In bind 9.16.23 dnssec-enable is deprecated and my server is only cache
server which forwards all requests; It is not authoritative for any zones.
Dnssec is used to sign dns requests of my domain or all dns requests which
server makes?
0. dnssec-enable no
default is to enable dnssec, but I w
zones on the box you call CS as either they are built-in
> already or the box called Z will have them anyway. But use tcpdump to
> monitor traffic between CS and Z and decide whether you need anything more,
> or less in your config.
>
> Also, please look at 9.20.11 as I suggested last ti
I'm replacing Caching and Forwarding DNS server (called CS) in Bind 9.16.23
which forwards all client queries to specific server Z.
My doubts:
1)
This CS server doesn't use root server so I can delete in named.conf this
section ?
zone "." IN {
type hint;
file "named.ca";
};
2)
t
either/both run BIND in a VM or take a good look at your server and network
> security. But many people run BIND natively, without chroot, and have no
> problems.
>
> Cheers, Greg
>
> On Thu, 31 Jul 2025 at 20:46, Renzo Marengo
> wrote:
>
>> i know what I want. I asked
to configure Bind 9.16.23-RH in chroot mode for cache dns server , It's
best way to modify configuration files (e.g. named.conf ,
named.conf.options , named.rfc1912.zones) into original folder, disable
ipv6 and after configuration completion run the script
"/usr/libexec/setup-named-chroot.sh /var/n
structure is just set ?
what service I have to enable at boot ? Bind or bind-chroot ?
Il giorno mer 30 lug 2025 alle ore 20:55 Danjel Jungersen via bind-users <
bind-users@lists.isc.org> ha scritto:
>
> On 7/30/2025 1:11 PM, Renzo Marengo wrote:
> > I want to install latest rpm of Bin
I want to install latest rpm of Bind (9.16.23-31) for Oracle Linux 9 to
create only cache DNS server which is running in chroot jail.
I installed several Bind packages included bind-chroot.
What document do you suggest me to follow to configure bind in chroot jail
?
Thanks
--
Visit https://lists.i
4).
>
> Ondrej
> --
> Ondřej Surý — ISC (He/Him)
>
> My working hours and your working hours may be different. Please do not
> feel obligated to reply outside your normal working hours.
>
> On 23. 7. 2025, at 14:54, Renzo Marengo wrote:
>
>
> I'd lik
I'd like to migrate from bind 9.11 lo last version.
This service is acting as cache dns server and It' running on Centos 7
server, what Linux distro do you suggest me for new Bind?
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development
yes this helped me. thanks Il giorno 28 giu 2024, alle ore 13:10, Greg Choules ha scritto:Does that help?Cheers, GregOn Fri, 28 Jun 2024 at 11:58, Renzo Marengo <buckroger2...@gmail.com> wrote:Hi Greg again! :)>
1) This should help you understand the difference between recursiv
ation.
>
> Does that help?
>
> Please get another server (and a test server) and upgrade them all to
> current software.
>
> Cheers, Greg
>
> On Fri, 28 Jun 2024 at 11:58, Renzo Marengo
> wrote:
>
>> Hi Greg again! :)
>>
>> > 1) This should help y
his, with IP addresses,
> not domain names.
>allow-... {127.0.0.1; ;
> ; ;}; You do
> not need to include this server in the list.
>
> Any changes you make should be done on a test server first, so you can be
> comfortable understanding what effect those changes have and only
t; There are many good books and articles available online to explain the
> basics of DNS. The BIND ARM (distributed with BIND and also available
> online) is the reference manual for BIND itself.
>
> I hope that helps.
> Greg
>
> On Fri, 28 Jun 2024 at 05:57, Renzo Marengo
>
efining different roots for some reason. Hence why I need to know
> the contents of that file.
>
> Thanks, Greg
>
>
>
> On Thu, 27 Jun 2024 at 18:06, Renzo Marengo
> wrote:
>
>>
>> Hi Greg,
>>
>> thank you very much for your explanation.
&
stub zone in BIND to refer to the AD domain.
>
> In general, decide which DNS is going to do the resolving and make that
> the control point, fetching data from wherever it needs to (e.g. AD DNS) -
> using non-recursive queries - and using that data to construct answers for
> its cli
I have Active Directory domain ( 'mydomain.it' ) with 8 domain controllers
to manage 8000 computers. Every Domain controller acts as dns service and
resolve internal domain names while forward queries about external domains
to another server, which Bind9 dns server (It's inside my company)
I'm chec
16 matches
Mail list logo
