-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 12/07/2012 20:12, Carl Byington a écrit :
> For each major RHEL release, Redhat starts with some version of
> ISC bind, and then backports patches into it from more recent
> versions. This leads to an RPM containing about 50 patches. The
> advantage
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
For each major RHEL release, Redhat starts with some version of ISC
bind, and then backports patches into it from more recent versions. This
leads to an RPM containing about 50 patches. The advantage of this
approach is that customers with existing /et
On Jul 12, 2012, at 7:16 AM, Lightner, Jeff wrote:
> Your answer was clearly meant to be tongue in cheek but I'm not sure you
> understood.
Please allow me to reassure you that I understood the intent of the question.
:-)
The point was that if one isn't clear about what one should allow and wh
On 12/07/12 16:48, sth...@nethelp.no wrote:
Personally I don't know why "dig -t any" would be a problem. It's
not exactly the same as doing an axfr transfer of the zone - it still
only gets limited information.
They're the current query type du jour for DDoS amplification attacks,
which I ass
> > Personally I don't know why "dig -t any" would be a problem. It's
> > not exactly the same as doing an axfr transfer of the zone - it still
> > only gets limited information.
>
> They're the current query type du jour for DDoS amplification attacks,
> which I assume the OP is experiencing.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Ben,
On 7/12/12 10:32 AM, Ben wrote:
> Still, my question is open..
I'm not from ISC, but I have an idea what causes this (but I'm not an
authoritative source). You can look up the BIND source code.
Every caching DNS Server (BIND or other pro
On 12/07/12 15:16, Lightner, Jeff wrote:
Personally I don't know why "dig -t any" would be a problem. It's
not exactly the same as doing an axfr transfer of the zone - it still
only gets limited information.
They're the current query type du jour for DDoS amplification attacks,
which I assu
Your answer was clearly meant to be tongue in cheek but I'm not sure you
understood.
The OP wasn't asking how to stop all (any) lookups - it was how to stop "dig -t
any" which isn't the same thing at all. Presumably they still want to allow
dig -t mx, dig www... etc...
Personally I don't know
Den 12. juli 2012 kl. 10:32 skrev Ben :
>
> How to check from 10 queries, which are on cache and which are not ?
The easy way is by knowing what you ask for :-) For example, if you want to
measure your nameservers potential speed, you could ask only for things it has
in its cache. How do y
On 12/07/12 14:38, Chuck Swiger wrote:
On Jul 12, 2012, at 2:27 AM, Dns Administrator wrote:
Hi bind-users,
please excuse my ignorance being a novice to dns, but is there some way of disabling
or choking "Any" type requests?
This has been discussed on the list recently - see the archives
On Jul 12, 2012, at 2:27 AM, Dns Administrator wrote:
> Hi bind-users,
>please excuse my ignorance being a novice to dns, but is there some way of
> disabling or choking "Any" type requests?
Sure-- a firewall or even taking a pair of wire-cutters to the ethernet cable
will accomplish that.
On 12 Jul 2012, at 03:21, blrmaani wrote:
> I searched earlier posts but noticed that people are recommending it to just
> increase it to suppress the errors in log.
>
> Any pointers on this?
If it's set too low for your normal operating circumstances, you do
need to increase it.
Hi bind-users,
please excuse my ignorance being a novice to dns, but is there some way
of disabling or choking "Any" type requests?
Very best regards Peter
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this l
Hi Ben,
At 16:49 11-07-2012, Ben wrote:
I am doing load testing on our local caching dns.But while doing it
, i added google dns and some other dns ips as forwarder to test QPS.
It seems to me that it is not a good idea to do load testing on some
third-party server.
I am confusing that those
How to check from 10 queries, which are on cache and which are not ?
Still, my question is open..
Dear ISC team, can you please suggest what happend with my caching DNS
load test.? I mean, want to find root cause of it.
Den 12. juli 2012 kl. 01:49 skrev Ben :
If someone share his expe
On 12/07/12 08:20, Michael Hoskins (michoski) wrote:
> stupid question: i spent all of five minutes looking around isc.org -- but
> i did click all the top-level bind-related links, and couldn't find a
> pointer to rt to search for this ticket. does it require a support
> contract, is it internal-
In article ,
Mark Andrews wrote:
> In message , Barry
> Margolin writes:
> > In article ,
> > "Michael Hoskins (michoski)" wrote:
> >
> > > while it's largely personal preference -- i generally like to "be
> > > conservative in what i send, and liberal in what i accept":
> > >
> > > http://
Den 12. juli 2012 kl. 01:49 skrev Ben :
> If someone share his experience with it, What are the maximum QPS handled by
> bind? that is good to understand more.
Well, it depends.
If you test with a freshly restarted BIND (nothing cached yet), and ask for
only external data, you will get one res
stupid question: i spent all of five minutes looking around isc.org -- but
i did click all the top-level bind-related links, and couldn't find a
pointer to rt to search for this ticket. does it require a support
contract, is it internal-only, or am i just looking in the wrong place?
i wanted to
19 matches
Mail list logo
