Which FQDN does your mail server use for its EHLO? It should use the
same name that's listed in reverse DNS.
John
On Thu, Mar 17, 2016 at 9:53 AM, Thomas Schulz wrote:
> This is not a BIND question but I hope people here will know the answer.
> We are switching service providers and I understan
Mike Bernhardt wrote:
> Please confirm that if a DNS query is sent to the virtual address, the reply
> will be sourced from the virtual address.
Yes.
(query-source doesn't affect replies.)
> The documentation for keepalived isn't very good, but as near as I can tell
> it does not support bring
This is not a BIND question but I hope people here will know the answer.
We are switching service providers and I understand that many email SPAM
prevention systems insist on the reverse DNS matching the forward DNS.
If I have two A records for our mail server and the reverse record matches
one of
Thank you for your response.. I thought of that earlier, but when I run the
exact same configure options on an older machine of ours (for 9.10.1) it
creates the output files just fine.. That is where it confused me.
Thanks
On Thu, Mar 17, 2016 at 5:18 PM, Mark Andrews wrote:
>
> *Think* about
Please confirm that if a DNS query is sent to the virtual address, the reply
will be sourced from the virtual address. The reason for restricting BIND to
a single address was mostly for firewall and administrative simplicity, but
that's not a big deal as long as the same address is used both direct
I did not mean forwarders, but I had a case where the authoritative name
servers for a domain were down
for an extended period of time, exceeding the ttl for their records. I was
curious if I could tell my DNS servers
to serve these records for longer than the registered ttl. And I wanted to
automa
In article ,
Dave Warren wrote:
> My current logic is that I do a SOA query and check the serial number,
> if it has changed, I query every needed hostname into a temp file, and
> if every single query was successful, check the SOA again, and if it
> still matches, update the /etc/hosts. If a
You might want to try "ip a" vs ifconfig. RHEL7 uses Network Manager and in
the past I've found some things don't show up in ifconfig output when doing
alias/virtual interfaces.
Usually even when other products (e.g. Oracle RAC/GRID) create virtual
interfaces they still show up as valid int
How do you actually expect this to ever work in real life?
If a service knows it is going to be disconnected for a extended
period of time there are plenty of third party DNS providers that
can serve the zone and be delegated to. If it happens after the
fact then they should spin up new servers
On 2016-03-18 00:12, G.W. Haywood wrote:
I'd just put something in /etc/hosts and send myself an email every
month or so to remind me I'd done that.
I once wrote a script that periodically did zonetransfer, parsed output
and updated the /etc/hosts file.
/Anders
__
On 3/17/16, 10:15 AM, "Ron" wrote:
> According to the BIND9 docs:
>
> cleaning-interval This interval is effectively obsolete. Previously, the
>server would remove
> expired resource records from the cache every cleaning-interval minutes.
>BIND 9 now
> manages cache memory in a more sophisticat
On Fri, Mar 18, 2016 at 9:43 AM, Ron wrote:
>
> How about a list of domains for which cached RRs will not be purged
> _unless_ a different RR is supplied by the 'upstream' server?
>
Or, with Barry Margolin's comments in mind, a dynamic list, which is
compiled from the domains that are accessed, s
Hi there,
On Thu, 17 Mar 2016, Ron wrote:
... in this case it's a supplier who is unable to keeps his DNS servers
working, and we just want to keep the connectivity.
I'd just put something in /etc/hosts and send myself an email every
month or so to remind me I'd done that.
--
73,
Ged.
___
Tom, when your mail server establishes a connection to another host, the
receiving host will likely automatically check the PTR record of the IP
address your server used as it's source address. This PTR record should
have a corresponding A record that points to the same IP address that
was look
> Please confirm that if a DNS query is sent to the virtual address, the reply
> will be sourced from the virtual address. The reason for restricting BIND to
> a single address was mostly for firewall and administrative simplicity, but
> that's not a big deal as long as the same address is used bo
On 3/17/2016 12:36:31 +0100 Ron wrote:
Can bind be configured to not drop RR's from the cache when
the upstream DNS server is unresponsive?
Hi,
subject says all. Read manpages, could not find this in the FAQ's.
Hope this is possible. If not does anyone know of other name servers
that offer
I think I Know why it worked on the old server.. it is because there is an
existing Makefile already.. I am going to rename the existing makefile and
see if it creates one. If it doesnt, then I will know that the no-create
option is the culprit!
Thanks for your help.. I will report back with what
Hello all
I am trying to compile Bind 9.10.3-P4 from source and whenever I try to run
the following:
./configure --sbindir=/usr/sbin --sysconfdir=/etc/bind --with-openssl
--disable-openssl-version-check --no-create --no-recursion
I receive the following error after the configuration script is f
In general you're right of course,
but in this case it's a supplier who is unable to keeps his DNS servers
working, and we just want to keep the connectivity.
For various reasons it's not that easy to switch to a new supplier,
and in any case we need an intermediate solution.
Ron
On Thu, Mar 1
Hi,
subject says all. Read manpages, could not find this in the FAQ's.
Hope this is possible. If not does anyone know of other name servers
that offer this option?
Thanks,
Ron Arts
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to un
On Thu, Mar 17, 2016 at 2:51 PM, Barry S. Finkel wrote:
> On 3/17/2016 12:36:31 +0100 Ron wrote:
>
> Can bind be configured to not drop RR's from the cache when
>>> the upstream DNS server is unresponsive?
>>>
>>
> Hi,
>>
>> subject says all. Read manpages, could not find this in the FAQ's.
>> H
My apologies, never mind :-{
I don't know what the problem was, BIND seems to load up just fine today,
even when the option addresses don't match the virtual address. I must have
screwed up something else.
___
Please visit https://lists.isc.org/mailman
--no-create is for when you want to tinker with the final results built
into config.status prior to building the Makefiles.
I've committed changes to no run "make clean" if --no-create is set.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742
On 16/03/16 12:48, Lightner, Jeff wrote:
You might want to try "ip a" vs ifconfig. RHEL7 uses Network
Manager and in the past I've found some things don't show up in
ifconfig output when doing alias/virtual interfaces.
Usually even when other products (e.g. Oracle RAC/GRID) create
virtual inte
On 17.03.16 09:53, Thomas Schulz wrote:
This is not a BIND question but I hope people here will know the answer.
We are switching service providers and I understand that many email SPAM
prevention systems insist on the reverse DNS matching the forward DNS.
If I have two A records for our mail ser
Dave,
On Sat, Mar 19, 2016 at 6:02 AM, Dave Warren wrote:
> On 2016-03-18 01:46, Ron wrote:
>
>
> On Fri, Mar 18, 2016 at 12:12 AM, G.W. Haywood
> wrote:
>>
>> Hi there,
>>
>> On Thu, 17 Mar 2016, Ron wrote:
>>
>>> ... in this case it's a supplier who is unable to keeps his DNS servers
>>> worki
> Am 17.03.2016 um 14:53 schrieb Thomas Schulz:
>> This is not a BIND question but I hope people here will know the answer
>> We are switching service providers and I understand that many email
>> SPAM prevention systems insist on the reverse DNS matching the forward
>> DNS. If I have two A records
On Fri, Mar 18, 2016 at 12:12 AM, G.W. Haywood
wrote:
> Hi there,
>
> On Thu, 17 Mar 2016, Ron wrote:
>
> ... in this case it's a supplier who is unable to keeps his DNS servers
>> working, and we just want to keep the connectivity.
>>
>
> I'd just put something in /etc/hosts and send myself an e
*Think* about the arguments you are passing to configure. You told configue
to NOT CREATE the makefiles.
Mark
In message
, Majid Mir writes:
>
> Hello all
>
> I am trying to compile Bind 9.10.3-P4 from source and whenever I try to run
> the following:
>
> ./configure --sbindir=/usr/sbin --s
Thomas Schulz wrote:
> We currently have adi.com signed using options:
>
> inline-signing yes;
> auto-dnssec maintain;
>
> If I change an A record or add a new A record, will the signing be
> automatically updated or do I have to do an rndc sign zone?
It's automatic :-)
Tony.
--
f.anthony.n.fi
We currently have adi.com signed using options:
inline-signing yes;
auto-dnssec maintain;
If I change an A record or add a new A record, will the signing be
automatically updated or do I have to do an rndc sign zone?
Tom Schulz
Applied Dynamics Intl.
sch...@adi.com
_
Slave the zone? Oh, run secondary. Fat chance.
Ron
On Fri, Mar 18, 2016 at 5:03 PM, Darcy Kevin (FCA) wrote:
> Would they be receptive to letting you slave the zone? At least then you’d
> have the whole EXPIRE time before the names stopped resolving.
>
>
>
> If they’re concerned about security,
In article ,
sch...@adi.com (Thomas Schulz) wrote:
> This is not a BIND question but I hope people here will know the answer.
> We are switching service providers and I understand that many email SPAM
> prevention systems insist on the reverse DNS matching the forward DNS.
> If I have two A recor
33 matches
Mail list logo
