Hi,
I have a some queries regarding dnssec.Kindly clear me out it.
1) DNSSEC is required for authoritative dns or is it for caching dns or
for both?
2) If we enable DNSSEC , do we face any performance problem while
concerning with throughput?
3) What is actual flow of dnssec?
Regards,
Ben
Hi together,
thanks for these many hints. Wow! So many mistakes in a few lines. Here
ist now my config file:
-%<-
@ IN SOA localhost. root.localhost. (
2012050900
7200
Hi Jan-Piet,
> What's the hash doing there? ...^
>
> That's not a comment.
Thanks. I continue learning...
> Replace that whole line by
>
> nosslsearch.google.com. IN A 216.239.32.20
Zone is www.google.com. That won't work here
> Assuming you've configured the z
On Tue, May 08, 2012 at 11:03:54PM -0400, Paul Wouters wrote:
> Please consider applying this patch, many simple souls like me will
> appreciate it a lot :)
Those who use +do as a shorthand for +domain won't. It'd be okay
for the value == NULL case, though.
(BTW, suggestions are best sent to bin
I've gotten really annoyed at dig not taking the +do option.
Please consider applying this patch, many simple souls like me will
appreciate it a lot :)
Pauldiff -Naur bind-9.8.2-ori/bin/dig/dig.c bind-9.8.2/bin/dig/dig.c
--- bind-9.8.2-ori/bin/dig/dig.c2012-05-08 22:34:19.059392999 -040
In message <3c6f299b652a4e71b1af8bbce9380...@netadmin.bart.gov>, "Mike
Bernhardt" writes:
> Reading the section on delegation in the O'Reilly book, I'm confused about
> something: The parent is configured to delegate the subdomain to the child
> with glue records, etc. But how does the child know
Selective forwarding and stub zones are available in Microsoft DNS, or
so I'm told...
(Although I feel obligated to point out that this is a BIND-oriented
list, so you may not get a lot of configuration advice for Microsoft
products).
I don't think the child domain is on BIND so that may or may not be an
option. But, good idea. Thanks for your help!
_
From: Ben Croswell [mailto:ben.crosw...@gmail.com]
Sent: Tuesday, May 08, 2012 1:16 PM
To: Mike Bernhardt
Cc: bind-users@lists.isc.org
Subject: RE: How does a child f
Another option would be zone level forwarding on the child to point at the
parent or stub zones.
-Ben Croswell
On May 8, 2012 3:59 PM, "Mike Bernhardt" wrote:
> In this case, the root only knows the external public server, not the
> internal parent who is doing the delegating. So it would seem
On Tue, Apr 17, 2012 at 02:24:48PM +0200, Tobias Krais wrote:
> Hi all together,
>
> very interesting this discussion. For I am a newbie I understood only half.
>
> Thus I detected 2 ways to continue:
>
> > I believe you can use response policy (RPZ) to achieve this. Or you can use
> > just abo
In this case, the root only knows the external public server, not the
internal parent who is doing the delegating. So it would seem that slaving
the internal parent is the only solution for resolving hosts in the internal
parent domain, correct?
_
From: Ben Croswell [mailto:ben.crosw..
The child doesn't know it's parent and goes up to the root like any other
server would.
-Ben Croswell
On May 8, 2012 2:13 PM, "Mike Bernhardt" wrote:
> Reading the section on delegation in the O'Reilly book, I'm confused about
> something: The parent is configured to delegate the subdomain to th
On 5/8/2012 1:56 PM, Mike Bernhardt wrote:
Reading the section on delegation in the O'Reilly book, I'm confused about
something: The parent is configured to delegate the subdomain to the child
with glue records, etc. But how does the child know who to ask if a host in
the subdomain requests a rec
> Reading the section on delegation in the O'Reilly book, I'm confused about
> something: The parent is configured to delegate the subdomain to the child
> with glue records, etc. But how does the child know who to ask if a host in
> the
> subdomain requests a record in the parent zone? They don't
Reading the section on delegation in the O'Reilly book, I'm confused about
something: The parent is configured to delegate the subdomain to the child
with glue records, etc. But how does the child know who to ask if a host in
the subdomain requests a record in the parent zone? They don't show any
c
Sundry nitpicks. Not much of interest here, sorry.
On Tue, May 08, 2012 at 05:38:55PM +0200, Jan-Piet Mens wrote:
> > -%<-
> > @ IN SOA localhost root@localhost. (
> > 2012041100
> > 7200
>
On May 8 2012, Barry Margolin wrote:
In article ,
Tobias Krais wrote:
Hi Phil,
> 4. Create a zone for "www.google.com" and instead of CNAME, put an A
> record at the apex with the same IP as "nosslsearch.google.com". Run a
> script FREQUENTLY to re-resolve the host, as Google do short-TTL
>
> -%<-
> @ IN SOA localhost root@localhost. (
> 2012041100
> 7200
> 1800
> 1209600
>
Read doc/misc/migration-4to9 and doc/misc/migration. These
are part of the BIND 9 distribution.
Run named-checkzone on the zones. BIND 9 catches lots of
mis-configurations that BIND 4 missed. If you have been
following the rule you shouldn't have to chan
In article ,
Tobias Krais wrote:
> Hi Phil,
>
> > 4. Create a zone for "www.google.com" and instead of CNAME, put an A
> > record at the apex with the same IP as "nosslsearch.google.com". Run a
> > script FREQUENTLY to re-resolve the host, as Google do short-TTL
> > DNS-based loadbalancing.
>
Hi Phil,
> 4. Create a zone for "www.google.com" and instead of CNAME, put an A
> record at the apex with the same IP as "nosslsearch.google.com". Run a
> script FREQUENTLY to re-resolve the host, as Google do short-TTL
> DNS-based loadbalancing.
For unbound has no solution Inow want to try your
> 1. In down level Windows, everything is OK.
> 2. In upper level dns(bind), ns record, and A record of nameserver is fine.
> 3. But A record in WIndows Server can not resolved by upper level BIND.
> I think maybe I have to do something in my windows server to "connect"
> windows with linux bind?
> -Original Message-
> From: Mark Andrews [mailto:ma...@isc.org]
> Sent: Monday, May 07, 2012 4:54 PM
> To: Bischof, Ralph F. (MSFC-IS40)[NICS]
> Cc: bind-users@lists.isc.org
> Subject: Re: Inline Signing does not update SOA?
>
>
> In message
> ov>, "Bischof, Ralph F. (MSFC-IS40) [NICS]"
On 08/05/2012 10:09, Ben wrote:
> I am new with bind.I am trying to configure bind as caching server for
> our network.I configure it and it works successfully.
>
> Can we get report or statistics something which shows which queries
> resolved from cache and which resolved from internet?
Yes. Add
zhanglikun wrote:
>
> So my question is why bind9 do like that?
QTYPE=ANY is a special debugging facility. It just returns what is in the
cache, and only makes a query to the authoritative server when there in
nothing cached.
Tony.
--
f.anthony.n.finchhttp://dotat.at/
Cromarty: Cyclonic bec
Hello,
When I dig at my bind9 resolver with qtype=ANY, I find the message never
expire and being refetched until the last rrset expire, if there are several
rrsets in answer section, when one rrset in answer section expires, the
query client will get one cached message just without the expired r
Hi,
I am new with bind.I am trying to configure bind as caching server for
our network.I configure it and it works successfully.
Can we get report or statistics something which shows which queries
resolved from cache and which resolved from internet?
bind has snmp mib for monitoring ?
Rega
27 matches
Mail list logo
