Re: do I need to configure a Caching Server

2021-06-19 Thread Reindl Harald 



Am 18.06.21 um 20:28 schrieb techli...@phpcoderusa.com:
I am building a home PHP hosting server for learning.  I have a 
commercial connection to the Internet so no blocked ports and my ISP 
allows servers.


unless you are hosting a authoritative zone aka domain on your 
nameserver it don't matter what your ISP allows


if you are not hosting any official zone you shouldn't have the port 
open to the world because nobody but bots and attackers will ask your 
server anyways



I believe I only need a Primary Master Server.  Is this the case?


what is your usecase to begin with?

if it's just internal hostnames for your LAN maybe dnsmasq is the better 
solution because it can use simple hostfiles like /etc/hosts and 
forwards everything else to your ISP nameserver



My question is, do I need to configure a Caching Server?


there is nothing to configure, if you ask your named for something it's 
not authoritative it either forwards or doing recursion (depends on the 
configuration) and cache the result based on the TTL



In /etc/bind/named.conf.options:


     [...]

     forwarders {
  1.2.3.4;
  5.6.7.8;
     };

     [...]

Do I need to set the forwarders?


no

let named do it's out-of-the-box job which is recursion - i can't think 
of any usecase where i do the work setup a nameserver and then forward 
everything to a crappy ISP server


after stop using forwarding all random dns problems where gone and never 
came back


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Origin of reverse lookup

2021-06-19 Thread Reindl Harald 



Am 19.06.21 um 01:17 schrieb techli...@phpcoderusa.com:
I had my ISP configure a reverse lookup years ago.  They say they no 
longer offer that service and there is no reverse lookup for my IP.


don't matter unless you try to send mails from your machine

I keep running into this old reverse lookup and do not know where it is 
coming from.


from the ISP owing the network range

When I run https://intodns.com/ it shows this reverse lookup and not the 
one I just configured on my local box.


whatever you configure on your box is irrelevant to the world unless the 
owner of the network range delegates the reverse zone to your server 
which is unlikely for most cases and impossible for a single IP


Any thoughts on how I might resolve this or find who is hosting this 
reverse lookup?


"whois ip"
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Origin of reverse lookup

2021-06-19 Thread alcol alcol 
ISP Have is a normale DNS zone as forward ones

they does not offer remote mainteining as you should own all subnet class and 
are directly downloaded from iana if I remember well.

if something go wrong with the zone ISP will have issue from tld.

in past I had a master reverse lookup maintained from me downloaded from isp 
becous iana can't go around the world to download and to avoid issues in 
download.

as are zones with so few changes isp could allow something like a cpannel to 
change some records.

usually reverse lookup are resolved with a standard naming with ip and isp name

if you run a mail server could be usefull if not a reverse lookup is not so 
much used






From: bind-users  on behalf of 
techli...@phpcoderusa.com 
Sent: Saturday, June 19, 2021 1:17 AM
To: bind-users@lists.isc.org 
Subject: Origin of reverse lookup

Hi,

I had my ISP configure a reverse lookup years ago.  They say they no
longer offer that service and there is no reverse lookup for my IP.

I keep running into this old reverse lookup and do not know where it is
coming from.

When I run https://intodns.com/ it shows this reverse lookup and not the
one I just configured on my local box.

Any thoughts on how I might resolve this or find who is hosting this
reverse lookup?

Thanks!!

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Origin of reverse lookup

2021-06-19 Thread Reindl Harald 




Am 19.06.21 um 12:10 schrieb alcol alcol:

ISP Have is a normale DNS zone as forward ones

they does not offer remote mainteining as you should own all subnet 
class and are directly downloaded from iana if I remember well.


ptr zones are the same way delegated as any other zones


if something go wrong with the zone ISP will have issue from tld.


no

in past I had a master reverse lookup maintained from me downloaded from 
isp becous iana can't go around the world to download and to avoid 
issues in download.


dns zones are not downloaded

as are zones with so few changes isp could allow something like a 
cpannel to change some records.


that don't scale given that most customers just have a single IP

in case you have a /24 the ISP can delegate the whole zone to you, look 
at the authoritative nameservers below


[harry@srv-rhsoft:/downloads]$ dig -x 91.118.73.6

; <<>> DiG 9.11.32-RedHat-9.11.32-1.fc33 <<>> -x 91.118.73.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21949
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1024
; COOKIE: 68fa6f61a7537e2c684ca5d260cdc67126f45c0615547511 (good)
;; QUESTION SECTION:
;6.73.118.91.in-addr.arpa.  IN  PTR

;; ANSWER SECTION:
6.73.118.91.in-addr.arpa. 7200  IN  PTR arrakis.thelounge.net.

;; AUTHORITY SECTION:
73.118.91.in-addr.arpa. 7200IN  NS  ns1.thelounge.net.
73.118.91.in-addr.arpa. 7200IN  NS  ns2.thelounge.net.

;; ADDITIONAL SECTION:
ns2.thelounge.net.  7200IN  A   91.118.73.
ns1.thelounge.net.  7200IN  A   85.124.176.242

usually reverse lookup are resolved with a standard naming with ip and 
isp name


for consumer ranges: yes

if you run a mail server could be usefull 


if you run a mailserver it is a must, at least when you care to deliver 
your mails, as well make sure your HELO-hostname matches too


many sites add at least points to the sapm scoring for clients like that:

warning: hostname szkoleniagospodarka.pl does not resolve to address 
51.75.72.176: Name or service not known


if not a reverse lookup is not 
so much used


well, in case of servers i prefer PTR/A matching no matter if it is 
supposed to send mail and the same goes for internal networks i maintain




*From:* bind-users  on behalf of 
techli...@phpcoderusa.com 

*Sent:* Saturday, June 19, 2021 1:17 AM
*To:* bind-users@lists.isc.org 
*Subject:* Origin of reverse lookup
Hi,

I had my ISP configure a reverse lookup years ago.  They say they no
longer offer that service and there is no reverse lookup for my IP.

I keep running into this old reverse lookup and do not know where it is
coming from.

When I run https://intodns.com/  it shows this 
reverse lookup and not the

one I just configured on my local box.

Any thoughts on how I might resolve this or find who is hosting this
reverse lookup?

Thanks!!

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Origin of reverse lookup

2021-06-19 Thread alcol alcol 
I see you have time to waste saying strange things

dns zones even forard or reverse are downloaded as configured from masters to 
slaves or where are needed

all other remarks are confirmations of what said

I see u have time to waste  is clear 🤔😄

thanks to have said same things as mine





From: bind-users  on behalf of Reindl Harald 

Sent: Saturday, June 19, 2021 12:36 PM
To: bind-users@lists.isc.org 
Subject: Re: Origin of reverse lookup



Am 19.06.21 um 12:10 schrieb alcol alcol:
> ISP Have is a normale DNS zone as forward ones
>
> they does not offer remote mainteining as you should own all subnet
> class and are directly downloaded from iana if I remember well.

ptr zones are the same way delegated as any other zones

> if something go wrong with the zone ISP will have issue from tld.

no

> in past I had a master reverse lookup maintained from me downloaded from
> isp becous iana can't go around the world to download and to avoid
> issues in download.

dns zones are not downloaded

> as are zones with so few changes isp could allow something like a
> cpannel to change some records.

that don't scale given that most customers just have a single IP

in case you have a /24 the ISP can delegate the whole zone to you, look
at the authoritative nameservers below

[harry@srv-rhsoft:/downloads]$ dig -x 91.118.73.6

; <<>> DiG 9.11.32-RedHat-9.11.32-1.fc33 <<>> -x 91.118.73.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21949
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1024
; COOKIE: 68fa6f61a7537e2c684ca5d260cdc67126f45c0615547511 (good)
;; QUESTION SECTION:
;6.73.118.91.in-addr.arpa.  IN  PTR

;; ANSWER SECTION:
6.73.118.91.in-addr.arpa. 7200  IN  PTR arrakis.thelounge.net.

;; AUTHORITY SECTION:
73.118.91.in-addr.arpa. 7200IN  NS  ns1.thelounge.net.
73.118.91.in-addr.arpa. 7200IN  NS  ns2.thelounge.net.

;; ADDITIONAL SECTION:
ns2.thelounge.net.  7200IN  A   91.118.73.
ns1.thelounge.net.  7200IN  A   85.124.176.242

> usually reverse lookup are resolved with a standard naming with ip and
> isp name

for consumer ranges: yes

> if you run a mail server could be usefull

if you run a mailserver it is a must, at least when you care to deliver
your mails, as well make sure your HELO-hostname matches too

many sites add at least points to the sapm scoring for clients like that:

warning: hostname szkoleniagospodarka.pl does not resolve to address
51.75.72.176: Name or service not known

> if not a reverse lookup is not
> so much used

well, in case of servers i prefer PTR/A matching no matter if it is
supposed to send mail and the same goes for internal networks i maintain

> 
> *From:* bind-users  on behalf of
> techli...@phpcoderusa.com 
> *Sent:* Saturday, June 19, 2021 1:17 AM
> *To:* bind-users@lists.isc.org 
> *Subject:* Origin of reverse lookup
> Hi,
>
> I had my ISP configure a reverse lookup years ago.  They say they no
> longer offer that service and there is no reverse lookup for my IP.
>
> I keep running into this old reverse lookup and do not know where it is
> coming from.
>
> When I run https://intodns.com/  it shows this
> reverse lookup and not the
> one I just configured on my local box.
>
> Any thoughts on how I might resolve this or find who is hosting this
> reverse lookup?
>
> Thanks!!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Origin of reverse lookup

2021-06-19 Thread Reindl Harald 



Am 19.06.21 um 13:24 schrieb alcol alcol:

I see you have time to waste saying strange things


seriously?

dns zones even forard or reverse are downloaded as configured from 
masters to slaves or where are needed


may you show me word "slave" in any line below?


all other remarks are confirmations of what said



that must be why you started with:

>> Any thoughts on how I might resolve this
>> or find who is hosting this reverse lookup?


I see u have time to waste  is clear 🤔😄


don't get me wrong but when you know that little about DNS that you 
expect a service on the internet cares about what you configured at your 
local box you shouldn't be that arrogant!


>> When I run https://intodns.com/
>> it shows this reverse lookup and not
>> the one I just configured on my local box.



*From:* bind-users  on behalf of 
Reindl Harald 

*Sent:* Saturday, June 19, 2021 12:36 PM
*To:* bind-users@lists.isc.org 
*Subject:* Re: Origin of reverse lookup


Am 19.06.21 um 12:10 schrieb alcol alcol:

ISP Have is a normale DNS zone as forward ones

they does not offer remote mainteining as you should own all subnet 
class and are directly downloaded from iana if I remember well.


ptr zones are the same way delegated as any other zones


if something go wrong with the zone ISP will have issue from tld.


no

in past I had a master reverse lookup maintained from me downloaded from 
isp becous iana can't go around the world to download and to avoid 
issues in download.


dns zones are not downloaded

as are zones with so few changes isp could allow something like a 
cpannel to change some records.


that don't scale given that most customers just have a single IP

in case you have a /24 the ISP can delegate the whole zone to you, look
at the authoritative nameservers below

[harry@srv-rhsoft:/downloads]$ dig -x 91.118.73.6

; <<>> DiG 9.11.32-RedHat-9.11.32-1.fc33 <<>> -x 91.118.73.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21949
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1024
; COOKIE: 68fa6f61a7537e2c684ca5d260cdc67126f45c0615547511 (good)
;; QUESTION SECTION:
;6.73.118.91.in-addr.arpa.  IN  PTR

;; ANSWER SECTION:
6.73.118.91.in-addr.arpa. 7200  IN  PTR arrakis.thelounge.net.

;; AUTHORITY SECTION:
73.118.91.in-addr.arpa. 7200    IN  NS  ns1.thelounge.net.
73.118.91.in-addr.arpa. 7200    IN  NS  ns2.thelounge.net.

;; ADDITIONAL SECTION:
ns2.thelounge.net.  7200    IN  A   91.118.73.
ns1.thelounge.net.  7200    IN  A   85.124.176.242

usually reverse lookup are resolved with a standard naming with ip and 
isp name


for consumer ranges: yes

if you run a mail server could be usefull 


if you run a mailserver it is a must, at least when you care to deliver
your mails, as well make sure your HELO-hostname matches too

many sites add at least points to the sapm scoring for clients like that:

warning: hostname szkoleniagospodarka.pl does not resolve to address
51.75.72.176: Name or service not known

if not a reverse lookup is not 
so much used


well, in case of servers i prefer PTR/A matching no matter if it is
supposed to send mail and the same goes for internal networks i maintain



*From:* bind-users  on behalf of 
techli...@phpcoderusa.com 

*Sent:* Saturday, June 19, 2021 1:17 AM
*To:* bind-users@lists.isc.org 
*Subject:* Origin of reverse lookup
Hi,

I had my ISP configure a reverse lookup years ago.  They say they no
longer offer that service and there is no reverse lookup for my IP.

I keep running into this old reverse lookup and do not know where it is
coming from.

When I run https://intodns.com/  > it shows this

reverse lookup and not the
one I just configured on my local box.

Any thoughts on how I might resolve this or find who is hosting this
reverse lookup?

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Origin of reverse lookup

2021-06-19 Thread alcol alcol 
Ohuu I haven't written slave but was not your email
if you want to say something don't quote others taht say right things
if I don't use words as you could use or like is not your matter

as last part of your reply, please think to yourself as you started to quote me 
with no meaning saying same things as me



Why do you look at the speck that is in your brother's eye and don't notice the 
beam that is in your eye?


From: bind-users  on behalf of Reindl Harald 

Sent: Saturday, June 19, 2021 2:23 PM
To: bind-users@lists.isc.org 
Subject: Re: Origin of reverse lookup



Am 19.06.21 um 13:24 schrieb alcol alcol:
> I see you have time to waste saying strange things

seriously?

> dns zones even forard or reverse are downloaded as configured from
> masters to slaves or where are needed

may you show me word "slave" in any line below?

> all other remarks are confirmations of what said


that must be why you started with:

 >> Any thoughts on how I might resolve this
 >> or find who is hosting this reverse lookup?

> I see u have time to waste  is clear 🤔😄

don't get me wrong but when you know that little about DNS that you
expect a service on the internet cares about what you configured at your
local box you shouldn't be that arrogant!

 >> When I run https://intodns.com/
 >> it shows this reverse lookup and not
 >> the one I just configured on my local box.

> 
> *From:* bind-users  on behalf of
> Reindl Harald 
> *Sent:* Saturday, June 19, 2021 12:36 PM
> *To:* bind-users@lists.isc.org 
> *Subject:* Re: Origin of reverse lookup
>
>
> Am 19.06.21 um 12:10 schrieb alcol alcol:
>> ISP Have is a normale DNS zone as forward ones
>>
>> they does not offer remote mainteining as you should own all subnet
>> class and are directly downloaded from iana if I remember well.
>
> ptr zones are the same way delegated as any other zones
>
>> if something go wrong with the zone ISP will have issue from tld.
>
> no
>
>> in past I had a master reverse lookup maintained from me downloaded from
>> isp becous iana can't go around the world to download and to avoid
>> issues in download.
>
> dns zones are not downloaded
>
>> as are zones with so few changes isp could allow something like a
>> cpannel to change some records.
>
> that don't scale given that most customers just have a single IP
>
> in case you have a /24 the ISP can delegate the whole zone to you, look
> at the authoritative nameservers below
>
> [harry@srv-rhsoft:/downloads]$ dig -x 91.118.73.6
>
> ; <<>> DiG 9.11.32-RedHat-9.11.32-1.fc33 <<>> -x 91.118.73.6
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21949
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1024
> ; COOKIE: 68fa6f61a7537e2c684ca5d260cdc67126f45c0615547511 (good)
> ;; QUESTION SECTION:
> ;6.73.118.91.in-addr.arpa.  IN  PTR
>
> ;; ANSWER SECTION:
> 6.73.118.91.in-addr.arpa. 7200  IN  PTR arrakis.thelounge.net.
>
> ;; AUTHORITY SECTION:
> 73.118.91.in-addr.arpa. 7200IN  NS  ns1.thelounge.net.
> 73.118.91.in-addr.arpa. 7200IN  NS  ns2.thelounge.net.
>
> ;; ADDITIONAL SECTION:
> ns2.thelounge.net.  7200IN  A   91.118.73.
> ns1.thelounge.net.  7200IN  A   85.124.176.242
>
>> usually reverse lookup are resolved with a standard naming with ip and
>> isp name
>
> for consumer ranges: yes
>
>> if you run a mail server could be usefull
>
> if you run a mailserver it is a must, at least when you care to deliver
> your mails, as well make sure your HELO-hostname matches too
>
> many sites add at least points to the sapm scoring for clients like that:
>
> warning: hostname szkoleniagospodarka.pl does not resolve to address
> 51.75.72.176: Name or service not known
>
>> if not a reverse lookup is not
>> so much used
>
> well, in case of servers i prefer PTR/A matching no matter if it is
> supposed to send mail and the same goes for internal networks i maintain
>
>> 
>> *From:* bind-users  on behalf of
>> techli...@phpcoderusa.com 
>> *Sent:* Saturday, June 19, 2021 1:17 AM
>> *To:* bind-users@lists.isc.org 
>> *Subject:* Origin of reverse lookup
>> Hi,
>>
>> I had my ISP configure a reverse lookup years ago.  They say they no
>> longer offer that service and there is no reverse lookup for my IP.
>>
>> I keep running into this old reverse lookup and do not know where it is
>> coming from.
>>
>> When I run https://intodns.com/   > it shows this
>> reverse lookup and not the
>> one I just configured on my local box.
>>
>> Any thoughts on how I might resolve this or find who is hosting this
>> reverse lookup?
___

Re: Windows support has been discontinued in BIND 9.17+ (Was: Important: A significant flaw is present in June BIND releases 9.16.17 and 9.17.14)

2021-06-19 Thread Peter via bind-users 
My config runs fine on BIND 9.17.12 so its not the config I even install 
bind in C:\BIND with a VERY simple config that 9.17.12 runs that 9.16.18 
does not and I installed 9.16.18 on a vary new system it simply does not 
run.


named.conf

options {
    forward only;
    forwarders { 192.168.255.62;192.168.53.2; };
};

On 18/06/2021 11:33 pm, Richard T.A. Neal wrote:


The next Event Log entry on my system immediately after "using 1 UDP 
listener per interface" is:


loading configuration from 'C:\BIND\etc\named.conf'

(because that's my BIND installation folder obviously).

If I intentionally make a typo in any of my config files (eg 
named.conf, named.conf.options etc) and try and start the ISC BIND 
service I get:


Windows could not start the ISC BIND service on local computer.

Error 1067: The process terminated unexpectedly.

And that’s exactly the same error message that you’re getting.

Have you tried dropping to a command prompt and then running 
"named-checkconf" from within the "bin" subfolder of your BIND 
installation folder? That will tell you if it detects an error in any 
of your configuration files. I know you may not have changed them 
between upgrading from 9.16.12 to 9.16.18, but maybe there's something 
in there that BIND 9.16.12 was OK with but which 9.16.18 is not happy.


For example if I intentionally add a simple 'x' at the very end of my 
named.conf and then run C:\BIND\bin\named-checkconf I get:


C:\BIND\bin>named-checkconf

C:\BIND\etc\named.conf:8: unknown option 'x'

C:\BIND\etc\named.conf:8: unexpected token near end of file

Richard.

*From:*bind-users  *On Behalf Of 
*Peter via bind-users

*Sent:* 18 June 2021 5:49 pm
*To:* bind-users@lists.isc.org
*Subject:* Re: Windows support has been discontinued in BIND 9.17+ 
(Was: Important: A significant flaw is present in June BIND releases 
9.16.17 and 9.17.14)


It shows 17 information with the last showing "using 1 UDP listener 
per interface" maybe it don't like my intel VLAN's?



___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users



___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Origin of reverse lookup

2021-06-19 Thread Reindl Harald 
FIRST: this will be my last response to you and if it's only to prevent 
using words leading to moderation


Am 19.06.21 um 15:46 schrieb alcol alcol:

Ohuu I haven't written slave but was not your email
if you want to say something don't quote others taht say right things


please understand that this is my decision


if I don't use words as you could use or like is not your matter


sorry for correcting wrong technical terms and understanding, either 
learn to deal with it or don't ask on places where professionals are present


>>> in past I had a master reverse lookup
>>> maintained from me downloaded from
>>> isp becous iana can't go around the
>>> world to download and to avoid
>>> issues in download.

this is nosense

a) IANA don't download anything from nowhere
b) zone transfers are not downloads
c) worldwide dns don't work that way

RECURSION:

* the resolver asks the root which
  nameserver is responsible for the TLD
* the tld registry tell him the
  nameserver for the zone
* finally it asks that nameservers

how they got their zone-data is irrelevant, the autoritative nameservers 
just respond to specific queries


you initally asked "find who is hosting this reverse lookup?" and the 
answer is simply: look the SOA of the reverse-name


[harry@srv-rhsoft:/downloads]$ dig SOA 6.73.118.91.in-addr.arpa. @8.8.8.8

; <<>> DiG 9.11.32-RedHat-9.11.32-1.fc33 <<>> SOA 
6.73.118.91.in-addr.arpa. @8.8.8.8

;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39068
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;6.73.118.91.in-addr.arpa.  IN  SOA

;; AUTHORITY SECTION:
73.118.91.in-addr.arpa. 1799IN  SOA ns2.thelounge.net. 
hostmaster.thelounge.net. 2021050714 3600 1800 1814400 3600


as last part of your reply, please think to yourself as you started to 
quote me with no meaning saying same things as me




Why do you look at the speck that is in your brother's eye and don't 
notice the beam that is in your eye?



*From:* bind-users  on behalf of 
Reindl Harald 

*Sent:* Saturday, June 19, 2021 2:23 PM
*To:* bind-users@lists.isc.org 
*Subject:* Re: Origin of reverse lookup


Am 19.06.21 um 13:24 schrieb alcol alcol:

I see you have time to waste saying strange things


seriously?

dns zones even forard or reverse are downloaded as configured from 
masters to slaves or where are needed


may you show me word "slave" in any line below?


all other remarks are confirmations of what said



that must be why you started with:

  >> Any thoughts on how I might resolve this
  >> or find who is hosting this reverse lookup?


I see u have time to waste  is clear 🤔😄


don't get me wrong but when you know that little about DNS that you
expect a service on the internet cares about what you configured at your
local box you shouldn't be that arrogant!

  >> When I run https://intodns.com/ 
  >> it shows this reverse lookup and not
  >> the one I just configured on my local box.



*From:* bind-users  on behalf of 
Reindl Harald 

*Sent:* Saturday, June 19, 2021 12:36 PM
*To:* bind-users@lists.isc.org 
*Subject:* Re: Origin of reverse lookup


Am 19.06.21 um 12:10 schrieb alcol alcol:

ISP Have is a normale DNS zone as forward ones

they does not offer remote mainteining as you should own all subnet 
class and are directly downloaded from iana if I remember well.


ptr zones are the same way delegated as any other zones


if something go wrong with the zone ISP will have issue from tld.


no

in past I had a master reverse lookup maintained from me downloaded from 
isp becous iana can't go around the world to download and to avoid 
issues in download.


dns zones are not downloaded

as are zones with so few changes isp could allow something like a 
cpannel to change some records.


that don't scale given that most customers just have a single IP

in case you have a /24 the ISP can delegate the whole zone to you, look
at the authoritative nameservers below

[harry@srv-rhsoft:/downloads]$ dig -x 91.118.73.6

; <<>> DiG 9.11.32-RedHat-9.11.32-1.fc33 <<>> -x 91.118.73.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21949
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1024
; COOKIE: 68fa6f61a7537e2c684ca5d260cdc67126f45c0615547511 (good)
;; QUESTION SECTION:
;6.73.118.91.in-addr.arpa.  IN  PTR

;; ANSWER SECTION:
6.73.118.91.in-addr.arpa. 7200  IN  PTR arrakis.thelounge.net.

;; AUTHORITY SECTION:
73.118.91.in-addr.arpa. 7200    IN  NS  ns1.thelounge.net.
73.118.91.in-addr.arpa. 7200    IN  NS  ns2.thelounge.net.

;; ADDITIONAL

Fw: Origin of reverse lookup

2021-06-19 Thread alcol alcol 



good to know


From: bind-users  on behalf of Reindl Harald 

Sent: Saturday, June 19, 2021 5:01 PM
To: bind-users@lists.isc.org 
Subject: Re: Origin of reverse lookup

FIRST: this will be my last response to you and if it's only to prevent
using words leading to moderation


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: Windows support has been discontinued in BIND 9.17+ (Was: Important: A significant flaw is present in June BIND releases 9.16.17 and 9.17.14)

2021-06-19 Thread Richard T.A. Neal 
And what do you get when you run c:\BIND\named-checkconf ?

Richard.

From: bind-users  On Behalf Of Peter via 
bind-users
Sent: 19 June 2021 3:41 pm
To: bind-users@lists.isc.org
Subject: Re: Windows support has been discontinued in BIND 9.17+ (Was: 
Important: A significant flaw is present in June BIND releases 9.16.17 and 
9.17.14)

My config runs fine on BIND 9.17.12 so its not the config I even install bind 
in C:\BIND with a VERY simple config that 9.17.12 runs that 9.16.18 does not 
and I installed 9.16.18 on a vary new system it simply does not run.

named.conf

options {
forward only;
forwarders { 192.168.255.62;192.168.53.2; };
};

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Code of Conduct for the mailing list

2021-06-19 Thread Ondřej Surý 
Hi, let me remind everyone that ISC has adopted Code of Conduct which also 
apply here on the mailing list. I kindly suggest that you read it (perhaps 
again): 

https://gitlab.isc.org/isc-projects/bind9/-/blob/main/CODE_OF_CONDUCT.md

Thank you and please treat each other with respect and patience,
--
Ondřej Surý — ISC (He/Him)

My working hours and your working hours may be different. Please do not feel 
obligated to reply outside your normal working hours.___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Using RRL to for TC=1 on all queries

2021-06-19 Thread John Kristoff 
Has anyone configured BIND to force TC=1 responses on all queries using
RRL?I'd like to do this for some experimentation and measurement
work, but maybe this just isn't the right tool for that job?

I've tried a number of configurations (e.g. slip=1, rate=0) and I can't
seem to make this work.  Perhaps it is not possible.

I believe I can do this with dnsdist or Knot, so I might use one of
those, but I was hoping I could accomplish such a thing with BIND
without modifying the source code - and I think RRL would be the most
likely way to accomplish such a feat.  If you've done so and can provide
a config snippet, I would be very eager to receive it.

Thank you,

John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Windows support has been discontinued in BIND 9.17+ (Was: Important: A significant flaw is present in June BIND releases 9.16.17 and 9.17.14)

2021-06-19 Thread Peter via bind-users 

I getnothing which means good? installed back to the default path.

C:\Program Files\ISC BIND 9\bin>named-checkconf

C:\Program Files\ISC BIND 9\bin>



On 19/06/2021 5:53 pm, Richard T.A. Neal wrote:


And what do you get when you run c:\BIND\named-checkconf ?

Richard.

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

FW: Windows support has been discontinued in BIND 9.17+ (Was: Important: A significant flaw is present in June BIND releases 9.16.17 and 9.17.14)

2021-06-19 Thread Richard T.A. Neal 
Yes, nothing means good.

The next thing to check, depending upon how you have your logging configured, 
is whether any clues are being written to the default.log.

But to do that you’d need to configure logging, and possibly crank-up the debug 
level as well. I guess it depends on whether you want to continue pursuing this.

Sorry that I couldn’t be of more help,

Richard.

From: bind-users  On Behalf Of Peter via 
bind-users
Sent: 19 June 2021 7:48 pm
To: bind-users@lists.isc.org
Subject: Re: Windows support has been discontinued in BIND 9.17+ (Was: 
Important: A significant flaw is present in June BIND releases 9.16.17 and 
9.17.14)


I getnothing which means good? installed back to the default path.

C:\Program Files\ISC BIND 9\bin>named-checkconf

C:\Program Files\ISC BIND 9\bin>


On 19/06/2021 5:53 pm, Richard T.A. Neal wrote:
And what do you get when you run c:\BIND\named-checkconf ?

Richard.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Windows support has been discontinued in BIND 9.17+ (Was: Important: A significant flaw is present in June BIND releases 9.16.17 and 9.17.14)

2021-06-19 Thread Ondřej Surý 
Running named from console as:

named -g -d 1 -c /named.conf

might give you some hints on what might be the problem.

Ondřej
--
Ondřej Surý — ISC (He/Him)

My working hours and your working hours may be different. Please do not feel 
obligated to reply outside your normal working hours.

> On 19. 6. 2021, at 21:48, Richard T.A. Neal  wrote:
> 
> 
> Yes, nothing means good.
>  
> The next thing to check, depending upon how you have your logging configured, 
> is whether any clues are being written to the default.log.
>  
> But to do that you’d need to configure logging, and possibly crank-up the 
> debug level as well. I guess it depends on whether you want to continue 
> pursuing this.
>  
> Sorry that I couldn’t be of more help,
>  
> Richard.
>  
> From: bind-users  On Behalf Of Peter via 
> bind-users
> Sent: 19 June 2021 7:48 pm
> To: bind-users@lists.isc.org
> Subject: Re: Windows support has been discontinued in BIND 9.17+ (Was: 
> Important: A significant flaw is present in June BIND releases 9.16.17 and 
> 9.17.14)
>  
> I getnothing which means good? installed back to the default path.
> C:\Program Files\ISC BIND 9\bin>named-checkconf
> C:\Program Files\ISC BIND 9\bin>
>  
>  
> On 19/06/2021 5:53 pm, Richard T.A. Neal wrote:
> And what do you get when you run c:\BIND\named-checkconf ?
>  
> Richard.
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Windows support has been discontinued in BIND 9.17+ (Was: Important: A significant flaw is present in June BIND releases 9.16.17 and 9.17.14)

2021-06-19 Thread alcol alcol 
Windows install read regisyty key (if exist)
if u have an old install it will be installed on previous path
if not and u'r aware u can edit registry and install it where u like

yes today I seen path but tought to whay I just wrote here and jumped any reply.

In all case, find ur named-checkconf and execute it properly






From: bind-users  on behalf of Peter via 
bind-users 
Sent: Saturday, June 19, 2021 8:47 PM
To: bind-users@lists.isc.org 
Subject: Re: Windows support has been discontinued in BIND 9.17+ (Was: 
Important: A significant flaw is present in June BIND releases 9.16.17 and 
9.17.14)


I getnothing which means good? installed back to the default path.

C:\Program Files\ISC BIND 9\bin>named-checkconf

C:\Program Files\ISC BIND 9\bin>


On 19/06/2021 5:53 pm, Richard T.A. Neal wrote:

And what do you get when you run c:\BIND\named-checkconf ?



Richard.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Windows support has been discontinued in BIND 9.17+ (Was: Important: A significant flaw is present in June BIND releases 9.16.17 and 9.17.14)

2021-06-19 Thread Peter via bind-users 
Well for the time being I give up I think something like this happen 
before many years ago, I'm sure someone will post having this iusse.


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: 'managed-keys' is deprecated ??

2021-06-19 Thread Evan Hunt 
On Mon, Jun 14, 2021 at 08:51:42PM -0700, ToddAndMargo via bind-users wrote:
> # named-checkconf -l -t /var/named/chroot /etc/named.conf
> /etc/named.root.key:1: option 'managed-keys' is deprecated
> 
> What do I use in its place?

"trust-anchors" is preferred now, in place of both "trusted-keys" and
"managed-keys".

For the moment, using the old syntax only generates a warning, not a fatal
error, but the old options will be removed in a future release (9.20, I
think, but don't quote me on that).

-- 
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

BIND RPz with IPv6

2021-06-19 Thread Manish Rane 
Hi Team,

Would be keen to know if BIND RPZ supports IPv6? I have 9.11.3 and 9.16.6
versions
--
Thanks and Regards,
Manish R
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users