Hello, all.
I have operated some centos 5.3 (x86_64) linux servers.
when I tcpdump the dns query, I can see lots of AAA queries from my linux
servers.
and ServFail response from DNS server.
surely, I don't use ipv6 and "NETWORKING_IPV6=no" was configured at
/etc/sysconfig/network file.
How
Hi, all.
I have one question about NS cache ttl.
for example, I can get two different NS TTL like below.
$ dig google.com ns +trace
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns1.google.com.
google.com. 172800
Hello, all.
I have some curious question.
below is a part of zone file at master dns(example.com).
www IN CNAME www.down
down IN NS ns3.example.com.
wehn I dig query like below at server,
$ dig @dns.example.com www.example.co
So thanks for your kind reply.
I'm curious the meaning of "given name".
if clients query like below,
# example.com zone
abc.example.com/A
www.abc.example.com/A
exmaple.com/MX
above queries are same query or diffferent one?
and is there any method that which
name queries are much?
Hello, all.
my system is centos 4.x, bind 9.5.1-P3 and only recursion is allowed from some
ranges.
I can see lots of messages like below.
so if I didn't set any clients-per-query value,some clients' queries may be
droppped or not?
If some queries can be dropped,I want to set like "clients-pe
Hello, all.
I have one question about chached information.
If I have example.com domain and let's assume registered like below.
1. root dns
example.com. 3600IN NS ns1.example.com.
3600IN NS ns2.example.com.
but my ns1.example.com dns
?I think that
just denying the recursion is not sufficient.
Please share your experiences and opinions.
Thanks.
> To: chulm...@hotmail.com
> CC: bind-us...@isc.org
> From: ma...@isc.org
> Subject: Re: how to defense against ddos attack to dns?
> Date: Tue, 17 Nov 2009 12:19:53
Hello, all.
I have operated some dns servers and I'm curious what should I do if
ddos attck to my dns servers.
So do you know how to defense against dns dddos attack like root server?
Surely, various ddos attack may be occurred.
My idea is..
-. filtering 53/udp traffic that the byte
Hello, all.
I have four offices and set different 4 views at named.conf.
When I see zone transfer, only some zones are zone-transfered but othere not at
slave.
Some say, notify-source statement is required and must be multi-homed to solve
this problem.
then I should set 4 alias ip address
> The dynamic update vulnerability affects all BIND 9 versions, but what
> about BIND 8? Is it not affected or not tested?
As I know, there is no effect at bind 8 version.
Thanks.
_
메신저 10살 생일도 축하해 주시고,이벤트도 참여하세요~!
http://im.
So thanks for your kind answer.
>> 2. if client received NS records(a.iana-servers.net and b.iana-servers.net)
>> from root servers, how to check which DNS is fast or slow?
>
> only by sending queries and seeing reply.
But if I tested, I can't find any related packets.
after flushing the all
Hello, all.
If client executes recursive query, client will receive some NS records like
below.
$ dig www.example.com
example.com.172800 IN NS a.iana-servers.net.
example.com.172800 IN NS b.iana-servers.net.
if
a.iana-servers.net. is
Hello, all.
Thanks for kind answering for DNAME.
I have additional questions for DNAME.
If I set like below,
example.com. IN DNAMEexample2.com
IP addreess of example.com is 192.168.1.2
1. if client resolver use bind 8 or below old version.
What would be happen?
Hello, all.
I would like to CNAME like below.
example.com. IN CNAMEexample2.com.
But I know that this is wrong.
then, is there any way or solution to solve this problem?
I searched and found that below is a similar solution.
* IN CNAME
Hello, all.
I operated bind dns(9.x) when I see the query log, I can see like below.
First query and query A again.
named[6252]: client xxx.xxx.xx.xx#50654: query: test.example.com IN +
named[6252]: client xxx.xxx.xx.xx#50654: query: test.example.com IN A +
As I know, is an ip
15 matches
Mail list logo
