The KB article
you linked uses "severity dynamic" which uses the server debug level to
control what gets logged. You've already set that to 99 based on
replies elsewhere in the thread, so just fix the severity here and
reload named, and you should get all the logs you need to
scenarios it applies to?
Best regards,
Doug Whitfield
From: bind-users on behalf of Petr Špaček
Date: Tuesday, July 26, 2022 at 03:16
To: bind-users@lists.isc.org
Subject: Re: High memory consumption in bind 9.18.2
On 26. 07. 22 0:14, Doug Whitfield wrote:
> I wonder if simply adding the w
g the words “in most cases” to the end of the sentence
might make it more clear that the 10% increase in memory is not so much a bug
as a different use case.
Best Regards,
Doug Whitfield
From: bind-users on behalf of Ondřej Surý
Date: Monday, July 25, 2022 at 08:54
To: Raman kumar
Cc: ML BIND
but I can't figure out what they've done to the repo, and I can't
find my old stuff in there.
You're probably better off making your working directory something
that's not named in the mtree file, so that your permissions don't get
"fixed" by it.
hope thi
I've had LE fail after a cerbot upgrade because it grew a dependency
that didn't automatically get installed with the upgrade.
So yes, automation good, but not perfect.
On 2018-12-31 6:54 PM, John W. Blue wrote:
nuff said, eh?
I thought that Let's Encrypt wanted to roll / revalidate SSL cert
On 08/26/2018 07:30 PM, takahiro wrote:
That's why I want to know the effect of installing with "without-openssl".
What specifically are you trying to accomplish by compiling without openssl?
___
Please visit https://lists.isc.org/mailman/listinfo/bin
On 08/21/2018 08:53 AM, Grant Taylor via bind-users wrote:
On 08/20/2018 11:06 PM, Doug Barton wrote:
But that doesn't mean that slaving a zone, any zone, including the
root, is "dangerous." If slaving zones is dangerous, the DNS is way
more fragile than it already is.
Sorry
rm XYZ but didn't understand how the zig
interacts with the zag, can someone explain that to me?"
In other words, do SOMETHING to help yourself. Don't complain that no
one worked hard enough to make you understand something that you seem to
be working so hard to misunderstand.
On 08/20/2018 09:00 AM, Grant Taylor via bind-users wrote:
On 08/20/2018 05:23 AM, Tony Finch wrote:
If the local root zone gets corrupted somehow (maliciously or
otherwise) the usual setup cannot detect a problem, but it'll cause
DNSSEC validation failures downstream. The normal resolver / val
fied by OS vendors to use /etc/hosts
for address lookups.
nslookup doesn’t display the entire response by default.
On 20 Aug 2018, at 12:28 pm, Lee wrote:
On 8/19/18, Doug Barton wrote:
On 08/19/2018 12:11 PM, Lee wrote:
On 8/18/18, Doug Barton wrote:
nslookup uses the local resolver stub. T
On 08/19/2018 12:11 PM, Lee wrote:
On 8/18/18, Doug Barton wrote:
nslookup uses the local resolver stub. That's fine, if that's what you
want/need to test. If you want to test specific servers, or what is
visible from the Internet, etc. dig is the right tool, as the answers
yo
On 08/18/2018 04:53 PM, Barry Margolin wrote:
In article ,
Grant Taylor wrote:
On 08/18/2018 07:25 AM, Bob McDonald wrote:
I don't think anyone hates nslookup (well maybe a few do ) I
suppose the immense dislike stems from the fact that it's the default
utility under Windows. Folks who use
On 2018-08-15 10:43, Tony Finch wrote:
Doug Barton wrote:
Slaving the root and ARPA zones is a small benefit to performance for
a busy
resolver, [...]
This technique is particularly useful for folks in bad/expensive
network
conditions. While the current anycast networks of root servers
umerous sites, as have thousands of FreeBSD users.
hope this helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
receive the new IP.
When you say "configured client" are you referring to a DHCP
reservation? If so, do you have update-static-leases enabled in your
dhcpd.conf?
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to u
ded the view with the close-curly-bracket immediately above. You
probably want to comment out (or completely remove) the zone declaration
below.
zone "youtube.com <http://youtube.com>"
{
type master;
file "dummy-block";
allow-query {none;};
}
would slow you down at 15k qps.
hope this helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
SRV 0 0 88 kdc1
SRV 0 0 88 kdc2
_kerberos._tcpSRV 0 0 88 kdc1
SRV 0 0 88 kdc2
John,
Both of your responses were very interesting, thanks. :) And thanks for
the moral support in general.
Doug
--
I am conducting an experiment in the efficacy of PGP/MIME signatures
here is to be able to use the same
BIND instance as master for multiple AD realms that do not have an
existing trust relationship.
Thanks,
Doug
--
I am conducting an experiment in the efficacy of PGP/MIME signatures.
This message should be signed. If it is not, or the signature does not
validate,
as well. For
example:
$ host ajklasdfjklasd.com ; echo $?
Host ajklasdfjklasd.com not found: 3(NXDOMAIN)
1
hth,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
On 10/23/14 4:34 AM, Péter-Zoltán Keresztes wrote:
Hello
I am trying to add a dnssec signed tomain to DLV isc.
Is there a DNSSEC path from this domain up to the root zone? (It would
be helpful to list what domain it is.) If so, why are you adding it to DLV?
Doug
It's interesting to see the discussion about trying to turn dig into
something it isn't. :) It's a really good DNS diagnostic tool, but if
you just want to get the answer for a query, host does the job quite
well, with a lot le
you
from loading up a BIND 9.9.5 instance in the lab, loading up your data,
and answering your own question? :)
If your response is, "I don't have a lab," then you know your next step.
hth,
Doug
___
Please visit https://lists.isc.org/mailm
... all of which is not to say that your request is not reasonable, just
letting you know that a solution exists.
hope this helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users
e than a decade later EDNS still fails very often due to
misconfigured and/or ancient firewalls that don't understand it. 53/TCP
is part of the spec, and should not be blocked.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-
On 9/30/14 12:18 PM, Bill Christensen wrote:
Ok, since I theoretically have the allow-query correct I need to move on
to what else may be wrong.
When I test with http://www.intodns.com/ or other online tools, I'm
getting " ERROR: One or more of your nameservers did not respond" (the
IP is the s
the master name server for the zone.
In practice however it isn't used for anything except occasionally for
dynamic DNS.
hope this helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-use
n
more awesome in the Windows world when you have applications that can
ONLY work with short names, you can't even type a FQDN into the config.
hth,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscr
that have been reported with 9.10 you may wish
to reconsider that plan.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman
ut using the DLV to do
that. What I AM saying is that people should not be routinely advised to
use the DLV, and that resolver operators should only use it if they have
a good reason to.
And with that, I'll let others chime in, as I don't think I'm saying
anything new here. :)
rewarding providers who have done the right
thing.
I realize that it's unpopular to state some of these ideas in such a
direct way, and I hope no one is offended by one person's opinion. I
also realize that those who wish to receive th
onsider their
offerings.
No one said it would be easy. :)
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
at this point in the
evolution of DNSSEC the commonly accepted wisdom is that it should not
be used routinely; and in fact should only be used when the admin
knows that there is a TA in it that she needs, and that is not
available with a path through the root.
FWIW,
Doug
-BEGIN PGP SIGNATURE-
V
stead, save the list address and start a completely new message.
hope this helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.
very sexy. :)
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Almost certainly not running BIND. Almost certainly is running a
"creative" load balancing solution.
hth,
Doug
On 07/31/2014 12:56 PM, Ray Van Dolson wrote:
Not BIND-related specifically... (though the server below could be
running BIND I suppose).
This seems weird. W
stead, save the list address and start a completely new message.
hope this helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.
re time on the zone, and fix the master definition on your
provider's slave whenever it breaks, but that's pretty fragile.
Good luck,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bin
On 06/10/2014 08:56 AM, Mohammed Ejaz wrote:
Any help would be highly appreciated.
Switch to BlueCat which does all communication with TSIG by default? :)
Sorry, couldn't resist ...
Doug
___
Please visit https://lists.isc.org/mailman/lis
stead, save the list address and start a completely new message.
hope this helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.
stead, save the list address and start a completely new message.
hope this helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.
On 05/27/2014 03:51 PM, Baird, Josh wrote:
Hi,
Can someone recommend a modern/new-ish book on DNS (specifically BIND)? I know
there have been several O'Reily books throughout the years, but haven't kept up
on anything in the past few years. I'm looking for architecture design, best
practice
omers that
they do this on their INTERNAL servers for just the reasons that Josh
outlined. And as Mark said, EXTERNAL authoritative servers should never
have a recursive role.
hth,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bin
reload the zone on the master which should cause the master to
send notifies to the slaves which cause them to retransfer the zone.
The 'rndc retransfer ' command is something you run on the slave
if it doesn't transfer.
hope th
o
IME the default limits for simultaneous transfers and SOA queries are
quite conservative. On a busy master I usually at least double them.
You'll want to watch performance on the master to make sure it's not
actually getting swamped of course.
hth,
Doug
_
u(pl.) to reconsider your decision to actually release as is.
Anyway, now it can hang around and comiserate with resolv.conf.
Evidence of prior bad decisions does not provide justification for
future bad decisions. :)
Doug
___
Please visit https://li
t
crowd-source it on the ISC home page? I'm not terribly good at clever
names for things like this, but I would vote for 'dq' (as in, DNS query)
which has the virtue of not matching anything in the Ubuntu "did you
mean?" database.
hth,
Doug
__
#x27;s assuming this is a fairly recent BIND. If it doesn't support
sync, use "rndc freeze ; rndc thaw ".)
Or, just do a zone transfer. No need to freeze/thaw, and no interruption
to dynamic updates.
Doug
___
Please visit https://lis
the zones on the master has been the canonical way to handle
this situation since day 1.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lis
On 04/07/2014 08:14 PM, Dimitar Georgievski wrote:
Hi Doug,
Thanks, your article really cleared my confusion with the naming and
delegation of zones. I did read initially RFC 2317
<https://tools.ietf.org/html/rfc2317> when I started working on this
task, but I was lost with the use
#x27;t help much.
Did you find this in your search?
https://dougbarton.us/DNS/2317.html
If it falls in the category of "Didn't help much" I'd love to hear
suggestions for improvement.
Doug
___
Please visit https://lists.isc.org
27;s the least
painful way I can think of to deal with it off hand. You may come up
with a more creative solution.
hth,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
... it would be interesting to see a requirements doc on what
the HSM would need to provide to do that.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
On 3/8/2014 1:30 PM, sth...@nethelp.no wrote:
One mitigation approach is to blackhole the domains using local zones.
That�s not much of a mitigation. Not having open resolvers would be mitigation.
Not having open resolvers is good - but unfortunately doesn't help
against misbehaving clients (
On 02/12/2014 10:16 PM, Christoph Moench-Tegeder wrote:
## Doug Barton (do...@dougbarton.us):
If you don't have enough random bits on your system to run these simple
tests, your /dev/random is seriously underpopulated, and likely a
security risk. You should definitely not put BI
ry" master is for the zone. Windows
DNS does have this concept, but they don't emphasize it since they like
people to believe in the fantasy that is "lazy replication." :)
Doug
___
Please visit https://lists.isc.org/mailman/list
On 02/17/2014 11:37 AM, Kevin Darcy wrote:
Ugh, that mixes apples (recursive resolution) and oranges (iterative
resolution).
Out of curiosity, what bad thing do you think will happen if you mix
these two functions?
Doug
___
Please visit https
pretty damn
small to begin with, so that doesn't really matter. But the
algorithm, described in RFC 5155 section 5, could have been better
designed from that point of view.
Honestly that wasn't a factor in my thinking, but it's interesting info
to store away for future use, thanks.
higher-security requirements.
Doug
PS for Mark, When I was maintaining BIND for FreeBSD I always ran the
unit tests before I put a new version live. :)
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this l
On 02/06/2014 04:27 AM, Klaus Darilion wrote:
Hi!
I just noticed that on "rndc signing -clear all zone", Bind removes the
private RRs, updates the NSEC3 RR, and increases the serial, but it does
not send NOTIFYs.
I guess this is a bug.
I tested bind 9.9.5, with inline-signing of a zone.
Does
On 02/06/2014 06:27 AM, Chuck Anderson wrote:
I was kinda hoping that newer
versions of BIND could share zones (with identical zone contents)
between views without requiring the messy multiple IP alias setup.
You have always been able to do this with include files.
hth,
Doug
it
all on the same server you get a lot of extra complexity for no real
benefit.
You may get some useful information at
https://dougbarton.us/DNS/2317.html in any case.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubsc
o say only
add the records if there are no records of the given type. DHCPD
does this by default.
... speaking of how DHCP does things, you could add a TXT record for
your "static" entries, and test to see if that TXT record exists in DNS
before attemptin
script to start named. Start with that, follow the examples, and only
change things in the default if you're certain you know what the
implications of those changes will be.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-use
On 01/12/2014 07:30 PM, Barry Margolin wrote:
In article ,
Doug Barton wrote:
Thanks for the response, but you're answering a different question than
I asked. :) The question I'm interested in is, "Why is the recursive
server not pegging the CPU?" I'm aware that t
rsive server seems
to be working a lot less hard than the auth server, and I can't figure
out why.
Doug
On 01/12/2014 06:07 PM, Leonard Mills wrote:
Are you allowing long answers when authoritative? Performance
measurements with and without additional data in responses is measurable
(imo a
Thanks for the response, but that's not it. The auth-only responses are
generating a lot more traffic than the recursive.
Doug
On 01/12/2014 05:21 PM, Sten Carlsen wrote:
Wild guess: network bandwidth runs out before CPU? Why the difference, I
have no clue.
On 13/01/14 02.16, Doug B
%. The disk is nearly inactive on both systems, and there is no
swapping. Using BIND 9.9.4.
Is there perhaps something obvious I'm overlooking here? Any suggestions
are welcome.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-use
helps,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
me.jnl file until I incremented the zone file's serial number.)
The zone may be static but the "auto-dnssec maintain" process is
equivalent to the dynamic updates process, so that is the correct
directory.
Doug (who set up the permissions for named in FreeBSD ages ago)
__
rmine it for yourself).
Miscommunication about the zone names for 2317 zones are rather common.
Unless you've been told by the parent admin that the zone is precisely
192/26.* do not assume that is the case. There are a number of ways to
represent 2317 zones.
Good luck,
Doug
https://dou
Ok, simple. The zone you want to forward is 110.252.173.in-addr.arpa.
There is no need to make it more complicated than that.
Good luck,
Doug
On 07/09/2013 12:18 AM, sumsum 2000 wrote:
What I am trying to achieve is this:
I am using BIND9 only for forwarding DNS requests to other DNS
way. Please use the actual zone(s) you're working with, as
that will also make it easier.
Doug
https://dougbarton.us/DNS/bind-users-FAQ.html#RealNames
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 07/03/2013 07:52 PM, Novosielski, Ryan wrote:
| On 07/03/2013 04:39 AM, Matus UHLAR - fantomas wrote:
|> On 02.07.13 08:53, Daniel McDonald wrote:
|>> I've had trouble with OSI-Soft PI historian without reverse
|>> entries. If there is no revers
have
the correct effect?
Yeah, hard links work of course, but symlinks are slightly preferable
here because they make upgrades transparent.
hth,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
Interesting, the pcap that was posted previously showed some odd errors
around udp checksums, some showed valid, some showed invalid. With
modern NICs it's not uncommon to see them all invalid due to checksum
offloading, but the mix of valid and invalid was odd.
Doug
On 06/26/2013 09:
Yes, seems fine now. Can you share more information about what it was
you turned off? Sounds odd, but the results speak for themselves.
Doug
On 06/26/2013 09:39 PM, SH Development wrote:
Sure could use some direction about where to start looking. I "thought" I had
everything w
nd it doesn't have any
problems. But that's not even the weirdest bit. When running the Perl
script it sometimes works for starionhost.net, but never works for the
other 2.
It seems to me that you have something very odd going on with your netwo
seem to find an address record for
ns2.starionhost.net in the starionhost.net zone. That's likely at least
part of the reliability problem with the starionline.com zone.
hth,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-us
Good luck,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Great! Now step 2 is to remove the tag from the subject line before
sending mail back to the list. :)
On 06/16/2013 02:50 PM, Jerry K wrote:
Hello Warren,
Thank you so much for this post.
Long time procmail user here. I'm only sad I didn't think of this
myself first.
Its been working great
On 06/14/2013 05:13 PM, Vernon Schryver wrote:
From: Doug Barton
is that (like RRL) your proposal relies on people updating their
software.
RRL needs only authority and open recursive servers to be updated.
The vast majority of DNS installations are closed recursive and stubb
ld F. Guilmette wrote:
In message <51baa714.9020...@dougbarton.us>,
Doug Barton wrote:
It's obvious you're frustrated (understandable), and enthusiastic
(commendable), but you might want to consider dialing down your
"rhetoric" a bit.
Great idea! I have only one
On 06/14/2013 09:08 AM, Evan Hunt wrote:
(Our usual policy is not to add substantial new features in maintenance
releases like 9.9.4; making it a compile-time option that defaults to off
is our way of tiptoeing around the rule.)
Quite reasonable, and much appreciated. :)
___
Ronald F. Guilmette wrote:
In message <51ba355b.10...@dougbarton.us>,
Doug Barton wrote:
No. You can still get pretty good amplification with 512 byte responses.
That is an interesting contention. Is there any evidence of, or even any
reasonably reliable report of any DDoS actually being p
e likely
to be solvable.
There is no quick fix.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
e.tld, you
probably need to fix the root problem rather than trying to support the
bad behavior.
hth,
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
On 06/05/2013 11:33 AM, Tony Finch wrote:
I believe the ANY hack on mail servers was a Sendmailism 20ish years ago.
s/Send/q/
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Looks like it is in transition. The COM delegation has this:
ns1.netbcp.com
ns2.netbcp.net
pdns1.ultradns.net
pdns2.ultradns.net
pdns3.ultradns.org
pdns4.ultradns.org
pdns5.ultradns.info
On 05/21/2013 12:39 AM, Phil Mayers wrote:
On 05/21/2013 08:23 AM, Matus UHLAR - fantomas wrote:
On 21.05.13 11:03, Mark Andrews wrote:
The simplest solution is to slave the root zone and
turn off notify to so you don't spam the official
root servers. 192.5.5.241 is f.root-servers.
SECTION:
dns6.pointhq.com. 235 IN A 91.109.245.139
dns7.pointhq.com. 235 IN A 37.123.115.172
hope this helps,
Doug
On 05/17/2013 04:02 PM, budsz wrote:
Hi folks,
I've some problem with query serveral site, I use BIND 9.6.-ESV-R7-P2
$ host dns1.pointh
TRY filtering your mail into proper folders ... do it for a week, a
month, whatever. If your mail client doesn't notify you when mail gets
put into a folder, get a better mail client. Once you try doing it that
way for a while chances are near 100% that you will like it much better.
Doug
On 05/07/2013 01:50 PM, Matus UHLAR - fantomas wrote:
On 07.05.13 11:06, Michael Varre wrote:
So interestingly they did give me their setup and this is their
response, and my warm and fuzzy feeling continues to go out the window:
They use SimpleDNS
Record Name: 65.246.59.108.in-addr.arpa
DNS Se
On 05/03/2013 11:44 AM, rohan.he...@cwjamaica.com wrote:
What if both authoritative and recursive are running on the same server
That's a simple answer, don't do that.
Doug (ever)
___
Please visit https://lists.isc.org/mailman/listinfo/
dent before the first word is spoken in class.
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
he specific circumstances here you
may have over-engineered the solution a bit. :)
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.
, and putting websites on
hostnames that don't start with www. is the common case now. Can we save
our energy for something more productive?
Doug
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind
On 04/08/2013 06:54 AM, Sam Wilson wrote:
In article ,
Doug Barton wrote:
On 04/05/2013 11:53 PM, Novosielski, Ryan wrote:
| It is funny you should mention that... my questions about using views
| to create a situation where one single record is different happens to
| be exactly for this
is will do it,
| but haven't tested yet.
Much better to put the AD stuff in its own subdomain, like ad.umdnj.edu.
AD DNS is only really happy when it runs the whole show for its "home"
domain. It's possible to do otherwise, but really painful and fragile.
Doug
-BEGIN PGP
ifferent answers internally vs. externally for the same label?"
Sometimes multiple views are actually necessary to accomplish business
goals. IME however it's become so baked in that "we need multiple views"
that the right questions are never asked.
Doug
1 - 100 of 391 matches
Mail list logo
