Hi Shane, Mark, Evan
On Tue, 2012-10-16 at 08:22 +0200, Shane Kerr wrote:
> Noel,
>
> These changes are in our review queue now, so will go in future
> releases.
>
> Cheers,
>
I guess this was not pushed in? After update to 9.9.2-p1 the old
logging returned, eg:
Dec 6 10:47:30 ns1 named
In message , Dan Mahoney w
rites:
>
>
> On Thu, 6 Dec 2012, Karl Auer wrote:
>
> > This may be a silly question, but are SPF records supposed to be
> > supported in reverse zones? I'm thinking of a mail server that has no
> > entry in the DNS.
>
> Well, most mail servers will reject such a ser
In article ,
Karl Auer wrote:
> This may be a silly question, but are SPF records supposed to be
> supported in reverse zones? I'm thinking of a mail server that has no
> entry in the DNS.
Many anti-spam rules block mail from servers with no reverse DNS, so it
seems pointless to have SPF recor
On Thu, 6 Dec 2012, Karl Auer wrote:
> This may be a silly question, but are SPF records supposed to be
> supported in reverse zones? I'm thinking of a mail server that has no
> entry in the DNS.
Well, most mail servers will reject such a server (i.e. one with NO rdns).
However, there's anoth
This may be a silly question, but are SPF records supposed to be
supported in reverse zones? I'm thinking of a mail server that has no
entry in the DNS.
Regards, K.
--
~~~
Karl Auer (ka...@biplane.com.au)
http://www.biplane.com.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 2012-12-05 at 21:04 +, Phil Mayers wrote:
> Thanks for this. One minor thing - the -P1 is missing from the
> embedded tarball. I think there might be something going on with the
> %{VERSION} macro?
major - that version was actually 9.9.2,
I have some questions and would really appreciate if someone would be able
to assist. I just started a new job at a hosting company and am in a little
bit over my head.
Question 1:
In our secondary / slave name servers we specify the master name servers in
the normal manner:
zone mysample.me.uk {
On 05/12/12 18:29, Hauke Lampe wrote:
On 05.12.2012 14:59, Daniele Imbrogino wrote:
resolv.conf contains only 127.0.0.1 as nameserver.
The syslog contains a lot of errors as "insecurity proof failed", "no
valid
RRSIG", "got insecure response" that I don't understand.
Your forwarder probab
On 12/05/2012 12:30 PM, Mark Andrews wrote:
> grant mykey. name host1.mydomain.org. A
Ah, cool ... learned something new today. :)
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-us
On 12/05/2012 04:46 AM, Carl Byington wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://www.five-ten-sg.com/util/bind-9.9.2-0.2.P1.fc18.src.rpm
Carl,
Thanks for this. One minor thing - the -P1 is missing from the embedded
tarball. I think there might be something going on with the
On 12/05/2012 07:29 PM, fddi wrote:
Hello, I have a domain called mydomain.org
I would need a way to allow access with nsupdate not to the entire
domain mydomain.org
but only to specific hosts and specific IP Address do be modified using
nsupdate.
here is my config
zone "mydomain.org" IN {
In message <50bfaba3.5040...@dougbarton.us>, Doug Barton writes:
> On 12/05/2012 11:29 AM, fddi wrote:
> > Hello, I have a domain called mydomain.org
> >
> > I would need a way to allow access with nsupdate not to the entire
> > domain mydomain.org
> > but only to specific hosts and specific IP A
On 12/05/2012 11:29 AM, fddi wrote:
> Hello, I have a domain called mydomain.org
>
> I would need a way to allow access with nsupdate not to the entire
> domain mydomain.org
> but only to specific hosts and specific IP Address do be modified using
> nsupdate.
>
>
> here is my config
>
> zone "m
Hello, I have a domain called mydomain.org
I would need a way to allow access with nsupdate not to the entire
domain mydomain.org
but only to specific hosts and specific IP Address do be modified using
nsupdate.
here is my config
zone "mydomain.org" IN {
type master;
allow-q
Mark Andrews wrote:
> In message <20121205125024.gc11...@fantomas.sk>, Matus UHLAR - fantomas
> writes:
> >
> > I'm curious if there's any case where the AUTHORITY section is needed to
> > proper function of DNS.
>
> Yes. Referrals.
And, (to a lesser extent) negative answers, since the negative
On 05.12.2012 14:59, Daniele Imbrogino wrote:
resolv.conf contains only 127.0.0.1 as nameserver.
The syslog contains a lot of errors as "insecurity proof failed", "no valid
RRSIG", "got insecure response" that I don't understand.
Your forwarder probably doesn't handle DNSSEC responses well. T
Hi,
The "make test" stuff is failing miserably for me on Linux (Redhat
6.3, x64) with 9.9.2-P1:
if test -f ./runall.sh; then sh ./runall.sh; fi
S:acl:Wed Dec 5 08:10:01 EST 2012
T:acl:1:A
A:System test acl
I:Couldn't start server ns2 (pid=7621)
R:FAIL
S:allow_query:Wed Dec 5 08:10:15 EST 2012
T
Finally I solved it!
The problem was in the write permission of /etc, while in /var/cache/bind
it works perfectly!
Thank you for the assistance!
2012/12/5 Matus UHLAR - fantomas
> On 03.12.12 21:32, Daniele Imbrogino wrote:
>
>> I edited the working directory to /etc/bind because this is the di
resolv.conf contains only 127.0.0.1 as nameserver.
The syslog contains a lot of errors as "insecurity proof failed", "no valid
RRSIG", "got insecure response" that I don't understand.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
On Wed, 2012-12-05 at 10:23 +0100, Daniele Imbrogino wrote:
/etc/bind/named.conf.option
On 05.12.12 21:47, Noel Butler wrote:
WTF is that file? it certainly is not an ISC named file.
It's file containing the options section, installed by default in debian.
From the changelog:
* Do option
I don't have any source of a a DNS exam, but since you seem to be
expecting a limited set of skills, how about a few questions of the sort
"What is an A record?"
"What is an MX record?"
"What does the SOA record contain"
"What does the serial number control"
Think about what they will be work
On 29.11.12 11:44, Chiesa Stefano wrote:
I created an application to delegate zone management to collegues that
are used to ask changes to that zones.
I would set up a small "zone administration test" to verify a minimal
dns knowledge (right use of main RR such A-CNAME-MX.)
Can you suggest m
In message <20121205125024.gc11...@fantomas.sk>, Matus UHLAR - fantomas writes:
> >> On 28.11.12 18:38, Tony Finch wrote:
> >>> Yes it does. For example, have a look at responses to queries for
> >>> dotat.at
> >>> in mx for various buffer sizes and observe that RRsets are dropped but
> >>> the
>
On 03.12.12 21:32, Daniele Imbrogino wrote:
I edited the working directory to /etc/bind because this is the directory
where I have all the zone data files.
If I use the default /var/cache/bind do I have to move also the zone data
files
no, you will just have to provide full path in zones' filen
On 02.12.12 18:10, Paul Romano wrote:
Thanks for the correction on the term TTL instead of timer. The engineer I
inherited this environment from has the refresh set to 40 minutes and the
zone expiration set to 2 hours. The explanation I got was that since we
are authoritative for AD we want ens
On 28.11.12 18:38, Tony Finch wrote:
Yes it does. For example, have a look at responses to queries for
dotat.at
in mx for various buffer sizes and observe that RRsets are dropped but
the
TC bit is not set.
On 11/30/2012 01:30 PM, Matus UHLAR - fantomas wrote:
Nice to see. I'm seeing recommend
On 12/05/2012 11:45 AM, Noel Butler wrote:
RPZ:
dig bobi.at
;; Query time: 996 msec
You're correct that blackhole zones and RPZ have different performance
characteristics. For others reading, this is because with RPZ, the real
name is queried first, then RPZ applies to the answers, so if the
On 05.12.2012 10:23, Daniele Imbrogino wrote:
I restarted BIND9 and then I tried, for example, 'dig www.apple.com'
obtaining "connection timed out; no servers could be reached".
But if I try 'dig @10.0.2.3 www.apple.com' it works correctly and I obtain
the correct answer.
Why? How can I resolve
On Wed, 2012-12-05 at 10:23 +0100, Daniele Imbrogino wrote:
> /etc/bind/named.conf.option
WTF is that file? it certainly is not an ISC named file.
if you are using some butchered to buggery distros file, please ask on
your distros mailing list
we are not to know what that file contains, or exp
On Wed, 2012-12-05 at 09:13 +, Phil Mayers wrote:
> On 12/04/2012 06:35 PM, Barry S. Finkel wrote:
>
> > A question from the OP that has not yet been answered -
> > Make the zones masters on all servers.
>
> Surely not for RPZ? The whole point with RPZ is that you have one zone
> containing
On 12/04/2012 06:35 PM, Barry S. Finkel wrote:
A question from the OP that has not yet been answered -
Make the zones masters on all servers.
Surely not for RPZ? The whole point with RPZ is that you have one zone
containing all the blacklists, master in one place, and slave it in all
the oth
On 12/05/2012 06:10 AM, Nick Edwards wrote:
Hi All,
Is there a way for RPZ zone file to act on domain AND subdomains
without using two separate entries?
At present I can only get them to match on one or the other unless I do
example.comblah
*.example.com blah
I'm sure I've missed
32 matches
Mail list logo
