Hello,
The ole rainy day bite.
Some quick ideas for dealing with, what I will call, defunct domains.
FIRST, STOP THE MADNESS:
Define what a defunct zone is in your TOS/AUP, so you have the power to deal
with this situation as you see fit.
DEAL WITH IT AS YOU SEE FIT:
Setup that wildcard for th
On 20-Jan-2009, at 21:24 , Danny Thomas wrote:
Scott Haneda wrote:
I brought this up a few months back. For me, it is getting worse,
and I am not able to come up with a solution.
I have many clients who reg domains. They all point to my NS.
Sometimes, the client lapses hosting with me,
In message , Scott Haneda writ
es:
> On Jan 20, 2009, at 5:44 PM, Mark Andrews wrote:
>
> > In message <232b45f8-acd3-427a-95e9-bc3ca5fc9...@newgeo.com>, Scott
> > Haneda writ
> > es:
> >> Hello, looking at my logs today, I am getting hammered with these:
> >> 20-Jan-2009 15:39:06.284 security:
Scott Haneda wrote:
I brought this up a few months back. For me, it is getting worse, and
I am not able to come up with a solution.
I have many clients who reg domains. They all point to my NS.
Sometimes, the client lapses hosting with me, and I delete the zones.
They usually leave the do
I brought this up a few months back. For me, it is getting worse, and
I am not able to come up with a solution.
I have many clients who reg domains. They all point to my NS.
Sometimes, the client lapses hosting with me, and I delete the zones.
They usually leave the domain reg'd and my
On Jan 20, 2009, at 5:44 PM, Mark Andrews wrote:
In message <232b45f8-acd3-427a-95e9-bc3ca5fc9...@newgeo.com>, Scott
Haneda writ
es:
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS/IN' d
In message <232b45f8-acd3-427a-95e9-bc3ca5fc9...@newgeo.com>, Scott Haneda writ
es:
> Hello, looking at my logs today, I am getting hammered with these:
> 20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
> query (cache) './NS/IN' denied
> 20-Jan-2009 15:39:06.790 security: inf
According to ISPrime, 66.230.128.15 and 66.230.160.1 are authoritative DNS
servers, but do not make outbound requests. As such, they only *receive*
queries from remote DNS servers (or clients). So all UDP or TCP-based DNS
requests to those two DNS servers are made *to* port 53. And those two DNS
On Jan 20, 2009, at 3:52 PM, Frank Bulk wrote:
That's being discussed on NANOG, here's one thread:
http://markmail.org/message/ydiqnztzmz5qmusf
See here for more details in blocking them:
http://www.cymru.com/Documents/secure-bind-template.html
specifically:
blackhole {
// Deny anyth
That's being discussed on NANOG, here's one thread:
http://markmail.org/message/ydiqnztzmz5qmusf
See here for more details in blocking them:
http://www.cymru.com/Documents/secure-bind-template.html
specifically:
blackhole {
// Deny anything from the bogon networks as
// detail
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS/IN' denied
20-Jan-2009 15:39:06.790 security: info: client 66.230.128.15#31593:
query (cache) './NS/IN' denied
Repeated over and over, ho
On Jan 20, 2009, at 9:25 AM, > wrote:
Hello,
Is this possible to disable recursion for all incoming queries except
for those listed in zone statement with a forwarder.
I know that no forwarding is allowed if we disable recursion.
Something like this ( but this doesn't work I know ):
I can't m
On Jan 20, 2009, at 8:30 AM, Stephane Bortzmeyer wrote:
On Tue, Jan 20, 2009 at 04:14:01PM +,
Lars Hecking wrote
a message of 87 lines which said:
Do I need to delegate all 255 /24 subnets explicitly at the top
level server?
All those you use, yes.
Alternatively, make your "root" server
At Tue, 20 Jan 2009 02:16:00 -0600,
"Frank Bulk - iName.com" wrote:
> My bad. Let me restate the request -- that all the information available
> via XML in the HTML statistics channel is also printed out when issuing
> "rndc stats".
It's the opposite: all the information printed out when issuin
I believe the behavior of the following configuration is to send back
the IP address of the forwarders to the clients, and rely on clients
to do the recursive query against the forwarders.
On Tue, Jan 20, 2009 at 9:25 AM, wrote:
>
> Hello,
>
> Is this possible to disable recursion for all incom
Disabling the cache makes sense if the purpose of your
nameserver is to provide your authoritative zone data and you
have a different nameserver to handle your site's general
DNS queries.
TTL settings are part of authoritative zone data, which is
completely independent of whether you disable cach
I have compiled BIND many times on Solaris/OpenSolaris and several
different *BSD's, and this has always been a pretty simple procedure.
I currently need to compile (a current) BIND on AIX 5.2 and it appears
to me that there is a little more work involved to get a successful
compile on this pl
Hello,
Is this possible to disable recursion for all incoming queries except
for those listed in zone statement with a forwarder.
I know that no forwarding is allowed if we disable recursion.
Something like this ( but this doesn't work I know ):
I can't match people so I can't create a view.
On Tue, Jan 20, 2009 at 04:14:01PM +,
Lars Hecking wrote
a message of 87 lines which said:
> This host is set up as a master for 172.30/16. It delegates 172.30
> to a subdomain (A record for ns1.sub.domain.com is present
> elsewhere).
Hold on! There is already a contradiction. It is su
I've been beating my head against the wall with this issue, and I'm out
of ideas: I can't get reverse lookups for a particular, delegated RFC1918
net to work.
Setup:
Internal root dns.domain.com running bind 9.4.2-P2.
This host is set up as a master for 172.30/16. It delegates 172.30 to a
Dmitry Rybin wrote:
> Matus UHLAR - fantomas wrote:
>> On 20.01.09 12:49, Dmitry Rybin wrote:
>>> How to disable cache in bind-9.6? ttl=0 - bad idea.
>> if you know that setting TTL to 0 is a bad idea, why do yuo think that
>> disabling a cache in BIND is not a bad idea?
>>
>
> Because under high
> > On 20.01.09 12:49, Dmitry Rybin wrote:
> >> How to disable cache in bind-9.6? ttl=0 - bad idea.
> Matus UHLAR - fantomas wrote:
> > if you know that setting TTL to 0 is a bad idea, why do yuo think that
> > disabling a cache in BIND is not a bad idea?
On 20.01.09 18:39, Dmitry Rybin wrote:
>
Matus UHLAR - fantomas wrote:
> On 20.01.09 12:49, Dmitry Rybin wrote:
>> How to disable cache in bind-9.6? ttl=0 - bad idea.
>
> if you know that setting TTL to 0 is a bad idea, why do yuo think that
> disabling a cache in BIND is not a bad idea?
>
Because under high load cache grows to maximum
Chris Buxton escribió:
On Jan 20, 2009, at 6:23 AM, Mikel Jimenez wrote:
Chris Buxton escribió:
You can't. You can, however, create more specific zones
(mail.zone.tld.) rather than the overlapping zone (zone.tld.).
Chris Buxton
Professional Services
Men & Mice
On Jan 20, 2009, at 3:41 AM, Mi
On Jan 20, 2009, at 6:23 AM, Mikel Jimenez wrote:
Chris Buxton escribió:
You can't. You can, however, create more specific zones
(mail.zone.tld.) rather than the overlapping zone (zone.tld.).
Chris Buxton
Professional Services
Men & Mice
On Jan 20, 2009, at 3:41 AM, Mikel Jimenez wrote:
He
Chris Buxton escribió:
You can't. You can, however, create more specific zones
(mail.zone.tld.) rather than the overlapping zone (zone.tld.).
Chris Buxton
Professional Services
Men & Mice
On Jan 20, 2009, at 3:41 AM, Mikel Jimenez wrote:
Hello
I have a question relationated to forwarding.
You can't. You can, however, create more specific zones
(mail.zone.tld.) rather than the overlapping zone (zone.tld.).
Chris Buxton
Professional Services
Men & Mice
On Jan 20, 2009, at 3:41 AM, Mikel Jimenez wrote:
Hello
I have a question relationated to forwarding.
I have db.myzone.com in
On Tue, Jan 20, 2009 at 12:24:37PM +0100,
GanGan wrote
a message of 20 lines which said:
> how to make a bind that reponde DNS fields with which he's the
> master ?
List the zones for which it is a master in named.conf.
> and it doesnt meet the request of the domain from which there is no ma
Hello
I have a question relationated to forwarding.
I have db.myzone.com in my local bind.
I have my mail server in 192.168.1.1 so I define this enty in my
db.myzone.com file. (mail.zone.com)
I also have my web, and other services, but not in local net, I have in
external hosting.
How can
how to make a bind that reponde DNS fields with which he's the master ?
and it doesnt meet the request of the domain from which there is no master.
my english is very bad :( sorry
I am french :p
--
- GanGan -
www.system-linux.eu
(">
/\
V_V
___
bin
Hello!
How to disable cache in bind-9.6? ttl=0 - bad idea.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
My bad. Let me restate the request -- that all the information available
via XML in the HTML statistics channel is also printed out when issuing
"rndc stats".
Frank
-Original Message-
From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.
org] On Behalf Of Barry Mar
32 matches
Mail list logo
