Hello gurus,
Thanks firstly since I have got many helps from the list before.
Now I'm designing a open DNS service, say I have three views as below:
view "uni" {
match-clients {
key "unikey";
UNI;
};
allow-update {key "unikey";};
zone "test.nsbeta.info"
On Mon, Feb 14, 2011 at 6:24 AM, Doug Barton wrote:
> On 2/13/2011 8:06 AM, fddi wrote:
>>
>> I do not know why you really don't liket this mysql solution.
>
> It isn't a matter of "not liking" it. Given that you have steadfastly
> refused to answer any of the questions from people who are trying
In message <4d5806ef.7000...@imperial.ac.uk>, Phil Mayers writes:
> On 02/13/2011 11:35 AM, Stephane Bortzmeyer wrote:
> > On Sun, Feb 13, 2011 at 10:51:30AM +,
> > Phil Mayers wrote
> > a message of 31 lines which said:
> >
> >> This is documented in the Bind ARM
> >
> > OK, thanks, I mi
2011/2/13 Walter Alejandro Iglesias :
> Hello,
>
> I read bind howto, several tutorials, mailing lists. After
> two months trying to get this working without success I must
> bother you.
>
> I am running a Slackware in a vps server, it provides me two
> IPs (I can ask for more if needed).
>
> I ha
On Sun, Feb 13, 2011 at 10:12:34PM +0100, Torinthiel wrote:
> On 02/13/11 17:16, Walter Alejandro Iglesias wrote:
> > On Sun, Feb 13, 2011 at 02:13:48PM +0100, Torinthiel wrote:
> It's not only good practice, it's a requirement per RFC103[45]. You'll
> go by with two IPs for one machine, and if it'
On 2/13/2011 8:06 AM, fddi wrote:
I do not know why you really don't liket this mysql solution.
It isn't a matter of "not liking" it. Given that you have steadfastly
refused to answer any of the questions from people who are trying to
help you, my feeling is that you have decided that you wan
In message <20110213155712.ga1...@fantomas.sk>, Matus UHLAR - fantomas writes:
> On 13.02.11 09:25, Mark Andrews wrote:
> > In message <20110212220459.ga23...@fantomas.sk>, Matus UHLAR - fantomas writ
> es:
> > > > 2011/2/12 Matus UHLAR - fantomas :
> > > > > Is it possible to add additional zones
On 02/13/11 17:16, Walter Alejandro Iglesias wrote:
> On Sun, Feb 13, 2011 at 02:13:48PM +0100, Torinthiel wrote:
>
>> On 02/13/11 12:52, Walter Alejandro Iglesias wrote:
>>> It will be a web hosting sever. I wrote my own web client
>>> panel and my own bash scripts to automate the upload of new
You may consider using your own bind as a hidden master that will then
update a number of external DNS servers via notify. That way you fill in
what is to be in DNS and you have all needed diversity. This does not
remove the need to register all those nameservers for EACH name with the
registrar th
On 02/13/2011 11:35 AM, Stephane Bortzmeyer wrote:
On Sun, Feb 13, 2011 at 10:51:30AM +,
Phil Mayers wrote
a message of 31 lines which said:
This is documented in the Bind ARM
OK, thanks, I missed this section.
i.e. the *presence* of the record is normal.
I'm not convinced (and t
On Sun, Feb 13, 2011 at 02:13:48PM +0100, Torinthiel wrote:
> On 02/13/11 12:52, Walter Alejandro Iglesias wrote:
> > It will be a web hosting sever. I wrote my own web client
> > panel and my own bash scripts to automate the upload of new
> > client's virtual domains. That's why I want to run m
I do not know why you really don't liket this mysql solution.
OK I am talking of a DNS for HA purposes for grid computing services for
exampe, so DNS
resolution must be always working at any cost.
The David solution can be OK, but I want to be sure not to have issues
with serial numbers on the
> On 02/12/2011 02:04 PM, Matus UHLAR - fantomas wrote:
>>> 2011/2/12 Matus UHLAR - fantomas:
Is it possible to add additional zones as empty?
On 12.02.11 14:25, Doug Barton wrote:
> What it sounds like you're trying to do is to define additional zones in
> a manner similar to what the curr
On 13.02.11 09:25, Mark Andrews wrote:
> In message <20110212220459.ga23...@fantomas.sk>, Matus UHLAR - fantomas
> writes:
> > > 2011/2/12 Matus UHLAR - fantomas :
> > > > Is it possible to add additional zones as empty?
> >
> > On 12.02.11 11:15, Terry. wrote:
> > > depends on what is "empty".
>
On Sun, Feb 13, 2011 at 11:07:31AM +0100,
Stephane Bortzmeyer wrote
a message of 35 lines which said:
> is flagged as invalid by a BIND ('meqimi6fje5ni47pjahv5qigu1lv3jlj.fr
> NSEC3: no valid signature found') or an Unbound resolver ('debug:
> verify: signature mismatch'). I fancy that the spu
On 02/13/11 12:52, Walter Alejandro Iglesias wrote:
> Hello,
>
> I read bind howto, several tutorials, mailing lists. After
> two months trying to get this working without success I must
> bother you.
>
> I am running a Slackware in a vps server, it provides me two
> IPs (I can ask for more if n
Hello,
I read bind howto, several tutorials, mailing lists. After
two months trying to get this working without success I must
bother you.
I am running a Slackware in a vps server, it provides me two
IPs (I can ask for more if needed).
I have the domains registered at go daddy.
It will be a we
On Sun, Feb 13, 2011 at 10:51:30AM +,
Phil Mayers wrote
a message of 31 lines which said:
> This is documented in the Bind ARM
OK, thanks, I missed this section.
> i.e. the *presence* of the record is normal.
I'm not convinced (and the ARM is far from clear about it).
Most of the time
On Sun, Feb 13, 2011 at 11:01:48AM +,
Phil Mayers wrote
a message of 23 lines which said:
> The zone at the moment seems to be signed with NSEC;
Hmmm, no, .FR has been signed by NSEC3 from the beginning. Could you
post this strange dig output?
> are you trying to perform an online trans
On 02/13/2011 11:30 AM, Stephane Bortzmeyer wrote:
On Sun, Feb 13, 2011 at 11:01:48AM +,
Phil Mayers wrote
a message of 23 lines which said:
The zone at the moment seems to be signed with NSEC;
Hmmm, no, .FR has been signed by NSEC3 from the beginning. Could you
post this strange dig
On 02/13/2011 10:40 AM, Stephane Bortzmeyer wrote:
On Sun, Feb 13, 2011 at 11:07:31AM +0100,
Stephane Bortzmeyer wrote
a message of 35 lines which said:
Here is a master server BIND 9.7.1-P2 (with patches for PKCS#11 and
the AEP keyper HSM), with DNSSEC enabled, dynamically signing
records
On 02/13/2011 10:07 AM, Stephane Bortzmeyer wrote:
Note the TYPE65534, which I cannot explain. Greping bind-users
archives, or googling, reveal that other persons saw them but I did
not find a final explanation.
This is documented in the Bind ARM (at least, the one that comes with
the 9.8 bet
On Sun, Feb 13, 2011 at 11:07:31AM +0100,
Stephane Bortzmeyer wrote
a message of 35 lines which said:
> Here is a master server BIND 9.7.1-P2 (with patches for PKCS#11 and
> the AEP keyper HSM), with DNSSEC enabled, dynamically signing
> records.
...
> at least in the second case, it was when
Here is a master server BIND 9.7.1-P2 (with patches for PKCS#11 and
the AEP keyper HSM), with DNSSEC enabled, dynamically signing
records. Most of the time, the typical NSEC3 looks like ('dig +dnssec
@a.nic.fr A www.toto.fr' if you want to see it):
meqimi6fje5ni47pjahv5qigu1lv3jlj.fr. 5400 IN NSEC
24 matches
Mail list logo
