Hi Blason,
My understanding is that if there is no "notify no;" statement, then
bind will send notifies to all name servers for a given zone.
Also notify pertains too the notification of name servers not included
in zone data.
Kind Regards Peter
On 04/05/2018 05:51, Blason R wrote:
Hi,
Hi,
So I was playing with these two statements and wanted to know something on
also-notify.
also-notify by default will update slaves about delta changes on port
TCP/53 if not explicitly set right?
e.g.
also-notify {10.0.1.2; "notify-them" port 2034;};
__
On 05/03/2018 12:42 PM, Darcy Kevin (FCA) wrote:
As far as I know, Domain Controllers still only maintain SRV records
DCs, likely all member servers, and possibly all workstations (or the
DHCP server on their behalf) will try to register A / and PTR
records too.
Also, updates to the AD
“We are aware that we should not mix the plain text configuration with these
dynamic records (and use a subdomain instead)”
So, why don’t you do that? As far as I know, Domain Controllers still only
maintain SRV records, so the “underscore zones” approach should still work.
Make _tcp.example.co
Again unicast could be any IP address or normal IP address given on server?
There is no such specification like multicast
On Thu, May 3, 2018 at 7:46 PM, Blason R wrote:
> Thanks I got it, Below link helped me understand.
>
> https://deepthought.isc.org/article/AA-00518/0/How-can-I-
> synchroniz
Thanks I got it, Below link helped me understand.
https://deepthought.isc.org/article/AA-00518/0/How-can-I-synchronize-DNS-RPZ-firewall-policies-across-multiple-DNS-servers.html
The one thing I didnt understand is how to assign unicast address from DNS
perspective?
On Thu, May 3, 2018 at 7:36 PM
Hi there,
Can someone please guide me on working configuration of Mater/Slave zone in
DNS RPZ for reference?
Is that available with someone? And does it work exactly as master/slave
like any other zone?
___
Please visit https://lists.isc.org/mailman/lis
Tom wrote:
> Does the "inline-signing"-mechanism also automatically renew the
> expiration-time of the RRSIGs?
Yes.
> If so: When or in which interval does BIND verify the expiration-times
> of the RRSIGs and renew them?
The documentation for sig-validity-interval says renewal time is 1/4 of
t
On 02/05/2018 23:39, Rick Dicaire wrote:
> Thanks for the responses folks...so if I don't need to manage root.hints,
> can I remove the line:
>
> zone "." IN {type hint;file "root.cache";};
>
> from named.conf?
Yes, you can remove it.
Regards,
Anand
Hi list
Using latest BIND (9.12.1) with dnssec and inline-signing enabled.
SIG-VALIDITY-INTERVAL is set to 1 day (for testing).
Look the following RRSIG:
test01.example.com. 300 IN RRSIG A 8 3 300 (
20180504060124 20180503052321 1 test01.example.com.
rUch7bFR18Nmaeu+gqS29fG8oTPQm1SIBe9
10 matches
Mail list logo
