On 20 Apr 2011, at 01:11, Mark Andrews wrote:
> In message <4dadfb29.6080...@dougbarton.us>, Doug Barton writes:
>> I have had 2 reports now of people using BIND 9.8.0 on FreeBSD compiled
>> against openssl 1.0.0d not being able to chroot unless they copy
>> $PREFIX/lib/engines/libgost.so into t
In message <4dadfb29.6080...@dougbarton.us>, Doug Barton writes:
> I have had 2 reports now of people using BIND 9.8.0 on FreeBSD compiled
> against openssl 1.0.0d not being able to chroot unless they copy
> $PREFIX/lib/engines/libgost.so into the chroot environment.
> Traditionally, copying li
On Tue, 19 Apr 2011, Doug Barton wrote:
I have had 2 reports now of people using BIND 9.8.0 on FreeBSD compiled
against openssl 1.0.0d not being able to chroot unless they copy
$PREFIX/lib/engines/libgost.so into the chroot environment. Traditionally,
copying libs into the chroot directory has
hugo hugoo wrote:
> How can I go on investigating what happens?
In your previous message you listed these nameservers in the zonefile:
bind9testcarlos.be. 86400 IN NS ns.uat.
bind9testcarlos.be. 86400 IN NS ns2.uat.
Is the slave server you're having problems with
I have had 2 reports now of people using BIND 9.8.0 on FreeBSD compiled
against openssl 1.0.0d not being able to chroot unless they copy
$PREFIX/lib/engines/libgost.so into the chroot environment.
Traditionally, copying libs into the chroot directory has not been
necessary, so I'm curious. Buil
In my example, the serial number is greater in the master than the serial
number in the slave.
So a zone transfer must be done but it is not done after a "rdnc reload" or a
"start/stop".
The zone transfer is directly done after a "rndc reload zonename"
How can I go on investigating what happ
On 4/19/2011 11:42 AM, hugo hugoo wrote:
Hello,
I have in fact the following problem:
The AXFR is not triggered by a “rndc reload”, neither a stop/start of
bind9.
ènothing is seen in the logs
The AXFR is triggered by a “rndc reload zonename”.
=> logs of the master
pr 19 17:32:03 dnscustmast
Hello,
I have in fact the following problem:
The AXFR is not triggered by a “rndc reload”, neither a stop/start of bind9.
è nothing is seen in the logs
The AXFR is triggered by a “rndc reload zonename”.
=> logs of the master
pr 19 17:32:03 dnscustmaster901 named[5672]: cli
What should be clear to all (DNSSEC) administrators is that it is useless
to sign *your* zone(s) if they refer to other, non-signed, zones
themselves !
The danger is that the attacker will not try to cache poison your CNAME,
but the final destination A record !
Cache poisoning - Dan Kaminsky style
You're getting a bit confused, because your configuration is complex. Some of
your observations are in contradiction with your disabling of recursion, so I
believe you are partially mistaken.
- You're mixing authoritative and recursive service in one config. This often
leads to confusion.
- You
Hi,
I am experiencing problems to get a working forwarding configuration.
I am using BIND 9.3.6-P1 and the server has the global recursion parameter
on. The server is not on a public network (not on Internet -- no access
to root servers).
I have a zone called "example.com" for which th
Hello,
as far as I know I can only put one "tkey-gssapi-credential" in the
named.conf. Now at bind 9.8 there is something new:
* Added a "tkey-gssapi-keytab" option. If set, dynamic updates will be
allowed for any key matching a Kerberos principal
in the specified keytab file. "tkey-gssapi-cre
12 matches
Mail list logo
