Re: bind does not resolved all domains (SERVFAIL)

Hi, For me, today's problem is philasd.org, getting SERVFAIL # dig +trace philasd.org couldn't get address for 'dns1.philasd.org': not found couldn't get address for 'dns2.philasd.org': not found dig: couldn't get address for 'dns1.philasd.org': no more / Missin

Re: Question on prod.msocdn.com

Just fyi, Found my problem here, our Tipping Point IPS was misbehaving for msocdn.com, all well now. The contributors on the ISC lists are a wealth of information and appreciated. best! jim On 11/9/2016 2:50 PM, Jim Glassford wrote: On 11/9/2016 2:42 PM, Jim Glassford wrote: On 11/9/2016

Re: Question on prod.msocdn.com

On 11/9/2016 2:42 PM, Jim Glassford wrote: On 11/9/2016 4:55 AM, Tony Finch wrote: Jim Glassford wrote: Doing dig +cd on prod.msocnd.com will get the CNAME, without +cd either timeout or SERVFAIL depending on version of bind. It works for me with BIND 9.11 and 9.10.4-P4. There are some

Re: [Ext] Re: Question on prod.msocdn.com

On 11/9/2016 4:55 AM, Tony Finch wrote: Jim Glassford wrote: Doing dig +cd on prod.msocnd.com will get the CNAME, without +cd either timeout or SERVFAIL depending on version of bind. It works for me with BIND 9.11 and 9.10.4-P4. There are some EDNS-related changes in 9.10 which might be

Question on prod.msocdn.com

Greetings, Query the list, any verification or pointers appreciated. We are having dns issues for prod.msocdn.com starting on Monday 11/7/2016 and I just thought it was DNSSEC issue on their end but not so sure anymore. Doing dig +cd on prod.msocnd.com will get the CNAME, without +cd either ti

Re: [Ext] RRL settings that work for you

Hi Mike, In production since July 2013 without complaints and believe it has helped here. rate-limit { responses-per-second 10; window 5; }; best! jim On 5/26/2015 5:00 PM, Mike Hoskins (michoski) wrote: Hi folks, I've read about RRL with interest since its inception, but just now g

Re: Master to Slave initial zone transfer question

On 4/16/2014 11:35 AM, Barry Margolin wrote: In article , "Jeronimo L. Cabral" wrote: Dear, I've implemented two Debian 7 servers with Bind9 as a Master - Slave schema. Everything works OK, but I have just a question: When a create a new zone in the Master and reload the bind9 daemon, this

Re: Looking for a pointer on getting reverse mapping with DDNS to work with DHCPD & Named.

0ANYTSIG hmac-md5.sig-alg.reg.int <http://hmac-md5.sig-alg.reg.int>. 1364496936 300 0 25308 BADKEY 0 > quit [root@dns04 chroot]# On Thu, Mar 28, 2013 at 12:03 PM, Jim Glassford <mailto:jmgl...@iup.edu>> wrote: Hi Jim, No, sorry, wrong IP add

Re: Looking for a pointer on getting reverse mapping with DDNS to work with DHCPD & Named.

indows workstation. I'm willing to try it, but it seems like that would mean I would need a zone like this for all of my leased addresses??? Jim On Thu, Mar 28, 2013 at 11:42 AM, Jim Glassford <mailto:jmgl...@iup.edu>> wrote: Hi Jim, Lost track but have you tried

Re: Looking for a pointer on getting reverse mapping with DDNS to work with DHCPD & Named.

Hi Jim, Lost track but have you tried using the IP address of the server for the primary, 172.10.20.101 instead of 127.0.0.1? zone dhcp.coloradostudios.com. { primary 172.10.20.101; <- change from 127.0.0.1 key DHCP_UPDATER; } best! jim On 3/28/2013 1:31

Re: User wanting to use a .local domain to host DNS

Just fyi, some talk about Extensions of the Bonjoure Protocol Suite few days ago; Date: Tuesday, November 6, 2012 9:11 AM The mdnsext BoF is today at 15:20 US Eastern Time. The agenda is below. Slides are available here: https://datatracker.ietf.org/meeting/85/materials.html. Remote participat

Re: dhcpd

Hi, Running 4.1.1-P1 and we these also from iThings and androids. Tried to verify if the ones doing it where jail broke or something else in common but never got to the bottom of it. Enabling bootp, they continued to ask. We just continue to deny bootp for subnets that have no need for it and

Re: Slaves do not more update

Hi, May have already been covered by another but just to verify, "beating a dead horse" Do you update the serial number before you sign the zone? If automated at all with scripts, make sure you update the SOA serial number then sign. jim On 6/22/2011 1:42 PM, Michelle Konzack wrote: Hello

(fixed) bad cache hit (eduftcdnsp01.ed.gov/DS)

Thanks to everyone who replied on and off list, my first dnssec related problem and no self confidence. :-) They got it fixed yesterday evening and working OK again. have a great weekend! jim On Fri, 27 May 2011 15:09:39 -0400  Jim Glassford wrote: Hi, Running BIND 9.7.0-P2 Is this

? bad cache hit (eduftcdnsp01.ed.gov/DS)

Hi, Running BIND 9.7.0-P2 Is this just me or other seeing this? Starting today got reports of unable to reach some student ad sites such as studentloans.gov # dig eduftcdnsp01.ed.gov ; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1 <<>> eduftcdnsp01.ed.gov ;; global options: +cmd ;; Got answer: