Re: Binding on addresses

In message , Chris Hills writes: > Hi > > After changing configuration from "listen-on-v6 { any; };" to using > specific addresses, I observed the following in the log after issuing > `rndc reload` (times are CEST):- > > 29-Jul-2009 04:44:22.893 network: error: binding TCP socket: address in u

Re: about tcp port 53

--- On Tue, 28/7/09, Stephane Bortzmeyer wrote: > > > what's the use of bind's tcp port 53? > > DNS requests and responses. > oh, I was always thinking dns requests and responses are going with udp protocal. under what condition it uses tcp protocal? Regards, Wah. ___

Re: Creating a CNAME to another domain.

Kevin Darcy wrote: > Ezra Taylor wrote: >> Hello All: >>How can I create a CNAME that points to another >> domain. Example below. Is the below example possible? >> >> >> >> stars.mydomain.com INCNAME >> stars.otherdomain.com

Binding on addresses

Hi After changing configuration from "listen-on-v6 { any; };" to using specific addresses, I observed the following in the log after issuing `rndc reload` (times are CEST):- 29-Jul-2009 04:44:22.893 network: error: binding TCP socket: address in use 29-Jul-2009 04:44:22.893 network: error: bi

Re: Moving an AD Zone from Windows to BIND

For what it's worth, we moved 100% of all our DNS from MS DNS to BIND. Doing so solved the problem of the MS DNS servers periodically (randomly) losing critical glue records. It also eliminated the need for 6 pairs of DNS servers to support the 6 independent domains, each needing to own the r

Re: Creating a CNAME to another domain.

Thanks all. On Fri, Jul 24, 2009 at 2:57 PM, Ezra Taylor wrote: > Hello All: >How can I create a CNAME that points to another domain. > Example below. Is the below example possible? > > > > stars.mydomain.com INCNAME stars.otherdomain.com. > > -- > Ezra Taylor >

Re: Moving an AD Zone from Windows to BIND

Mark Andrews writes: > > In message <20090728175246.bf0a817...@britaine.cis.anl.gov>, bsfin...@anl.gov > writes: > > I do not want any dynamic DNS to my BIND servers, as I am not sure > > how that DDNS would interface with DNSSEC. > > DNSSEC is easier with a DDNS zone than a non-DDNS zone as na

Re: Moving an AD Zone from Windows to BIND

In message <20090728175246.bf0a817...@britaine.cis.anl.gov>, bsfin...@anl.gov writes: > I do not want any dynamic DNS to my BIND servers, as I am not sure > how that DDNS would interface with DNSSEC. DNSSEC is easier with a DDNS zone than a non-DDNS zone as named can ensure the signatures get re

Re: Moving an AD Zone from Windows to BIND

bsfin...@anl.gov wrote: > I am not worried about the DHCP piece. There are two zones I have to > convert. One is mostly static and contains Windows Servers. The > other is dynamic, with client machines under the control of a Windows > DHCP server. For this zone, we will change DHCP to static le

ISC BIND 9.4.3-P3 is now available

BIND 9.4.3-P3 is now available. BIND 9.4.3-P3 is the THIRD SECURITY PATCH for BIND 9.4.3. It addresses a denial-of-service bug in which a malformed UPDATE packet caused named to crash. Bugs should be reported to bind9-b...@isc.org. BIND 9.4.3-P3 can be downloaded

ISC BIND 9.6.1-P1 is now available

BIND 9.6.1-P1 is now available. BIND 9.6.1-P1 is a SECURITY PATCH for BIND 9.6.1. It addresses a denial-of-service bug in which a malformed UPDATE packet caused named to crash. Bugs should be reported to bind9-b...@isc.org. BIND 9.6.1-P1 can be downloaded from:

ISC BIND 9.5.1-P3 is now available

BIND 9.5.1-P3 is now available. BIND 9.5.1-P3 is the THIRD SECURITY PATCH for BIND 9.5.1. It addresses a denial-of-service bug in which a malformed UPDATE packet caused named to crash. Bugs should be reported to bind9-b...@isc.org. BIND 9.5.1-P3 can be downloaded f

nsupdate and an external database

Greetings all, We have a number of BIND 9.3.4 servers that are managed by ProBIND. We would like to be able to use nsupdate to generate dynamic DNS updates, but, of course, any DDNS updates would be lost the next time the zone was "pushed" since they aren't reflected in ProBIND's MySQL databas

Re: Dig shows wrong ip

On Jul 28 2009, sth...@nethelp.no wrote: % dig +short a dns3.potomacnetworks.com @a.gtld-servers.net 216.250.243.230 As long as that host record exists, with an IP different from what your authoritative servers reply with, you are going to have problems, because queries will be answered by the

Re: bind9 behind firewall stopped responding

> I have a master DNS (bind9) for a domain. It was working until I put it > behind firewall on a DMZ private subnet. It is setup in the way that > from internet the DNS maintains its original IP address, that is SAT > translated by firewall to the DMZ private subnet. I allowed ports 53 > TCP/UDP.

Re: DNSSEC NS record delegation

Mark Andrews writes: > > In message <15aeacf110417c4b9d6186fe81fbf2d9091e0...@hq-mbx-03.ba.ad.ssa.gov> > , > "Khuu, Linh MicroTech" writes: > > > > Hi, > > > > I have question about the DNSSEC NS record. > > > > We have the parent zone, for example, example.net being signed with DNSSEC. > >

Re: DNSSEC NS record delegation

In message <15aeacf110417c4b9d6186fe81fbf2d9091e0...@hq-mbx-03.ba.ad.ssa.gov>, "Khuu, Linh MicroTech" writes: > > Hi, > > I have question about the DNSSEC NS record. > > We have the parent zone, for example, example.net being signed with DNSSEC. > We have a child zone test.example.net delegat

Re: Dig shows wrong ip

On Tue, Jul 28, 2009 at 3:00 PM, wrote: > > > Here's your 216.250.243.230 address: > > > > > > % whois dns3.potomacnetworks.com > > > > > > Whois Server Version 2.0 > > > > > > Domain names in the .com and .net domains can now be registered > > > with many different competing registrars. Go to >

Re: Dig shows wrong ip

> > Here's your 216.250.243.230 address: > > > > % whois dns3.potomacnetworks.com > > > > Whois Server Version 2.0 > > > > Domain names in the .com and .net domains can now be registered > > with many different competing registrars. Go to > > http://www.internic.net > > for detailed information. >

Re: Dig shows wrong ip

On Tue, Jul 28, 2009 at 2:22 PM, wrote: > > I recently migrated our old DNS servers to new hardware and BIND 9.6 > > installations. One domain is exhibiting some strangeness, > > dns3.potomacnetworks.com. Our main DNS servers are authoritative for > this > > subdomain and it should point to 216.2

Re: Dig shows wrong ip

> I recently migrated our old DNS servers to new hardware and BIND 9.6 > installations. One domain is exhibiting some strangeness, > dns3.potomacnetworks.com. Our main DNS servers are authoritative for this > subdomain and it should point to 216.250.231.11, however, the whole world > sees it pointi

Dig shows wrong ip

Hi, I recently migrated our old DNS servers to new hardware and BIND 9.6 installations. One domain is exhibiting some strangeness, dns3.potomacnetworks.com. Our main DNS servers are authoritative for this subdomain and it should point to 216.250.231.11, however, the whole world sees it pointing to

Re: Moving an AD Zone from Windows to BIND

Raul Lopez Nevot wrote: What I need is a procedure that I can use to move the base zone xxx.yyy.example.com to BIND, while keeping the six AD zones on the Windows DNS Server. If I were to define the six AD zones on the Windows DNS Server, I do

Re: Moving an AD Zone from Windows to BIND

bsfin...@anl.gov wrote: >> This is not really a BIND-related question, but I thought that maybe >> some people on this list can point me in the right direction. >> Maybe someone has already done what I need to do. >> >> I have one zone >> >> xxx.yyy.example.com >> >> that is on a Windows DN

Re: Creating a CNAME to another domain.

Ezra Taylor wrote: Hello All: How can I create a CNAME that points to another domain. Example below. Is the below example possible? stars.mydomain.com INCNAME stars.otherdomain.com . If stars.mydomain.

Re: Creating a CNAME to another domain.

On Fri, Jul 24, 2009 at 02:57:24PM -0400, Ezra Taylor wrote a message of 43 lines which said: > stars.mydomain.com INCNAME stars.otherdomain.com. Yes, except the missing dot at the end of the Left-Hand Side. ___ bind-users mailing list

Re: Intermittent NXDOMAIN, Bind 9.2.3 config and PowerDNS problem?

On Mon, Jul 27, 2009 at 02:36:29AM -0700, Richard wrote a message of 190 lines which said: > Queries of "agences.fr.lastminute.com" against two servers of the > French ISP Free.fr, As a subscriber of Free, and a reader of the various Free users fora, let me warn you that Free DNS service has

Re: about tcp port 53

On Mon, Jul 27, 2009 at 10:33:56AM +0800, Tech W. wrote a message of 23 lines which said: > what's the use of bind's tcp port 53? DNS requests and responses. > is it used for dns update and zone transfer or something else? Everything else. > If I have not been using dynamic update and tran

RE: Slave server not using the IP set using transfer-source

>I have 3 servers set up using bind 9.2.4-30. I am using 3 different views and have an IP address on each slave for each view so that the slaves >are directed to the correct zone files when contacting the master to refresh a zone, etc. I have run into a problem with the slaves not respecting >the i

Re: bind9 behind firewall stopped responding

If the DNS server now has a RFC1918 IP address, then one will probably have to setup appropriate NAT rules for a publicly accessible/routable IP address. On some firewalls, there is a NAT rule for incoming traffic and a another rule for outgoing traffic (basically mapping the public IP for both

DNSSEC NS record delegation

Hi, I have question about the DNSSEC NS record. We have the parent zone, for example, example.net being signed with DNSSEC. We have a child zone test.example.net delegating to glbl.example.net as NS record. glbl.example.net is not a DNSSEC. Will nslookup for anything in test.example.net fail?

Re: about allow-update

Hi Evan, I follow your suggestion to add the corresponding syntax into named.conf, then I run "rndc reload", but got: # sbin/rndc reload rndc: connection to remote host closed This may indicate that * the remote server is using an older version of the command protocol, * this host is not author

Re: bind 9 problem with delegation

Maybe replication occurred some time between July 10 and July 23. - Kevin gui wrote: hello, i have s strange probleme with my bind server, and i hope someone could point out the problem, here is the description, i have two bind servers (replication, multi-master), bind 9.3.4, same version, sa

about tcp port 53

Hello, what's the use of bind's tcp port 53? is it used for dns update and zone transfer or something else? If I have not been using dynamic update and transfer, can I block tcp port 53 using a firewall? Thanks. Regards, Wah. _

Slave server not using the IP set using transfer-source

I have 3 servers set up using bind 9.2.4-30. I am using 3 different views and have an IP address on each slave for each view so that the slaves are directed to the correct zone files when contacting the master to refresh a zone, etc. I have run into a problem with the slaves not respecting th

Re: bind 9 problem with delegation

gui wrote: >hello, > >i have s strange probleme with my bind server, and i hope someone >could point out the problem, here is the description, > >i have two bind servers (replication, multi-master), bind 9.3.4, same >version, same configuration (normally). >I tried to do some PTR delegation, so f

Re: Moving an AD Zone from Windows to BIND

bsfin...@anl.gov wrote: > This is not really a BIND-related question, but I thought that maybe > some people on this list can point me in the right direction. > Maybe someone has already done what I need to do. > > I have one zone > > xxx.yyy.example.com > > that is on a Windows DNS server,

Re: Moving an AD Zone from Windows to BIND

> What I need is a procedure that I can use to move the base zone > > xxx.yyy.example.com > > to BIND, while keeping the six AD zones on the Windows DNS Server. > If I were to define the six AD zones on the Windows DNS Server, > I doubt you can do this with elegance. And, if you have two DNS s

Creating a CNAME to another domain.

Hello All: How can I create a CNAME that points to another domain. Example below. Is the below example possible? stars.mydomain.com INCNAME stars.otherdomain.com. -- Ezra Taylor ___ bind-users mailing list bind-users@list

Re: Bind 9.6.1: skipping zone transfer, but why ?

At Wed, 22 Jul 2009 15:56:38 +0200, Jan Hansen wrote: > As I wrote in the post "Master is unreachable (cached)", I've switched > to windows server 2003, which currently *seem* to have a positive > effect. I haven't seen the behaviour yet after the switch, but Ian Tait > sees this behaviour on

Intermittent NXDOMAIN, Bind 9.2.3 config and PowerDNS problem?

Hello list, I am trying to diagnose an intermittent DNS failure. I am not sure where this problem lies; either with my DNS configuration, the ISP DNS, or the third-party DNS. I've reviewed RFCs 1034, 1035 and 2181 to gain a better understanding. I have a hunch what is (possibly) wrong. (This p

nsupdate communication failed

Hi,I use nsupdate to update each minute some textfields representingstatus of several kind of information. The update performs correctly but some times, (once every ten ortwenty times) nsupdate outputs an error like : Communication with XX.XX.XX.XX#53 failed: operation canceled could not talk to s

bind9 behind firewall stopped responding

I have a master DNS (bind9) for a domain. It was working until I put it behind firewall on a DMZ private subnet. It is setup in the way that from internet the DNS maintains its original IP address, that is SAT translated by firewall to the DMZ private subnet. I allowed ports 53 TCP/UDP. Should I