>> I have just tried it again and I don't get the answers I expect? I see
>> the DNAME but the system does not seem to be following it.
DNAMEs provide aliases for names below the one at the DNAME, but not
for the name itself. That is, if you do this:
bar.example DNAME foo.example
you wi
On 16/01/2015 15:36, John wrote:
> DNAME will not work with DNSSEC.
> DNAME only work with the sub-tree, while DNSSEC is at the domain level.
>
> taking the example:
> klam.biz IN DNAME klam.com
>
> DNSSEC will try to find keys for klam.biz NOT klam.com, which results i
On Fri, Jan 16, 2015 at 10:49 AM, Casey Deccio wrote:
> ... The CNAME requires to RRSIG...
>
Typo:
That should read: "... The CNAME requires no RRSIG..."
Cheers,
Casey
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
Hi John,
On Fri, Jan 16, 2015 at 10:36 AM, John wrote:
> DNAME will not work with DNSSEC.
>
Not true. DNAMEs enable CNAME synthesis to other domains, after which
synthesis the response works just like regular CNAME response would. The
authentication works by authenticating the DNAME (using t
In article ,
Phil Mayers wrote:
> On 16/01/2015 15:07, John wrote:
> > On 1/16/2015 8:59 AM, Phil Mayers wrote:
> >> On 16/01/2015 13:00, John wrote:
> >>> But for this to work I would need to enable recursion on the
> >>> authoritative server for masters
> >>
> >> Why?
> >>
> > Because the la
DNAME will not work with DNSSEC.
DNAME only work with the sub-tree, while DNSSEC is at the domain level.
taking the example:
klam.biz IN DNAME klam.com
DNSSEC will try to find keys for klam.biz NOT klam.com, which results in
DNSSEC failure.
It looks like the only way to do this is to point
On 16/01/2015 15:07, John wrote:
On 1/16/2015 8:59 AM, Phil Mayers wrote:
On 16/01/2015 13:00, John wrote:
But for this to work I would need to enable recursion on the
authoritative server for masters
Why?
Because the last time I tried it, it did not work!
Authoritative servers don't ne
On 1/16/2015 8:59 AM, Phil Mayers wrote:
On 16/01/2015 13:00, John wrote:
But for this to work I would need to enable recursion on the
authoritative server for masters
Why?
Because the last time I tried it, it did not work!
I have just tried it again and I don't get the answers I expect? I
On 1/16/2015 8:59 AM, Phil Mayers wrote:
On 16/01/2015 13:00, John wrote:
But for this to work I would need to enable recursion on the
authoritative server for masters
Why?
___
Further problem is that DNSSEC tests show problem with NS records.
--
On 16/01/2015 13:00, John wrote:
But for this to work I would need to enable recursion on the
authoritative server for masters
Why?
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing
I have three domains two of which are aliases for the other (klam.ca -
aliases klam.biz and klam.com).
Within the these domains I have TLSA records for things like the email
system and some web services.
I originally thought of using dname records for the domain aliases and
cname records for t
wu shuangrong wrote:
>
> I want to set BIND up as a forwarder, using only TCP connection to query the
> google public DNS, because UDP is poisoned. Is this possible?
I don't think BIND supports that. And Google Public DNS's TCP support is
not very good: it drops the connection if you try to make
James Patterson wrote:
> The recursive dns server for my home network keeps crashing.
It looks to me like it is stopping gracefully in response to an `rndc
stop -p` command.
> 16-Jan-2015 09:46:44.319 general: info: received control channel command
> 'stop -p'
> 16-Jan-2015 09:46:44.424 genera
The recursive dns server for my home network keeps crashing. There is
nothing in the logs, so I upped the log severity to debug. I see this:
16-Jan-2015 09:46:44.314 general: debug 1: received control channel
command 'null'
16-Jan-2015 09:46:44.319 general: info: received control channel command
'
14 matches
Mail list logo
