Duplicating queries??

I have a couple of BIND servers that I have inherited. I'm getting some upstream complaints that one of them is issuing duplicate queries on occasions - probably about a dozen times a day. When it happens, sure enough I find this in the logs: named[6905]: 18-Feb-2010 22:31:41.201 client 82.70.2

Re: A question with forwarder and listen-on

> Date: Fri, 19 Feb 2010 20:30:27 -0800 (PST) > From: gmspro > Sender: bind-users-bounces+oberman=es@lists.isc.org > > >From /etc/bind/named.conf > > forwarders { >212.27.53.252; >212.27.54.252; > }; Queries will be forwarded to these to name servers rather than be resolved

A question with forwarder and listen-on

>From /etc/bind/named.conf forwarders { 212.27.53.252; 212.27.54.252; }; listen-on { 192.168.0.1; 127.0.0.1; }; What do these lines do? http://www.unfreeze.net/?p=84 Thank you. ___ bind-users mailing list bind-us

Re: nsec3 in bind 9.7

> NSEC only DNSKEYs and NSEC3 chains not allowed That should've been worded or at least punctuated better. "NSEC-only DNSKEYs not allowed with NSEC3 chains", perhaps. It means you're using at least one DNSKEY with an algorithm that predates NSEC3, and therefore your zone can't have a valid NSEC3

Re: nsec3 in bind 9.7

On Fri, 19 Feb 2010, Shane W wrote: algorithm of 1 means use SHA-1 for hashing names; flags of 1 means opt-out and 0 means no opt-out; iterations indicates how many times to repeat the Hmm, when attempting to add a nsec3param via nsupdate, I get: NSEC only DNSKEYs and NSEC3 chains not allowed

Re: nsec3 in bind 9.7

>If you wish to sign using NSEC3 instead of NSEC, you should add an >NSEC3PARAM record to the initial update request. If you wish the NSEC3 >chain to have the OPTOUT bit set, set it in the flags field of the >NSEC3PARAM record. > % nsupdate > > ttl 3600 > --- cut dn

Re: ISC BIND 9.7.0 syslog recorded notices

On Fri, 19 Feb 2010, Jeremy C. Reed wrote: > Some loggings maybe could be made more clear, for example: > > stats.surfaid.ihost.com/ > no SOA returned Not sure why I saw that. Looking again I see com. But I have other problems there too. ___ bind

Re: ISC BIND 9.7.0 syslog recorded notices

On Fri, 19 Feb 2010, ic.nssip wrote: > I just installed ISC 9.7.0 on one of our x86 SUN Solaris 10 machines. > I did a fresh local compiled install with all default settings. > It looks that DNS is working fine for customers (anyway the time is too short > to conclude that), but my syslog suddenly

Re: ISC BIND 9.7.0 syslog recorded notices

I just installed ISC 9.7.0 on one of our x86 SUN Solaris 10 machines. I did a fresh local compiled install with all default settings. It looks that DNS is working fine for customers (anyway the time is too short to conclude that), but my syslog suddenly got populated with tones of daemon.notice

Re: ISC BIND 9.7.0 is now available

Hi Doug, I just installed from a local compiled bind-9.7.0.tar.gz with all ISC defalt settings and the issue is gone. Thank you, Julian - Original Message - From: "Doug Barton" To: "ic.nssip" Cc: "Mark Andrews" ; Sent: Thursday, February 18, 2010 7:19 PM Subject: Re: ISC BIND 9.7

Re: Strange issue - please enlighten me

Marco Davids (SIDN) wrote: > Anyone any clue? I am trying to understand why some resolvers handle > this query well, while BIND 9.7.x returns a SERVFAIL. acl...@yellow:~$ dig +short airfrance.fr ns webaf1.airfrance.fr. lasvegas.airfrance.fr. proof.rain.fr. acl...@yellow:~$ dig +short @webaf1.air

Strange issue - please enlighten me

Hi, I run into an unclear situation while trying to resolve certain domains. It happened when I tried with 9.7.0rc1, 9.7.0b and also with 9.7.0. I dont's have a whole lot of other BIND versions at my disposal, but I found an older one, 9.3.4-P1.2, and that one works fine. One of the domains that

Re: Bind 9.5.2-P1 and rrset-order

Denis Laventure wrote: > Hi, > > > > I have multiple ip adresses for one server: > > > > www.mydomain.com > A 10.0.0.1 > > www.mydomain.com > A 10.0.0.2 > > www.mydomain.com

Bind 9.5.2-P1 and rrset-order

Hi, I have multiple ip adresses for one server: www.mydomain.com A 10.0.0.1 www.mydomain.com A 10.0.0.2 www.mydomain.com A 10.0.0

RE: linux chroot reqs changed?

I would assume it's using udp/tcp socket to the loopback interface instead of the file. -Original Message- From: bind-users-bounces+mhuff=ox@lists.isc.org [mailto:bind-users-bounces+mhuff=ox@lists.isc.org] On Behalf Of Rick Dicaire Sent: Thursday, February 18, 2010 4:17 PM To: Bi