RE: Can an RPZ record be used for a non-existed domain?

you maybe have to use >>> qname-wait-recurse no to avoid DNS failures to be propgated. philippe From: bind-users On Behalf Of VASILAKIS GEORGIOS Sent: Thursday, 24 March 2022 09:53 To: bind-users@lists.isc.org Subject: Can an RPZ record be used for a non-existed domain? Hello, I have an RPZ

RE: DDNS - limitation and excluding updates from certain networks

Hi Hans if you can afford, use ISC DHCP server DDNS method : - only DHCP server is allowed to update DNS server (forward / reverse zone), protect NSUPDATE with ACL, or better tsig - in dhcpd.conf : ddns-updates on; ddns-update-style interim; ignore

RE: How to pause master zone updates to slave for couple of minutes

If you don't wan't that the master send too much notify to the slave, while you are doing you bulk update, you could set the notify-delay for this zone to something bigger than the default 5 seconds ? From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Alberto Colosi Sent:

RE: command line ID vs Wireshark transaction ID (dns.id)

strange : by me it looks like ... : 43350 = 0xa956 >/usr/bin/dig www.google.ch ; <<>> DiG 9.10.3-P4-Debian <<>> www.google.ch ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43350 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 >ts

RE: Query on the Overload control mechanism for DNS Server

Hi you should take a look at http://dnsdist.org/, that can easyly run as dns proxy on the same machine as named. Philippe -Original Message- From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of ramkishor...@gmail.com Sent: dimanche, 30 avril 2017 15:05 To: comp-p

RE: query time logging

Hi rndc stats Write server statistics to the statistics file RTT for the request (recursive too), but maybe enough for you client ... Philippe ++ Resolver Statistics ++ [Common] [View: default] 655342 queries with RTT < 10ms 170144 queries with RTT 10-100ms

RE: adding zone forwards without restart

Hi and after a forward add a rndc flush can help too .. philippe -Original Message- From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Matus UHLAR - fantomas Sent: Wednesday, September 21, 2016 10:03 AM To: bind-users@lists.isc.org Subject: Re: adding zone forwards

RE: transparently forwarding a zone

hi you could do a small script, running e.g. on you public dns server, that make a zone xfer of the zone on storage, and replace the NS / SOA of your storage box by the public DNS NSs. philippe From: bind-users-bounces+philippe.simonet=swisscom@lists.isc.org [mailto:bind-users-bounces

RE: Zone name conflicts / overlapping

records in the zone match those advertised by the child. Mode >> "local" only checks NS records which refer to in-zone hostnames or that some >> required glue >> exists, that is when the nameserver is in a child zone. Philippe > -Original

RE: about the zone file management

Hi if i good understand your question maybe the answer is : rndc freeze / thaw Philippe > -Original Message- > From: bind-users-bounces+philippe.simonet=swisscom@lists.isc.org > [mailto:bind-users-bounces+philippe.simonet=swisscom@lists.isc.org] > On Beha

RE: How to get easily (from a script) all CNAME of a A record?

a-name Just add : a-name IN TXT an-alias and make more than one TXT records for each cname pointing to the same record ... a-name IN TXT another-alias best regards Philippe From: bind-users-bounces+philippe.simonet=swisscom@lists.isc.org [mailto:bind-users-bounces+philippe.simonet

RE: How does BIND 9 scale with multithreading?

r.org/wiki/Building_Scalable_DNS_Cluster_using_LVS https://lists.isc.org/pipermail/bind-users/2006-September/063917.html Philippe > -Original Message- > From: bind-users-bounces+philippe.simonet=swisscom@lists.isc.org > [mailto:bind-users-bounces+philippe.simonet=swisscom@

RE: Slave DNS zone problem

Hi just a small check : try connectivity and zone xfer by hand, just to see if an ACL in not blocking it : on the slave : dig @master.com zone.com axfr Philippe From: bind-users-bounces+philippe.simonet=swisscom@lists.isc.org [mailto:bind-users-bounces+philippe.simonet=swisscom

RE: Options for timeout in Bind/DNS

Hi for you sshd daemon, or UseDns no or in resolv.conf : options timeout: (defauzlt is 5) options attempts: (default is 2) it tries probably to make a reverse lookup of the ssh client ip address, in order to log the client name. if your DNS stops the rfc1918 zones iteration, i

RE: Failover

This is not the DNS job to check at the web service availability. You could make an external script that is testing for the service availibility and change the dns accordingly, like (...) : web1 active ? yes : was it active at last test ? yes : do nothing no : set www

subdomain forwarding on a domain-authoritative dns

Hello ISC users in a special environment, I have to forward 'sub.domain.com', on a dns where I'm master for 'domain.com'. all subsequent subdomains of 'sub.domain.com' must be reachede through this forwarder. I cannot use iteration here because the dns authoritative for e.g. 'sub1.sub.comain.com