There’s been some great discussion lately on enabling DoH with LetsEncrypt
certs.
My question is this: If I renew the cert while named is running and do a
reload on it, is that enough to pick up the new certs or do I need to
stop/start the named process?
Basically, does reload only reload the
REALLY, it is
From: bind-users on behalf of Ondřej Surý
Sent: Friday, June 4, 2021 11:39 PM
To: Eric Germann
Cc: bind-users@lists.isc.org
Subject: Re: No more support for windows
What I’ve heard is that the geoip/maxmindb is the deal breaker,
but on general
Really is not as u say
first of all you have to take in mind DMZ and other complex config
As last (as I used it) , I used Linux DIST for Authorative and internet facing
resolver with TLD and as resolver
and two internal windows with BIND on Windows Server and WINS
If you use Active Directory , i
What I’ve heard is that the geoip/maxmindb is the deal breaker,
but on general level, I concur that MS-DNS is a good choice for
Windows Server deployments.
I am a big fan of picking the right tool for the job.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
> On 4. 6. 2021, at 23:31, Eric Germann
Call me naive, but I’m trying to figure out what the corner case is to use BIND
on Windows.
For an internal network Windows Server already has a name server that
integrates with AD and everything else needed to run a Windows network.
Support for DDNS is a lot easier, it has tons of SRV records
This feels a lot like responding to trolls, but I'll instead assume that you're
asking (or making a point) in good faith.
So, we'll stipulate that - you're actually interested in truth and knowledge.
So, it's easily compiled on Mac, Unix, FreeBSD, Linux, SunOS, RaspPi, etc.
And it compiles on a
Peter,
do you seriously think that this word play is going to help the BIND 9
support for Windows? So, I am asking you, what’s your serious
proposal what should we do?
I’ve had asked if people are willing to invest time, effort or money
into keeping the Windows support alive. I would rather accep
What I find ironic is that here:
https://gitlab.isc.org/isc-projects/bind9/-/blob/main/README.md
the very first line says:
"BIND (Berkeley Internet Name Domain) is a complete, highly portable
implementation of the Domain Name System (DNS) protocol."
If this were truly the case, BIND would work
Well its clearly not working so it needs to change just like DDNS is
free but you can paid for a subscription thats easy to do or SSL is free
for 90days but you have the option to pay easily for a year but that
might not work for bind for windows so it needs to be a subscription to
run it at le
Do you understand how ironic is for you to complain about “subscription is not
going to happen” while **every** email on the mailing list has this note in the
footer:
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more
On 04/06/2021 6:05 pm, John Thurston wrote:
On 6/4/2021 8:48 AM, Peter via bind-users wrote:
When people find out2024 is the year bind is no longer supported for
windows people aregoing to be upset this all seems to be done quietly
nothing posted on the the isc.org site about this just how many
When people find out2024 is the year bind is no longer supported for
windows people aregoing to be upset this all seems to be done quietly
nothing posted on the the isc.org site about this just how many people
depend on bind for windows will be shocking.
Hi G.W.,
On 4/6/21 12:33, G.W. Haywood via bind-users wrote:
> Hi there,
>
> On Fri, 4 Jun 2021, 3coma3 wrote:
>
>> Jun 3 22:03:53 ... apparmor="DENIED" ... "/usr/share/dns/root.hints" ...
>
> This isn't exactly an answer to your question but I don't think you
> need root.hints any more - you can
Hi Timothe,
On 4/6/21 10:13, Timothe Litt wrote:
>
> I'm not an apparmor user - but have you looked at the parent directory
> permissions? From what you posted, that would be the logical culprit.
>
Your suggestion helped me indirectly to pinpoint the problem.
I added above line 36 the following
Hi there,
On Fri, 4 Jun 2021, 3coma3 wrote:
Jun 3 22:03:53 ... apparmor="DENIED" ... "/usr/share/dns/root.hints" ...
This isn't exactly an answer to your question but I don't think you
need root.hints any more - you can just delete it.
I'm currently using 9.11.26, and I haven't used root.hin
I'm not an apparmor user - but have you looked at the parent directory
permissions? From what you posted, that would be the logical culprit.
In any case, unless you are using a private root zone, since named has
the root nameserver addresses built-in, the use of root.hint is
unnecessary. (Even i
16 matches
Mail list logo
