Re: [ot] botched KSK rollover

2017-08-18 Thread PGNet Dev
You might want to look at gkg.net fyi @ Gandi rich DNS(SEC) API with XML-RPC call support & docs for python, php, nodejs, perl, ruby & c http://doc.rpc.gandi.net/domain/reference.html ___ Please visit https://lists.isc.org/mailman/listinfo/bin

[ot] Re: botched KSK rollover

2017-08-18 Thread /dev/rob0
On Fri, Aug 18, 2017 at 08:25:00AM -0700, Carl Byington wrote: > > Sigh, it sure would be nice if I had a registrar with a means > > to automate DS submission. > > You might want to look at gkg.net I've been planning to do that for a long time, I guess this is a reason to move on that. I was in

Re: botched KSK rollover

2017-08-18 Thread Carl Byington
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 > Sigh, it sure would be nice if I had a registrar with a means to > automate DS submission. You might want to look at gkg.net -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iEYEAREKAAYFAlmXBrwACgkQL6j7milTFsFd5QCfZMqbWV/Jd8vmr

Re: DNS Flag signification in Syslog

2017-08-18 Thread Mik J via bind-users
Thank you very much Mark for your quick answer Le Vendredi 18 août 2017 13h46, Mark Andrews a écrit : In message <1744062904.346000.1503053675...@mail.yahoo.com>, Mik J via bind-users writes: > Hello, > Do you know where I can find the signification of DNS syslog messages ? In the Ad

Re: botched KSK rollover

2017-08-18 Thread Michał Kępień
> I added a week to inactivation, > > # dnssec-settime -I+1w Knodns4.us.+005+60073.key > > I thought I should then try deactivating the new one, I am not sure whether this is really what you wanted to achieve, but in any case "dnssec-settime -i ... -S ..." only sets publication and activation da

Re: DNS Flag signification in Syslog

2017-08-18 Thread Mark Andrews
In message <1744062904.346000.1503053675...@mail.yahoo.com>, Mik J via bind-users writes: > Hello, > Do you know where I can find the signification of DNS syslog messages ? In the Administrators Reference Manual https://ftp.isc.org/isc/bind9/9.11.2/doc/arm/Bv9ARM.pdf Search for querylog > cli

DNS Flag signification in Syslog

2017-08-18 Thread Mik J via bind-users
Hello, Do you know where I can find the signification of DNS syslog messages ? client x.x.x.x#64111 (webmail.google.NET): query: webmail.google.NET IN + (y.y.y.y)=> I'm looking for the signification of the + client z.z.z.z#39953 (www.mydomain.org): query: www.mydomain.org IN A -ED (y.y.y.y)=

White list (RPZ deny all but mine)

2017-08-18 Thread tda
Hello. I use Bind 9.10.3.dfsg.P4-8 and 9.9.5.dfsg-3 (for ns1, ns2). I configured response-policy {zone "rpz.zone";} And now I'd like to bulid an whitelist. Drop all requests except listed in rpz.zone. Something like: domain.me CNAME rpz-passthru. *.domain.me CNAME rpz-passthru. tru