2012/2/2 Mark Andrews :
>
> CNAME as nameservers *cannot* be made reliable. Static-stub
> can be used as a workaround but it doesn't scale.
> Misconfiguration like this just need to be fixed.
Thanks, I digged rfcs, and found THE misconfig scene in rfc1912:
2.4 CNAME records
2012/2/2 Mark Andrews :
>
> CNAME as nameservers *cannot* be made reliable. Static-stub
> can be used as a workaround but it doesn't scale.
> Misconfiguration like this just need to be fixed.
Thanks, I digged rfcs, and found THE misconfig scene in rfc1912:
2.4 CNAME records
Grab 9.8.2rc1, it will address the the require assertion.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind
In message <20120202144847.ga25...@miek.nl>, Miek Gieben writes:
> Hello,
>
> I'm using the following settings in named.conf:
>
> max-refresh-time 0;
> min-refresh-time 0;
> max-retry-time 0;
> min-retry-time 0;
> multi-master yes;
What are you trying to achieve? A slave it needs to check that
On Feb 2, 2012, at 11:43 AM, Spain, Dr. Jeffry A. wrote:
>> So, is there:
>> A: an easy way to figure out what keyfiles are no longer being used /
>> referenced?
>> B: a simpler way to recover from this when one *does* make a boo boo?
>
> What a fun evening. For the sake of interest, which vers
Hi,
Could you show me named configuration file?
2012/2/2 Rafael Molina
> Hi,
>
>I'm using bind 9.7.0 ( 1:9.7.0.dfsg.P1-1ubuntu0.4) on ubuntu 10.04
> and I am having some problem to resolve "www.avondirecto.com.ve" .The
> server is resolving fine queries for normal traffic, but when I am
> t
Hi,
I'm using bind 9.7.0 ( 1:9.7.0.dfsg.P1-1ubuntu0.4) on ubuntu 10.04
and I am having some problem to resolve "www.avondirecto.com.ve" .The
server is resolving fine queries for normal traffic, but when I am
trying to get this answer nameserver show me this error.
---
> So, is there:
> A: an easy way to figure out what keyfiles are no longer being used /
> referenced?
> B: a simpler way to recover from this when one *does* make a boo boo?
What a fun evening. For the sake of interest, which version of bind is in use?
With regard to item A, how about executing
On Wed, 2012-02-01 at 17:18 -0500, Michael W. Lucas wrote:
> Hi,
>
> I'd put off DNSSEC because of the high maintenance requirement. But
> with 9.9 and inline signing, it looks like I can now do DNSSEC the way
> I need (static zone files that work with legacy tools, automatic key
> rotation, etc.)
Hi all,
So, I decided to roll keys on a test zone (af7.org) -- of course, I decided to
do this a: late at night and b: while juggling many other things.
So, I generated a new key and submitted my DS to my registrar, and deleted an
older one - so far, all good, everything working fine. Problem s
On Wed, 1 Feb 2012, Mark Andrews wrote:
You havn't show the test output for the xfer tests but a lot of the
test are particularly timing sensitive. When we find one like that
we fix the test. The xfer system test does have some timing
sensitivity. You can re-run the individual system test li
On Wed, 1 Feb 2012, Michael Graff wrote:
Do you happen to have some sort of web proxy (perhaps transparent) that is
sitting between your windows machine and our server?
Thank you for the prompt response. I have double-cheked with our Network
people: there is no web proxy; Also, I made sure "N
Hello,
I'm using the following settings in named.conf:
max-refresh-time 0;
min-refresh-time 0;
max-retry-time 0;
min-retry-time 0;
multi-master yes;
Seems that BIND (9.7.3-something and 9.7.4-p1 tested) does not
like this:
Feb 2 15:33:39 ns01 named[24249]: adjusted limit on open files from 102
CNAME as nameservers *cannot* be made reliable. Static-stub
can be used as a workaround but it doesn't scale.
Misconfiguration like this just need to be fixed.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 I
2012/2/2 Mark Andrews :
>
> Nameservers *cannot* be CNAMEs. In this case both nameservers listed in
> the parent zone are CNAMEs. The delegation needs to be fixed.
>
> Mark
Got you. I'll try to contact their DNS administrator to fix. Thx
___
Please vis
Nameservers *cannot* be CNAMEs. In this case both nameservers listed in
the parent zone are CNAMEs. The delegation needs to be fixed.
Mark
ns3.mrdns.net. 43099 IN CNAME ns1.1stchina.cn.
ns1.1stchina.cn.43100 IN A 60.29.231.62
ns4.mrdns.net. 4313
I read some bind code mentioned in this trace, I think the reason of
SERVFAIL should be like this:
> 14:42:40 ~ $ dig +nocmd +multiline +noall +answer www.21photo.cn
> 14:42:42 ~ $ dig +nocmd +multiline +noall +answer a.dns.cn.
> a.dns.cn. 4818 IN A 203.119.25.1
> 14:42:56 ~ $ dig +n
17 matches
Mail list logo
