Hello bind users
> The answer is almost, as long as the zone has a DNSSEC policy configured:
>
> zone "newdomain.de" {
> type master;
> file "../master/newdomain.de";
> dnssec-policy default;
> }
>
> The only thing not yet fully automated is submitting the DS to the
> parent. You can do tha
Hi Zhengyu Pan
Have you tried to put this nameserver address in dhclient.conf?
>From man dhclient.conf
append { [option declaration] [, ... option declaration] }
If for some set of options the client should first use the values
supplied by the server, if a
Hello Mark and bind users
Thank you for the explanations. Some things are still not clear to me...
> -Original Message-
> From: Mark Andrews
> Sent: Monday, March 11, 2019 8:53 AM
> To: Philippe Maechler
> Cc: bind-users@lists.isc.org
> Subject: Re: named cpu
Hello List
Today our bind server started with the following log contents:
11-Mar-2019 07:41:06.599 general: warning: dns_dnssec_findzonekeys2: error
reading
/usr/local/etc/namedb/keys/glattweb.ch/Kglattweb.ch.+013+33518.private: file
not found
11-Mar-2019 07:41:06.600 general: warning: dns_dn
Hi Daniel
Thanks for your answer.
It's your "fault" that I'm doing dnssec stuff and posting here, I saw your
speech at SwiNOG 😊
>If your keys have appropriate timing metadata, then the CDS/CDNSKEY
>records are published for your zones automatically:
>
>See man dnssec-keygen
>...
>Timing option
regarding my OT question for dnssec-keymgmr:
I found it 😊
I had to enable the python option (Build with python utilities) when building
the port
/BR
Philippe
From: bind-users On Behalf Of Philippe
Maechler
Sent: Friday, December 21, 2018 2:33 PM
To: bind-users@lists.isc.org
Hello bind-users
The previous mail was sent from a foreign address and need the approval of a
moderator. Therefor I cancelled the submission and resending this mail with
the correct address.
Since a few years I'd like to activate dnssec for our zones but didn't made
the changes, because
Hello blason
I'm not an RPZ expert, but we have a running RPZ configuration
>From named.conf
zone "rpz.zone" {
typemaster;
file"/etc/namedb/master/rpz.zone.db";
allow-query { localhost; };
allow-transfer { 192.168.3.0/24; };
};
And i
> > > Complexity?
> >
> > which complexity?
> >
> > a virtual guest is less complex because you don't need a ton of daemons
> > for hardware-monitoring, drivers and what not on the guest
>
> For me the relevant comparison is my ordinary OS vs. my ordinary OS +
> VMWare.
>
> > complex are 30 phyisc
>> I'm not sure if it is a good thing to have physical serves, although we
have
>> a vmware cluster in both nodes which has enough capacity (ram, cpu,
disk)?
>> I once read that the vmware boxes have a performance issue with heavy udp
>> based services. Did anyone of you face such an issue? Are yo
Hello bind-users
We have to deploy new auth. and caching DNS Servers in our environment and
we're unsure how we should set it up.
current setup
-
We currently have two main pop's and in each one a physical auth. and
caching server. All four boxes are running Bind9.x on FreeBSD
au
Thanks for the feedback
> How many sockets are open when you see this message? Normally the
> socket() call shouldn't fail even if named uses many sockets
> (it will fail anyway, but the failure mode is normally
> different), so it's very odd to see the above message.
As Jeremy suggested we
Hello Jeremy
> >
> > I'm running a bind 9.4.2-p2 and a 9.5.1-P1 both on a
> FreeBSD 6.x box
> > as caching servers.
> > let's call them ns1 and ns2 :P
> >
> > short after we shutdown server one we get error messages on
> the other server
> > -> socket: too many open file descriptors
>
> What
Hello Everybody
I'm running a bind 9.4.2-p2 and a 9.5.1-P1 both on a FreeBSD 6.x box as
caching servers.
let's call them ns1 and ns2 :P
short after we shutdown server one we get error messages on the other server
-> socket: too many open file descriptors
I tried to recompile named with FD_SETSIZ
14 matches
Mail list logo
