s://bind9.readthedocs.io/en/v9_18_9/reference.html#namedconf-statement-category
On Wed, Dec 7, 2022 at 8:25 PM Mik J via bind-users
wrote:
>
> Hello Daren,
>
> The entire message is
> client @0x53eda9122d0 172.16.11.2#48171 (example.org): query: example.org IN
> A -E(0)DC (1.2.3.4) [ECS 192
g it).
https://bind9.readthedocs.io/en/v9_18_9/reference.html#logging-block-grammar
On Wed, Dec 7, 2022 at 7:42 PM Mik J via bind-users
wrote:
>
> Hello,
> I see logs like [ECS 192.168.2.0/24/0] but I don't understand what is the
> last /0 part.
> Where can I get an explanation ?
&
Hello,
I see logs like [ECS 192.168.2.0/24/0] but I don't understand what is the last
/0 part.
Where can I get an explanation ?
Regards
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscript
Hello,
How can I check which variables are loaded in memory and considered as active.
For example, I would like to check that the value of lame-ttl is 0In my
named.conf configuration file I haveinclude "myconf.conf";
lame-ttl 600;
And in the myconf.conf file I havelame-ttl 0;
So how can I make su
Hello,
My cache is 100MB and I'd like to know how many records can fit inside.I
suppose that it depends on the record: isc.org is 7 characters and shorter than
http://www.example.com
And it probably depends on the type and adress.
So which size would isc.org A 1.1.1.1 be ?
I ask my question beca
Hello Chuck,Thank you for this clarification.I get your point and it makes
sense.Regards
Le jeudi 24 octobre 2019 à 05:38:03 UTC+2, Chuck Aurora a
écrit :
On 2019-10-23 18:14, Mik J via bind-users wrote:
Hi,
> I know that the RPZ functionality aims to block/redirect/log
Hello,
I know that the RPZ functionality aims to block/redirect/log DNS queries from
the inner network.
What about the authoritative DNS facing the Internet ?
I receive some spam, I get probed on my webservers etc.Many of these
annoiyances start with a DNS query.
What is mydomain.org ? My DNS ans
ew, modify some zones, import, export I'm not sure that would be
possible.
Le jeudi 24 octobre 2019 à 00:44:36 UTC+2, Reindl Harald
a écrit :
Am 24.10.19 um 00:35 schrieb Mik J via bind-users:
> Efficient IP uses bind (+ nsd/unbound) as the DNS server.
>
> One major differ
Hello,
Efficient IP uses bind (+ nsd/unbound) as the DNS server.
One major difference between Efficient IP and bind is when you want to delegate
the zone configuration to users and groups. I think it's called role based
management.So let's say you want team1 to have read/write access to the zone
Hello,
I tried to understand how to use Spamhaus as a RPZ provider but without any
success.
I'll use the non commercial service at least for some time because I have a few
servers and one or two users, the trafic is very low.
What I thought I should do first is be able to dig axfr the spamhaus
Hello,
I'm also an Openbsd user
I see you used CC can you try with GCC ?
I hope that will help
Le samedi 27 avril 2019 à 22:56:25 UTC+2, paranoid sysadmin
a écrit :
I have begun work on upgrading a group of OpenBSD boxes that are used at a
bunch of small sites as a "network services"
Hello Bob, Tony,
Thank you for your answers, I'm going to study this topic.
Regards
Le mercredi 6 février 2019 à 21:11:59 UTC+1, Bob Harold
a écrit :
On Wed, Feb 6, 2019 at 1:03 PM Mik J via bind-users
wrote:
Hello,
I would like to know how do you manage reverse zones and t
Hello,
I would like to know how do you manage reverse zones and the 10.x.x.x zone
particularly.
I can see three choices:- One global 10.in-addr.arpa zone- Many /24 zones
1.1.10.in-addr.arpa zone- Something in between
One global zone:The problem is that I end having a very populated zone and if
s
Hello,
I tried to dissociate roles and have:- 1 set of authoritative master/slave
server- 1 set of recursive servers
For a zone that I owned, the "recursive" servers forwards the request to the
authoritative server. Otherwise the server resolves the query directly on the
Internet.The authoritati
Thank you Bob for your answer.I continued to search and saw rfc1912 page 4It's
much higher than I first thought
Le mercredi 3 janvier 2018 à 20:05:57 UTC+1, Bob Harold
a écrit :
On Wed, Jan 3, 2018 at 1:57 PM, Mik J via bind-users
wrote:
Hello,
I would like to have
Hello,
I would like to have your thoughts about what should be the best values for
refresh, retry, expire and negative cache.
In my case I have 2 DNS which are hosted in 2 different locations. These
location are near one another (100km). The latency is very low and packet is
0.I configured a lot
Thank you very much Mark for your quick answer
Le Vendredi 18 août 2017 13h46, Mark Andrews a écrit :
In message <1744062904.346000.1503053675...@mail.yahoo.com>, Mik J via
bind-users writes:
> Hello,
> Do you know where I can find the signification of DNS syslog messag
Hello,
Do you know where I can find the signification of DNS syslog messages ?
client x.x.x.x#64111 (webmail.google.NET): query: webmail.google.NET IN +
(y.y.y.y)=> I'm looking for the signification of the +
client z.z.z.z#39953 (www.mydomain.org): query: www.mydomain.org IN A -ED
(y.y.y.y)=
e A
> C > BWith forward {} the global forward will be short circuited for foo.com
and below resulting in a path of A > B
On May 12, 2017 11:56 AM, "Mik J" wrote:
Thank you Ben for your answer
My server uses a global forwarding
I don't understand what you wrote"If it
forward{} turns off global forwarding for that branch
of the tree.
On May 12, 2017 9:27 AM, "Mik J via bind-users"
wrote:
Hello,
If my DNS is master/slave for a zone, why would I want it to use forwarders.
In other terms why would I wantzone "mydomain.com"
{
typ
Hello,
If my DNS is master/slave for a zone, why would I want it to use forwarders.
In other terms why would I wantzone "mydomain.com"
{
type master;
file "zones/master/com/mydomain.com";
allow-update { acl; };
};
Instead of (forwarders {};)zone "mydomain.com"
{
typ
Barry: "Also, if there are no delegation records for the subdomain, the parent
server believes it's authoritative for them, despite having forwarders
configured."
I don't understand what you just wrote above. Are you saying I need to do both
delegation and forwarding on my authoritative server
Hello,
I would like to check if my understanding is correct regarding delegation and
forward
Delegation: I want to delegate the administrative tasks to someone else for one
subdomainsubdomain1.mydomain.orgI'll specify the NS of that
subdomain1.mydomain.org in my mydomain.org zone fileThe other p
Hello,
From my personnal experience I would add
* Check if you have monitoring in place, you might want to monitor all types of
queries and error messages.
* Since you have external and internal DNS then there might be firewalls
between them, check if the flows are opened and prepare a test plan
Hello,
I'm logging queries
channel queries_file {
file "/var/log/queries.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
category queries { queries_file; };
And queries that are not allowed
channel "dns_s
Hello,
I have a bind DNS that is authoritative for many zones and that same system is
also forwarding.I plan to split these two functions on two different systems.
Have some of you done this task ? Do you have any guidelines or advices ?
I'm thinking about migrating the forwarding functionality to
Thank you guys for your answers.
Le Mardi 3 mai 2016 16h09, Barry Margolin a écrit :
In article ,
Mik J wrote:
> Hello Mark,
> Thank you for your answer. I'm not sure I've understood everything but I'll
> read it numerous times if necessary.I have ACLs so
Hello Mark,
Thank you for your answer. I'm not sure I've understood everything but I'll
read it numerous times if necessary.I have ACLs so I'm not surprised to see
these REFUSED, I also understand the SERVFAIL meaning.
I'm just trying to figure out where the problem comes from.You seem to point
Hello,
In my named.log I can see a lot of SERVFAIL/REFUSED unexpected RCODE messages.
Most of the time someone tries to resolve a PTR
I can see an average of 10 messages per second like these
May 3 10:46:26 dns named[7228]: REFUSED unexpected RCODE resolving
'x.204.99.116.in-addr.arpa/PTR/IN': 2
29 matches
Mail list logo
