named memory usage

Dear List, How can I approximate the memory usage of named process if I handle all IPv6/32 rDNZ on a DNS server? Regards, --teenigma ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing li

Re: Bind and ZSK-Rollovers: Changing salt automatically?

Actually it is useless to change the salt regularly. Changing the salt provides no real benefit against discovering the names in a zone which is the reason people were saying to change the salt. The attacker uses cached NSEC3 records. When it gets a cache miss it asks the servers for the zone,

Re: DNS slave not synced after successfully zone transfer

John Miller writes: > On Linux, at least, nslookup is a deprecated tool: dig is better in > many ways.  In Windows, obviously, nslookup is all you've got by > default :-(John in the latest Windows releases (8.1, 2012R2 Server), nslookup has been replaced by PowerShell "Resolve-DnsName"

Re: DNS slave not synced after successfully zone transfer

+1. Both Windows and Mac cache DNS records, so if you had the old one cached prior to making the change, you'd either have to flush your local cache or wait for the record's TTL to expire. On Linux, at least, nslookup is a deprecated tool: dig is better in many ways. In Windows, obviously, nsloo

Re: DNS slave not synced after successfully zone transfer

You may be seeing additional buffering from nslookup.  If you are using nslookup on a Windows platform, I'm 99.44% confident that you are observing M$ client-side buffering.  DiG (or even host) are much better than nslookup for diagnostic purposes. hth On Thursday, July 24, 2014 8:00 AM

Re: Bind and ZSK-Rollovers: Changing salt automatically?

Hello Johannes, Johannes Kastl writes: > Hi everyone, > > I read quite a bit on DNSSEC in the last couple of weeks, and found > that BIND can automatically rollover the ZSK without manual intervention. > > I also found the recommendation, to change the NSEC3 salt each time > the key is rolled ov

Bind and ZSK-Rollovers: Changing salt automatically?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi everyone, I read quite a bit on DNSSEC in the last couple of weeks, and found that BIND can automatically rollover the ZSK without manual intervention. I also found the recommendation, to change the NSEC3 salt each time the key is rolled over. Wh

Re: One question about 'Stealth servers'

I know of no way to do this within BIND itself, but if you Anycast your nameservers, and carefully tweak route preferences and whatnot, you could ensure that some instances (call it set A) only get used if all of the members of another set of instances (call it set B) stop advertising the route

Re: One question about 'Stealth servers'

On 24.07.14 10:38, 许腾 wrote: As a beginner of BIND, I'm writing to ask one question about 'Stealth servers'. To avoid the access failures arising from the broken down of Authoritative Name servers, I'd like to run Stealth servers as back up. My question is how could I set the Stealth servers a

Re: BUG report, BIND crash when dlz postgresql driver receives error from database server.

Hi Dennis On Thu, Jul 24, 2014 at 10:51:00AM -0500, Dennis Jenkins wrote: > Bind, configured with "dlz postgresql", successfully connects to the > database, but crashes (or corrupts the heap, randomly) on the very first > query submitted, if the "find zone" query receives a "permission denied" > e

BUG report, BIND crash when dlz postgresql driver receives error from database server.

I attempted to submit this bug report via the online form, but that failed ("Failed to send your message. Please try later or contact the administrator by another method.") Bind, configured with "dlz postgresql", successfully connects to the database, but crashes (or corrupts the heap, randomly)

Re: DNS slave not synced after successfully zone transfer

To check your cache, just run rndc dump. It'll write a dump of the BIND cache to your data directory (wherever you've got it configured). John On Thu, Jul 24, 2014 at 10:51 AM, Ricardo Esteves wrote: > Hi, > > It seems it's taking some time to sync after the transfer, because now it > resolv

양지은 부재중 자동응답: RE: bind-users Digest, Vol 1896, Issue 4

NAVER - http://www.naver.com/ 양지은(jieun.yang@navercorp...) 님은 현재 부재중입니다. 보내신 메일 은 저장되어 있으므로 다시 보내실 필요는 없습니다. 양지은(jieun.yang@navercorp...) 님이 남기신 메시지 입니다. 아카마이 유니버시티 Kona 과정 참석으로 인한 부재입니다.급하신 용무는 유선연락부탁드립니다.

Re: DNS slave not synced after successfully zone transfer

Hi, It seems it's taking some time to sync after the transfer, because now it resolves ok with the new data. nslookup 192.168.250.101 192.168.2.251 Server:        192.168.2.251 Address:    192.168.2.251#53 101.250.168.192.in-addr.arpa    name = open

Re: DNS slave not synced after successfully zone transfer

On NS #2, if you run rndc freeze/rndc thaw, what does the actual zone file look like? Also, what does your cache look like? Is 101.250.168.192.in-addr.arpa PTR cached? John On Thu, Jul 24, 2014 at 10:25 AM, Ricardo Esteves wrote: > Hi, > > I've got two bind9 servers, one master (192.168.2.2

DNS slave not synced after successfully zone transfer

Hi, I've got two bind9 servers, one master (192.168.2.251) and one slave (192.168.2.252). I've configured zone transfers, and after a change of a zone on the master, the slave gets the notification, downloads successfully the new zone file, but still has the

Re: Process size versus cache size.

> On Wed, Jul 23, 2014 at 02:15:34PM -0400, Thomas Schulz wrote: > > In investigating an out of memory error on a Solaris 8 Sparc > > machine (compiled as a 32 bit executable), I find that the process > > size increase due to the cache does not make sense. > > > > Over about a week the process siz

양지은 부재중 자동응답: RE: bind-users Digest, Vol 1896, Issue 2

NAVER - http://www.naver.com/ 양지은(jieun.yang@navercorp...) 님은 현재 부재중입니다. 보내신 메일 은 저장되어 있으므로 다시 보내실 필요는 없습니다. 양지은(jieun.yang@navercorp...) 님이 남기신 메시지 입니다. 아카마이 유니버시티 Kona 과정 참석으로 인한 부재입니다.급하신 용무는 유선연락부탁드립니다.