e $client$ parameter appears to work for zone transfers, as
> per this
> >> example https://github.com/opennetadmin/ona/wiki/bind-dlz
> >> However if I use $client$ on any other queries bind segfaults.
> >>
> >> Strace doesn't seem to show anything use
e $client$ parameter appears to work for zone transfers, as
> per this
> >> example https://github.com/opennetadmin/ona/wiki/bind-dlz
> >> However if I use $client$ on any other queries bind segfaults.
> >>
> >> Strace doesn't seem to show anything use
On 04/03/2013 05:30 PM, Kevin Darcy wrote:
It's still not clear to me what you think is the "right" way to do it.
I'm not saying that there is only one right way. I'm saying you first
have to answer the question, "What might we want to achieve by having
different answers internally vs. extern
On 04/02/2013 12:47 AM, Martin T wrote:
Is NS record pointing to "some other name server" needed in case of
classless IN-ADDR.ARPA delegations? What happens if one does not
specify this?
It's very common for the parent name server(s) to slave the 2317 zone so
that it can answer directly. It's
> Thanks certainly blows up the possibility of doing native GeoDNS at the
> moment? Any chance I am overlooking a method which I could effectively
> get the clients address into a MySQL query with the current 9.9.2
> release?
It's not quite the same as %client%, but I suggest you take a look at
co
On 4/2/2013 2:00 AM, Doug Barton wrote:
On 04/01/2013 11:46 AM, Kevin Darcy wrote:
On 3/29/2013 12:09 AM, Doug Barton wrote:
On 03/28/2013 12:28 PM, Ben-Eliezer, Tal (ITS) wrote:
My organization is evaluating the use of split-view DNS in our
environment.
Simple ... don't do it. It's almost n
On Apr 3, 2013, at 4:13 PM, Vernon Schryver wrote:
>> From: Chris Buxton
>
>> If a name exists in the response policy, and also exists in the real
>> Internet namespace, the value from the policy is returned. But if it
>> doesn't exist out on the Internet, then the value is not returned --
>> an
> From: Chris Buxton
> If a name exists in the response policy, and also exists in the real
> Internet namespace, the value from the policy is returned. But if it
> doesn't exist out on the Internet, then the value is not returned --
> an NXDOMAIN (or SERVFAIL, or whatever) is returned instead.
>
Thanks certainly blows up the possibility of doing native GeoDNS at the moment…
Any chance I am overlooking a method which I could effectively get the clients
address into a MySQL query with the current 9.9.2 release?
Thanks again,
Michael
--
Michael McConnell
WINK Streaming;
email: mich...@wi
If a zone is being made available to the public (which these are)
then steps should be taken to ensure it is resolvable all the time.
This means having multiple servers that are not subject to common
failures. This is basic DNS.
In message
, Martin T
writes:
> Hi,
>
> in case of classless IN-
> From: "Lawrence K. Chen, P.Eng."
> First thing that got my attention was that "The rules encoded in a
> response policy zone (RPZ) are applied only to responses to queries
> that ask for recursion". But, these are authoritative only nameservers
> So, would RPZ work in this case?
This is s
In message <515a92a5.3020...@imperial.ac.uk>, Phil Mayers writes:
> On 04/01/2013 07:36 PM, Carlos M. Martinez wrote:
> > Reframing the question in more general terms... Which events trigger a
> > zone re-sign and reload when using "auto-dnssec maintain" ?
>
> As someone else has already said, zo
On Tue, 2013-04-02 at 14:16 -0700, Chris Buxton wrote:
> Can anyone explain this to me?
>
> If a name exists in the response policy, and also exists in the real Internet
> namespace, the value from the policy is returned. But if it doesn't exist out
> on the Internet, then the value is not retu
On 02.04.2013 01:13, Michael McConnell wrote:
Unfortunatelly, $client$ is only supported in allowzonexfr() method (see
e.g. http://bind-dlz.sourceforge.net/mysql_driver.html for some info about
SDLZ methods). It would be nice to have it in others, too, but BIND does not
pass it via current API
- Original Message -
> > From: "Lawrence K. Chen, P.Eng."
>
> > ... So, being able to filter out these 'bad' things when responding
> > queries against that data might be a good thing.
>
> RPZ might be used for such things. However, by design RPZ rewrites
> entire responses. It is tr
Can anyone explain this to me?
If a name exists in the response policy, and also exists in the real Internet
namespace, the value from the policy is returned. But if it doesn't exist out
on the Internet, then the value is not returned -- an NXDOMAIN (or SERVFAIL, or
whatever) is returned instea
Hi,
in case of classless IN-ADDR.ARPA
delegations(http://www.ietf.org/rfc/rfc2317.txt) I have usually seen
at least one NS record pointing to name server other than the
end-customer ones. Example from rfc2317.txt where there are two NS
records and the second one is not the end-customer name server
On 04/01/2013 07:36 PM, Carlos M. Martinez wrote:
Reframing the question in more general terms... Which events trigger a
zone re-sign and reload when using "auto-dnssec maintain" ?
As someone else has already said, zone updates, signature expiration and
key events.
In particular, it's normal
On 04/01/2013 11:46 AM, Kevin Darcy wrote:
On 3/29/2013 12:09 AM, Doug Barton wrote:
On 03/28/2013 12:28 PM, Ben-Eliezer, Tal (ITS) wrote:
My organization is evaluating the use of split-view DNS in our
environment.
Simple ... don't do it. It's almost never the right answer, and as
you're lear
In message , Michael
McConnell writes:
>
> The $client$ parameter appears to work for zone transfers, as per this =
> example https://github.com/opennetadmin/ona/wiki/bind-dlz
> However if I use $client$ on any other queries bind segfaults.
>
> Strace doesn't seem to show anything useful...
>
20 matches
Mail list logo
