BIND recursive - DNS Nonsense Name Attacks part 2

2015-07-01 Thread Neil
Hi again fellow Bind users, We have been running 9.10.2 to circumvent DNS Random QNAME attacks. It seems that 9.10.2 had some issues for us with response performance. At times the clients query's would be accepted but no response was generated back to clients. This happened on random basis where

Re: first time setting bind

2015-07-01 Thread Mike Hoskins (michoski)
DNS and BIND is the de facto standard: http://shop.oreilly.com/product/9780596100575.do Getting stale, but some good info: https://www.cymru.com/Documents/secure-bind-template.html Good reference: http://www.zytrax.com/books/dns/ ...and of course the ARM for your BIND version: https://kb.isc

first time setting bind

2015-07-01 Thread Leandro
Hi bind users: As tittle say, I need to set master and slave bind pair for the first time. A already managed some servers with bind and outbound but never configured one. First I would like to ask for some good material to begin reading. After I will do some practices and come back to list. Any

Re: empty-zones-enable vs. forwards for rfc1918 reverse zones

2015-07-01 Thread Alexander Bochmann
...on Wed, Jul 01, 2015 at 09:58:52PM +1000, Mark Andrews wrote: > Upgrade. > 3653. [func] Create delegations for all "children" of empty zones > except "forward first". [RT #34826] Ugh... Seems that's in bind 9.8.5... Guess I kinda deserve something like th

Re: empty-zones-enable vs. forwards for rfc1918 reverse zones

2015-07-01 Thread Mark Andrews
Upgrade. 3653. [func] Create delegations for all "children" of empty zones except "forward first". [RT #34826] Mark In message <20150701113621.gb1...@gxis.de>, Alexander Bochmann writes: > Hi, > > I have an internal bind server that has several forward zones

empty-zones-enable vs. forwards for rfc1918 reverse zones

2015-07-01 Thread Alexander Bochmann
Hi, I have an internal bind server that has several forward zones pointing to other internal name servers that carry reverse zones for rfc1918 networks we are using in our networks (let's say something like 0.20.10.in-addr.arpa). This works fine until I either set empty-zones-enable yes; or inc

Re: dns_rdata_fromtext Syntax Error for "\" in bind-9.8.2

2015-07-01 Thread Mark Andrews
Try "!^(.*)$!sip:\\1...@sonusnet.com;user=phone!" There was no matching subexpression for \1. In message , Harshith Mulky writes: > Hello All, > > I have a Zone file Configured like this wiht the below NAPTR Record. > I have an issue while loading the Zone File > Bind Version I am Running is bi

dns_rdata_fromtext Syntax Error for "\" in bind-9.8.2

2015-07-01 Thread Harshith Mulky
Hello All, I have a Zone file Configured like this wiht the below NAPTR Record. I have an issue while loading the Zone File Bind Version I am Running is bind-9.8.2-0.17.rc1.el6.x86_64 While Loading the Zone file, it gives the following syntax Error " dns_rdata_fromtext: psx64.com:16: syntax error