Re: [UNsolved] was: what does dig +trace do?

2011-09-06 Thread Mark Andrews
In message <4e66b5b5.30...@chrysler.com>, Kevin Darcy writes: > On 9/1/2011 7:57 PM, Mark Andrews wrote: > > In message<4e5fb1ab.4040...@data.pl>, Torinthiel writes: > >> On 09/01/11 17:56, Tom Schmitt wrote: > >>> =20 > >>> I found the cause of my problem (and a solution): > >>> =20 > >>> dig +tr

Re: [UNsolved] was: what does dig +trace do?

2011-09-06 Thread Kevin Darcy
On 9/1/2011 7:57 PM, Mark Andrews wrote: In message<4e5fb1ab.4040...@data.pl>, Torinthiel writes: On 09/01/11 17:56, Tom Schmitt wrote: =20 I found the cause of my problem (and a solution): =20 dig +trace actually has another behaviour than doing the trace manually= step by step with dig. =

Re: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Mark Andrews
In message , Tony F inch writes: > Jaap Akkerhuis wrote: > > > > Additionally .local is reserved for mDNS .. > > > > Can you give some references? > > http://tools.ietf.org/html/draft-chapin-rfc2606bis https://datatracker.ietf.org/doc/draft-cheshire-dnsext-multicastdns/ Approved but not y

Re: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread SM
Hi Jaap, At 15:42 06-09-2011, Jaap Akkerhuis wrote: Make me wonder who reserved .local and specifically earmaked it to be used for mDNS. Iana doesn't seem to know about this. Can you give some references? See draft-cheshire-dnsext-multicastdns-14 which yo

Re: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Tony Finch
Jaap Akkerhuis wrote: > > Additionally .local is reserved for mDNS .. > > Can you give some references? http://tools.ietf.org/html/draft-chapin-rfc2606bis Tony. -- f.anthony.n.finchhttp://dotat.at/ Lundy, Fastnet: West or southwest, 6 to gale 8, decreasing 5 at times later. Rough or ver

Re: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Jaap Akkerhuis
Mark, you remark somewhere that: Additionally .local is reserved for mDNS .. Make me wonder who reserved .local and specifically earmaked it to be used for mDNS. Iana doesn't seem to know about this. Can you give some references? jaap

Re: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Mark Andrews
In message <4e662676.1070...@lcrcomputer.net>, Lyle Giese writes: > I was following Mark Andrew's discussion with a user about DNSSEC and > played with it here and found an issue. Not sure if I am doing > something wrong or if there is a bug somewhere. > > We have a Windows AD domain and use B

RE: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Spain, Dr. Jeffry A.
Lyle: If I understand your issue correctly, it is one that I also experienced when using a Windows 2008 R2 DNS server to forward to a BIND 9.8.0 recursive resolver configured to perform DNSSEC validation. By default Windows 2008 R2 DNS forwards queries with the CD flag set in the query, and it i

Re: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Chris Buxton
On Sep 6, 2011, at 7:32 AM, Lyle Giese wrote: > On 9/6/2011 9:13 AM, Tony Finch wrote: >> Lyle Giese wrote: >> >>> zone "chaseprod.local"{ >>> type forward; >>> forwarders {10.0.100.205;};}; >>> >>> This seemed to work until I added some stuff for DNSSEC to my named.conf. >> >> In order

Re: slow non-cached quries

2011-09-06 Thread TMK
On Sat, Sep 3, 2011 at 2:06 PM, TMK wrote: > >> Message: 1 >> Date: Fri, 2 Sep 2011 10:05:42 +0200 > >> From: TMK >> Subject: Re: Fwd: Re: slow non-cached quries >> To: bind-users@lists.isc.org >> Message-ID: >> >>   >> Content-Type: text/plain; charset="iso-8859-1" >> >> On Sep 2, 2011 9:48 AM,

RE: Seemingly random ServFail issues on a caching server

2011-09-06 Thread Florian CROUZAT
Florian CROUZAT wrote on 2011-08-31: > Lyle Giese wrote on 2011-08-31: > >> On 8/31/2011 8:40 AM, Florian CROUZAT wrote: >>> Florian CROUZAT wrote on 2011-08-25: >>> Hi list, On a few domains (we'll consider only one domain for this example) I encounter sometimes (seemingly ran

Re: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Lyle Giese
On 9/6/2011 9:13 AM, Tony Finch wrote: Lyle Giese wrote: zone "chaseprod.local"{ type forward; forwarders {10.0.100.205;};}; This seemed to work until I added some stuff for DNSSEC to my named.conf. In order to forward a zone in the presence of DNSSEC validation, the zone ha

Re: Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Tony Finch
Lyle Giese wrote: > zone "chaseprod.local"{ > type forward; > forwarders {10.0.100.205;};}; > > This seemed to work until I added some stuff for DNSSEC to my named.conf. In order to forward a zone in the presence of DNSSEC validation, the zone has to have a valid delegation in the pu

Bug in Bind 9.8 or am I doing something wrong?

2011-09-06 Thread Lyle Giese
I was following Mark Andrew's discussion with a user about DNSSEC and played with it here and found an issue. Not sure if I am doing something wrong or if there is a bug somewhere. We have a Windows AD domain and use Bind 9.8 on our Linux servers for most DNS resolution. In order to politely

Re: bind 9.7.4 on centos6

2011-09-06 Thread Adam Tkac
On 09/06/2011 01:54 AM, Mark Andrews wrote: > In message <1315237316.31288.2.ca...@ns.five-ten-sg.com>, Carl Byington > writes: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> >>> "dnssec-lookaside auto;" only pulls the "dlv.isc.org" key out of >>> that file. The root's key is just for