On 5/6/2011 6:40 AM, iharrathi@orange-ftgroup.com wrote:
Thanks for the answer but:
*
In the example i post yesterday: on my server1 the recursion is
enabled (recursion yes), but the server1 can't recurse because i
stop it on firewall and it can't contact the outside.
On May 6 2011, Mark Andrews wrote:
Once the parent zone is signed and is accepting DS/DNSKEY records for
child zones there shouldn't be any need to add records to DLV.
Well, for some value of "should" ...
It might be that the parent, although signed and accepting DS records,
does not yet have
On May 6, 2011, at 11:16 AM, John Wobus wrote:
> I try to catch zones that are not updating on the slaves
> to which I have access. I compare the modtime of the zone
> file with the current time and the refresh interval
> for the zone. Typically I allow a failure or two
> before alerting, e.g.
On 5/6/2011 6:40 AM, iharrathi@orange-ftgroup.com wrote:
Thanks for the answer but:
You say "Don't use forwarding from a recursive server to a
non-recursive server" but when my server1 is recursive (and the
firewall allow it to contact the outside), and server2 don't
I try to catch zones that are not updating on the slaves
to which I have access. I compare the modtime of the zone
file with the current time and the refresh interval
for the zone. Typically I allow a failure or two
before alerting, e.g. wait 1 refresh + 2 retry intervals.
If the expire interval
In an (involuntary) experiment under .FR, I discovered that the rule
"at least one DS must match for a child zone to be authenticated" is
wrong if a broken DS is present. In our case, the field Algorithm in
the DS did not match the one in the DNSKEY. While there was another
correct DS for the child
Elvind & Ben,
Thanks so much for your quick replies, I really appreciate it. I'll try out
your suggested solutions on Monday, since I'm off today, and will report
back my results.
Thanks again and have a nice weekend.
SA
On Thu, May 5, 2011 at 6:10 PM, Eivind Olsen wrote:
> Samad Agha wrote:
Thanks for the answer but:
*
In the example i post yesterday: on my server1 the recursion is enabled
(recursion yes), but the server1 can't recurse because i stop it on firewall
and it can't contact the outside.
*
You say "Don't use forwarding from a recursive server to a non-recursive
server
2011/5/6 Matus UHLAR - fantomas :
>
> BIND will search for def.com only for recursive queries, not for iterative,
> and only when the client has recursion allowed on it.
>
you are totally mis-unstanding me.
--
Jeff Pang
www.DNSbed.com
___
bind-users m
> 2011/5/2 Torinthiel :
> > Authority named never sends queries on it's own, only responds to
> > submitted queries.
On 02.05.11 20:17, Jeff Pang wrote:
> Doesn't it execute iterative query from the root server?
root servers do not send queries.
> For example, given the nameserver is authority f
10 matches
Mail list logo
