2012/3/29 Peter Andreev
>
>
> 2012/3/29 RYAN M. vAN GINNEKEN
>
>> Hello all i have what is to me a very strange bind 9 master slave
>> transfer issue.
>>
>> When i update a zone file on the master the file updates correctly the
>> notifies are sent and every thing seems to work perfectly except
2012/3/29 RYAN M. vAN GINNEKEN
> Hello all i have what is to me a very strange bind 9 master slave transfer
> issue.
>
> When i update a zone file on the master the file updates correctly the
> notifies are sent and every thing seems to work perfectly except it
> transfers 0 bytes to the slave.
Hello all i have what is to me a very strange bind 9 master slave transfer
issue.
When i update a zone file on the master the file updates correctly the notifies
are sent and every thing seems to work perfectly except it transfers 0 bytes to
the slave. Checking the slave confirms that indeed t
We are using lwresd to resolve DNS ENUM queries with the cache TTL set to 1
second (effective off) and only two servers on a Solaris 10 Netra 5220 system.
Performance is reasonable if the first server is up, but when the first server
stops responding, we get unreasonably bad performance.
With
In message ,
Amir Haris Ahmad writes:
> Fajar,
>
> Yes,
>
> This is glue record.
>
> pahlevanzadeh.info. 14400 IN NS shared.pahlevanzadeh.info.
> shared.pahlevanzadeh.info. A
And you should be adding IPv6 address records for your nameservers as
well as IPv4 address records.
sh
Fajar,
Yes,
This is glue record.
pahlevanzadeh.info. 14400 IN NS shared.pahlevanzadeh.info.
shared.pahlevanzadeh.info. A
On Thu, Mar 29, 2012 at 7:46 AM, Fajar A. Nugraha wrote:
> On Thu, Mar 29, 2012 at 6:33 AM, Mohsen Pahlevanzadeh
> wrote:
> > pahlevanzadeh.info. 14400 IN NS
On Thu, Mar 29, 2012 at 6:33 AM, Mohsen Pahlevanzadeh
wrote:
> pahlevanzadeh.info. 14400 IN NS shared.pahlevanzadeh.info.
>
> Is it Possible?
Yes. Google does it
$ dig google.com ns
; <<>> DiG 9.8.1-P1 <<>> google.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, sta
Dear all,
Suppose you i have phlevanzadeh.info domain and FQDN
shared.pahlevanzadeh.info,
Question:
I installed bind9, and defined zone of pahlevanzadeh.info ,now , NS of
pahlevanzadeh.info can become itself?
such as:
dig pahlevanzadeh.info NS :
pahlevanzadeh.info. 14400 IN NS shared.pahlevanzade
The problem is that their servers are returning non-authoritative
answers from the cache without also adding the NS records for the
child zone to allow the interative resolver to find a authoritative
answer. The parent server is configured as a recursive server not
a authoritative server.
On top
Jon A. wrote:
> Is there a better practice to serve 100% the same authoritative data
> in two views, but block recursion, cache use, and out of zone data?
Don't use views, use allow-query and allow-recursion ACLs.
Tony.
--
f.anthony.n.finchhttp://dotat.at/
Plymouth, Biscay, FitzRoy: Northe
We've been having this issues with neweggbusiness.com - it seems the A rec for
neweggbusiness.com is round robin load balanced:
;; ANSWER SECTION:
neweggbusiness.com. 3600 IN A 216.52.208.154
neweggbusiness.com. 3600 IN A 204.14.213.154
;; ANSWER SECTION:
neweggbusiness.com. 3600 IN NS dns2
On 28 Mar 2012, at 13:01, Lightner, Jeff wrote:
> Is signing not done at zone file level?
Yes, but that's not the problem.
> For our views even when the zones are identical I keep separate copies for the
> internaland external views so I would have thought this wouldn't be an issue.
if the recrustion is the only thing we can might use a inclue file to
include all the zones in specific direcotry.
so you manage one server but more views...
On 28/03/2012 11:38, Niall O'Reilly wrote:
On 28 Mar 2012, at 02:16, Jon A. wrote:
I'm looking for a best practice to keep zone data a
Hello,
You're right Mark, thanks. The problem I said yesterday was solved
with the implementation of TSIG as mentioned in
https://www.isc.org/faq/item/182.
What happened was that my slave was receiving zones from the same
master view. I know, my fault! but I hope my error helps you guys
> > On the DNS server, a large number of "ANY" type queries occur,why?
>
> Probably the reflection+amplification attack which goes on, specially
> in China, for several months. CNCERT knows about it so I suggest you
> contact them.
Note that there are multiple reflection+amplification attacks go
Is signing not done at zone file level?
For our views even when the zones are identical I keep separate copies for the
internal and external views so I would have thought this wouldn't be an issue.
-Original Message-
From: bind-users-bounces+jlightner=water@lists.isc.org
[mailto
On 28 Mar 2012, at 02:16, Jon A. wrote:
> I'm looking for a best practice to keep zone data across multiple views on
> multiple servers sync
FWIW, you're not alone.
I have three views too, internal, external, and mendacious.
The last is for coercing unregistered clien
On Wed, Mar 28, 2012 at 10:39:11AM +0200,
Anand Buddhdev wrote
a message of 25 lines which said:
> It's probably better to rate-limit the address. You can do that on
> your server with iptables (Linux) or ipfw (*BSD) or on your router.
A possible solution for Linux' Netfilter (test it: it may
On Wed, Mar 28, 2012 at 10:20:40AM +0200,
Matus UHLAR - fantomas wrote
a message of 18 lines which said:
> yes you can.
But it is a bad idea, since the source IP addresses are almost
certainly forged.
___
Please visit https://lists.isc.org/mailman/
On 28/03/2012 10:21, Stephane Bortzmeyer wrote:
>> The same IP address, produced a large number of requests within a
>> very short period of time. Can I block these IPs?
>
> You probaably should not. The source IP address is forged, it is the
> address of the victim. If you block it, the victim w
On Wed, Mar 28, 2012 at 04:08:33PM +0800,
ShanyiWan wrote
a message of 104 lines which said:
> On the DNS server, a large number of "ANY" type queries occur,why?
Probably the reflection+amplification attack which goes on, specially
in China, for several months. CNCERT knows about it so I sug
On 28.03.12 16:08, ShanyiWan wrote:
On the DNS server, a large number of "ANY" type queries occur,why? The
same IP address, produced a large number of requests within a very
short period of time. Can I block these IPs?
yes you can. I would also wonder who sends such queries, maybe they
ask..
On the DNS server, a large number of "ANY" type queries occur,why? The same IP
address, produced a large number of requests within a very short period of
time. Can I block these IPs?
ShanyiWan___
Please visit https://lists.isc.org/mailman/listinfo/bin
23 matches
Mail list logo
