In message <20110120021335.5fe392c...@mail.nsbeta.info>, p...@mail.nsbeta.info w
rites:
>
> I saw lots of this info in bind's log:
>
> Jan 20 05:25:43 ns2 named[6538]: client 69.10.140.146#33135: query (cache)
> 's2.xxrz.game.yy.com.cdn20.com/A/IN' denied
> Jan 20 05:26:47 ns2 named[6538]: cli
In article ,
p...@mail.nsbeta.info wrote:
> I saw lots of this info in bind's log:
>
> Jan 20 05:25:43 ns2 named[6538]: client 69.10.140.146#33135: query (cache)
> 's2.xxrz.game.yy.com.cdn20.com/A/IN' denied
> Jan 20 05:26:47 ns2 named[6538]: client 200.31.4.71#41137: query (cache)
> 's3.xxrz
I saw lots of this info in bind's log:
Jan 20 05:25:43 ns2 named[6538]: client 69.10.140.146#33135: query (cache)
's2.xxrz.game.yy.com.cdn20.com/A/IN' denied
Jan 20 05:26:47 ns2 named[6538]: client 200.31.4.71#41137: query (cache)
's3.xxrz.game.yy.com.cdn20.com/A/IN' denied
I'm using bind-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 19.01.2011 22:13, Barry Finkel wrote:
> Is there a
> way on the master to run rndc and tell rndc which IP address to use?
rndc -h doesn't show it. The option is apparently only documented in the
man page:
-b source-address
Use source-address
On Wed, 19 Jan 2011, Barry Finkel wrote:
I have a master DNS server that has two IP addresses - one used for
DNS and one used for non-DNS. On that master I run rndc to load
zones on slave servers. On the slave servers I have
controls{
inet a.b.c.d port 953
allow {
I have a master DNS server that has two IP addresses - one used for
DNS and one used for non-DNS. On that master I run rndc to load
zones on slave servers. On the slave servers I have
controls{
inet a.b.c.d port 953
allow {127.0.0.1; e.f.g.h; } keys { "rndc-key'
Once upon a time, Phil Mayers said:
>On the subject of rejected queries - although this isn't a bind question
>per-se, I'm curious if anyone else here sees a lot of these:
>
>client 178.123.92.141#23861: view main: query (cache)
>'mx242.emailfiltering.com/A/IN' denied
>
>We get *loads* of them
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 19.01.2011 15:59, Zbigniew Jasiński wrote:
> like i wrote in my previous email I've checked the journal file and
> there are updates with RRSIG records but still named is returning
> answers without signatures
Another thing you might check:
With
Thanks for the feedback Mark.
I agree that we misdiagnosed the problem. I was a little quick on the posting
of this message. Sorry about that.
Also, we're working on getting off 9.3.
Thanks again.
Marty
> To: sun-g...@live.com
> CC: bind-us...@isc.org
> From: ma...@isc.org
> Subject: R
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
W dniu 2011-01-19 14:24, Kalman Feher pisze:
> Try without +short ;)
> I also have the habit of using that and can get caught out. Remember that
> +short only includes the answer, which is not the RRSIG you are hoping to
> see.
>
RRSIG is _the_ answe
Try without +short ;)
I also have the habit of using that and can get caught out. Remember that
+short only includes the answer, which is not the RRSIG you are hoping to
see.
On 19/01/11 12:49 PM, "Zbigniew Jasiński" wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> W dniu 2011-01
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
W dniu 2011-01-17 15:39, Kalman Feher pisze:
> Have you tried more sane times?
>
> Those don't look like sensible times even for a test, which is probably why
> BIND isn't signing. I think you are below the sensitivity level for BIND to
> sign automat
On 19/01/11 02:03, p...@mail.nsbeta.info wrote:
My zone is game.yy.com, and there are so many "auth queries rejected" in
named.stats which was generated by "rndc stats". Could you show me some way
to debug it? Thanks.
You can log rejected queries:
logging {
channel "security_logfile" { file
On the subject of rejected queries - although this isn't a bind question
per-se, I'm curious if anyone else here sees a lot of these:
client 178.123.92.141#23861: view main: query (cache)
'mx242.emailfiltering.com/A/IN' denied
We get *loads* of them to our authoritative resolvers. I am assumi
14 matches
Mail list logo
