In message <20090612025851.ga23...@frell.ambush.de>, Hauke Lampe writes:
> On Fri, Jun 12, 2009 at 04:29:11 +0200, Hauke Lampe wrote:
>
> > Future reference: Once .org completes their testing phase *and* your
> > registrar allows you to register DS records for your domain, queries
> > should also
On Fri, Jun 12, 2009 at 04:29:11 +0200, Hauke Lampe wrote:
> Future reference: Once .org completes their testing phase *and* your
> registrar allows you to register DS records for your domain, queries
> should also return AD when validated against the ITAR trust anchor
> repository (at https://ita
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Erik Lotspeich wrote:
> I have registered with the ISC's DLV registry. I am
> having trouble finding the best way for me to validate that my setup is
> working and that my zone validates.
dlv.isc.org doesn't list your keys yet. It can take a day or
In message <4a3177c1.5040...@lotspeich.org>, Erik Lotspeich writes:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi,
>
> Although I'm not new to DNS, I'm new to DNSSEC. I have read
> documentation and howtos regarding DNSSEC.
>
> I believe that I have it configured and working for my
In message , Chris Thom
pson writes:
> We have recently turned on DNSSEC validation (using dlv.isc.org) in our
> main university-wide recursive nameservers, which are running BIND 9.6.1rc1.
>
> No-one is actually complaining, but the counts I am seeing for "ValFail"
> on the statistics channel ar
In message , "Frank
Pikelner" writes:
> This is a multi-part message in MIME format.
>
> --===3881074899120402985==
> Content-class: urn:content-classes:message
> Content-Type: multipart/alternative;
> boundary="_=_NextPart_001_01C9EABF.A23632E2"
>
> This is a multi-part m
Hello Everybody .
We have moved the DHCP Server from Microsoft to Cisco , Things are working
fine other than the DNS reverse lookup's .
When a machine gets a new IP address , its registering a new reverse lookup
in the DNS , good , but the issue here is that the old record is not deleted
.
so for
In message , Peter
Andreev writes:
>
> Thank you for answer, Kevin.
>
> Yes, recursion completely *off* by "recursion no;" option. And only my
> servers are authoritative for client's zone. So I'm in confusion, because as
> you said, for servers should not have a difference between RD=0 and RD=
On Thu, 11 Jun 2009, Erik Lotspeich wrote:
> Although I'm not new to DNS, I'm new to DNSSEC. I have read
> documentation and howtos regarding DNSSEC.
>
> I believe that I have it configured and working for my domain,
> lotspeich.org. I have registered with the ISC's DLV registry. I am
> having
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Although I'm not new to DNS, I'm new to DNSSEC. I have read
documentation and howtos regarding DNSSEC.
I believe that I have it configured and working for my domain,
lotspeich.org. I have registered with the ISC's DLV registry. I am
having tro
Frank Pikelner wrote:
Every now and then we get a bounce on emails that are sent through one
of our mails servers located on 64.187.3.170. The bounce messages look
as follows and appear to indicate that our reverse zone is missing a
record, though the record is there and resolves through nslo
On Thu, 11 Jun 2009, Chris Thompson wrote:
> We have recently turned on DNSSEC validation (using dlv.isc.org) in our
> main university-wide recursive nameservers, which are running BIND 9.6.1rc1.
>
> No-one is actually complaining, but the counts I am seeing for "ValFail"
> on the statistics chan
On Thursday 11 June 2009, 20:08 Frank Pikelner wrote:
> : host mx.some_domain.com[xxx.xx.xx.xx] said:
> 450 4.7.1 Client host rejected: cannot find your hostname, [64.187.3.170]
> (in reply to RCPT TO command)
ns2.toroon.grouptelecom.net, which is a nameserver for 3.187.64.in-addr.arpa
according
Every now and then we get a bounce on emails that are sent through one of our
mails servers located on 64.187.3.170. The bounce messages look as follows and
appear to indicate that our reverse zone is missing a record, though the record
is there and resolves through nslookup. The ISP delegates
We have recently turned on DNSSEC validation (using dlv.isc.org) in our
main university-wide recursive nameservers, which are running BIND 9.6.1rc1.
No-one is actually complaining, but the counts I am seeing for "ValFail"
on the statistics channel are quite a bit higher than we were seeing
during
The logging will prove very instructive I think. You should prioritise that
so that you can see what view the query is matching.
Is there a possibility of having either a firewall or router NAT any of the
queries? Many products will rewrite DNS queries and responses based on
static NAT rules (over
Thanks for the idea Chris, but unfortunately that wouldn't be the case here.
This happens to people that don't even have access to the data center.
___
Corey
- Original Message -
From: "Chris Buxton"
To: "Corey Shaw"
Cc: "Kevin Darcy" , bind-users@lists.isc.org
Sent:
Thank you for answer, Kevin.
Yes, recursion completely *off* by "recursion no;" option. And only my
servers are authoritative for client's zone. So I'm in confusion, because as
you said, for servers should not have a difference between RD=0 and RD=1.
I'm afraid that there are reasons for such str
18 matches
Mail list logo
