I hope I can solicit some feedback from this venerable group. :-)
Currently, my group operates 16 BIND servers across 5 datacenters,
handling internal and external namespace duties. These servers are
responsible for both internal and external forward and reverse
name and IP spaces.
There
At Tue, 3 Feb 2009 12:14:41 +0100,
Matus UHLAR - fantomas wrote:
> > > Can anyone confirm, and if I'm right, tell me that it will be better in
> > > next
> > > BIND releases?
>
> > There's no plan to change this behavior (as far as I know).
>
> anything like attach-cache, hierarchical or share
On Tue, Feb 3, 2009 at 5:19 PM, Jeff Howard wrote:
> Hi all,
>
> Having a problem setting up split DNS for the purpose of separating
> internal, recursive, caching responses vs external, non caching, non
> recusrive responses. First off, can views be used to do this?
>
> If yes, here are the rel
Hi all,
Having a problem setting up split DNS for the purpose of separating
internal, recursive, caching responses vs external, non caching, non
recusrive responses. First off, can views be used to do this?
If yes, here are the relevant (I hope) portions of named.conf, which I've
set up based on
On Mon, Jan 5, 2009 at 5:03 PM, JINMEI Tatuya / 神明達哉
wrote:
> At Thu, 1 Jan 2009 12:23:02 +0100,
> Michelle Konzack wrote:
>
> > Q 1:Which setting is missing?
> >
> > Q2: Can someone tell me how to update a TXT record?
>
> Please show named.conf of the authoritative server (the one accept
In message , David Forrest
writes:
> On Tue, 3 Feb 2009, Mark Andrews wrote:
>
> >
> > In message <1233658532.12933.42.ca...@muccalla.uninsubria.it>, MAtteo HCE
> > Valsa
> > sna writes:
> >> hi all,
> >>
> >> We run BIND 9.3.4-P1.1 on Debian GNU/Linux 4.0 (using the distribution's
> >> package
On Tue, 3 Feb 2009, Mark Andrews wrote:
In message <1233658532.12933.42.ca...@muccalla.uninsubria.it>, MAtteo HCE Valsa
sna writes:
hi all,
We run BIND 9.3.4-P1.1 on Debian GNU/Linux 4.0 (using the distribution's
package), that do both recursive queries for internal clients (with
proper allow
Ben Croswell wrote:
> I have never heard of there being any downside to a large number of NS
> records for a domain.
> I know internally to my company we have large numbers of NS records for
> the internal domains.
>
There is one. A large number of NS records won't fit into a UDP packet
and you g
Ben Croswell wrote:
> I have never heard of there being any downside to a large number of NS
> records for a domain.
> I know internally to my company we have large numbers of NS records for
> the internal domains.
>
There is one. A large number of NS records won't fit into a UDP packet
and you g
That was my understanding. It would only overflow if you actually had
enough NS records that the NS records themselves couldn't fit in the answer
section.
--
-Ben Croswell
On Tue, Feb 3, 2009 at 1:00 AM, Barry Margolin wrote:
> In article , bsfin...@anl.gov wrote:
>
> > One downside - if you
On Feb 2 2009, shulkae wrote:
How may NS entries typically is allowed per zone? Is there a bind
limit or does it cause any side effects if the
slaves are geographically distributed ?
We would like to setup one zone for my new group who have offices all
over the world ? We are planning
to use BI
In message <001701c985ed$311198f0$f9281...@wipro74039c7ca>, "Ashish" writes:
> Hi Barry,
>
> Thank you for your reply.
>
> There was a reverse lookup done as per the Debug content.
> We have 4 Name servers so there should be 4 response containing NS records
> in the Authority Section and the cor
On Feb 3 2009, Mark Andrews wrote:
Our configuration file is fairly simple (I have changed the domain name for
security).
You care about security yet you run BIND 4?
If I was running a BIND 4 server, I would pretty damn paranoid about
posting details about it.
Or even admitting i
In message <1233658532.12933.42.ca...@muccalla.uninsubria.it>, MAtteo HCE Valsa
sna writes:
> hi all,
>
> We run BIND 9.3.4-P1.1 on Debian GNU/Linux 4.0 (using the distribution's
> package), that do both recursive queries for internal clients (with
> proper allow-recursion clause) and authoritati
> At Wed, 28 Jan 2009 08:59:42 +0100,
> Matus UHLAR - fantomas wrote:
>
> > > >Of course I could just copy and paste all the zones also in 'custom'
> > > >view
> > > >but it doubles the configuration size.
> >
> > On 27.01.09 17:26, Chris Burton wrote:
> > > I've been using an include file for
Hi Barry,
Thank you for your reply.
There was a reverse lookup done as per the Debug content.
We have 4 Name servers so there should be 4 response containing NS records
in the Authority Section and the corresponding A records in the Additional
Section.
But we have thousands of statement like
>
hi all,
We run BIND 9.3.4-P1.1 on Debian GNU/Linux 4.0 (using the distribution's
package), that do both recursive queries for internal clients (with
proper allow-recursion clause) and authoritative servers for the
institution's domain.
There are reports of DDOS attacks based on DNS requests for
In message , "Bind" writes:
>
> I installed fresh installation of solaris 10 on sparc machine with latest
> bind v9,
"latest bind v9" is imprecise. Is that Sun's latest or
ISC's latest and which one of the 4 version we just released
are you refering to?
> this server
I installed fresh installation of solaris 10 on sparc machine with latest
bind v9,this server is behind the hardware Firewall(policy from out to in is
udp53&from in to out is any).
But my cisco IDS always announces this alarm from my server to other
external clients or servers:
"Fragment Flags
In article , "Ashish"
wrote:
> Thank you Mark,
>
> Doupdate is followed by lot of statements like
>
> Db_update
> Match
>
> Please see the content below.
> =
> Doupdate(zone 0, savens x, flags y)
> Doupdate: dname 21.in-
20 matches
Mail list logo
