Re: forward only recursive server doesn't forward

2016-10-20 Thread Alex
Hi, >> zone "96/28.104.104.66.in-addr.arpa" { >>type slave; >>file "slaves/db.104.104.66"; >>masters { 64.1.1.3; }; >>allow-query { any; }; >>allow-transfer { trusted; }; >> }; > > >> I set up the reverse zone a long time ago, and I don't think the "zone >>

Re: forward only recursive server doesn't forward

2016-10-20 Thread Alex
Hi, >> >> I have a bind-9.10.3 server on fedora22 that is authoritative for a >> >> few domains and their corresponding IP ranges. I'd like to set up >> >> another domain server (rbldnsd) on a host in one of those domains as a >> >> forward-only server. >> >> >> >> The problem appears to be that t

Re: receive_secure_serial: bad database

2016-10-20 Thread Evan Hunt
On Thu, Oct 20, 2016 at 07:47:35PM +, Eldridge, Rod A [ITNET] wrote: > I haven't found a good explanation of that this log entry means: > > Oct 20 14:41:47 dns-s named[8311]: zone student.iastate.edu/IN/in (signed): > receive_secure_serial: bad database > > I've found 58 log entires for this

receive_secure_serial: bad database

2016-10-20 Thread Eldridge, Rod A [ITNET]
I haven't found a good explanation of that this log entry means: Oct 20 14:41:47 dns-s named[8311]: zone student.iastate.edu/IN/in (signed): receive_secure_serial: bad database I've found 58 log entires for this just in the last 90 minutes. Nothing before that in the last 9 days. I've also had

Re: DNAME + DNSSEC

2016-10-20 Thread Marco Davids (SIDN)
On 20/10/2016 14:41, Marco Davids (SIDN) wrote: > For testing-purposes I tried to simulate the situation in sidnlabs.nl: > > dig +dnssec -t ANY _sidn._dnssec-valcheck._1804289384.sidnlabs.nl ERROR! That should be: dig +dnssec -t ANY _sidn._dnssec-valcheck._1804289384.dname.sidnlabs.nl -- Ma

DNAME + DNSSEC

2016-10-20 Thread Marco Davids (SIDN)
Hi, I noticed some inconsistent behavior in a particular setup where a DNAME is involved and I am trying to figure out who is right and who is wrong. Players involved on the resolving side are: Google Public DNS (resolves without an error) BIND (often results in a timeout and a log-rule saying:

Re: forward only recursive server doesn't forward

2016-10-20 Thread Reindl Harald
Am 20.10.2016 um 03:27 schrieb Alex: I have a bind-9.10.3 server on fedora22 that is authoritative for a few domains and their corresponding IP ranges. I'd like to set up another domain server (rbldnsd) on a host in one of those domains as a forward-only server why on another host? it just ad

Re: forward only recursive server doesn't forward

2016-10-20 Thread Matus UHLAR - fantomas
On 19.10.16 21:27, Alex wrote: I have a bind-9.10.3 server on fedora22 that is authoritative for a few domains and their corresponding IP ranges. I'd like to set up another domain server (rbldnsd) on a host in one of those domains as a forward-only server. The problem appears to be that the qu