Re: Private IP address in A record

2014-06-26 Thread Ryan Novosielski
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At least on BIND, this should work fine. You probably made some other error (check wherever your logs would likely go). Apart from the fact that, yes, no one really recommends this. On 06/27/2014 12:11 AM, Teerapatr Kittiratanachai wrote: > I know tha

Re: Private IP address in A record

2014-06-26 Thread Teerapatr Kittiratanachai
I know that this kind of implementation isn't be recommended, but I don't understand that why some DNS servers can answer the record as normally while another can't. On Fri, Jun 27, 2014 at 10:42 AM, Noel Butler wrote: > On 27/06/2014 12:32, Teerapatr Kittiratanachai wrote: >> >> Dear List, >> >>

Re: Private IP address in A record

2014-06-26 Thread Noel Butler
On 27/06/2014 12:32, Teerapatr Kittiratanachai wrote: Dear List, Yesterday I try to map a private IP address on Public DNS Server, but some server, actually 1 server, doesn't show the answer. But the Rcode is 0. So I already removed that record for now. Is it possible to set DNS server for not s

Private IP address in A record

2014-06-26 Thread Teerapatr Kittiratanachai
Dear List, Yesterday I try to map a private IP address on Public DNS Server, but some server, actually 1 server, doesn't show the answer. But the Rcode is 0. So I already removed that record for now. Is it possible to set DNS server for not show answer that be the private IP address? Regards, Tee

Re: Cannot chroot bind: ENGINE_by_id failed (crypto failure)

2014-06-26 Thread Hauke Lampe
On 26.06.2014 22:53, Matthew Washington wrote: > May 20 16:32:15 fortress named[6034]: error:260B6084:engine > routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450: > May 20 16:32:15 fortress named[6034]: error:2606A074:engine > routines:ENGINE_by_id:no such engine:eng_list.c:418:id=gost > May 20 1

Cannot chroot bind: ENGINE_by_id failed (crypto failure)

2014-06-26 Thread Matthew Washington
I recently upgraded my OS from CRUX 2.7 to CRUX 3.0 and am running into a problem with getting bind9 to run in a chroot jail.  I had this setup working correctly on my old OS, but I cannot recall what versions of bind and openssl were running on it.  I can get bind to run without a chroot, but

Re: RRL question

2014-06-26 Thread Tony Finch
Nick wrote: > Is there a way to setup RRL to rate limit by source IP / or certain net > blocks? For simple cases where you want to rate-limit by default, but allow some clients to be unlimited, use the exempt-clients clause. If you want different limits for different clients, use different vie