cve-2011-2464 affected the 9.4-ESV-R4-P1?

Hi all, on the ISC website i don't see that the 9.4-ESV-R4-P1 is affected by the CVE-2011-2464 is it because it's not really affected? or it's affected but i don't see it on "versions affected" because the 9.4-ESV-R4-P1 has it's EOL date to jun2011. Thanks. Issam HARRATHI.

RE: Difference between netstat & rndc status

Let's begin by showing your bind tcp and udp connections, netstat -tunape | grep named | wc -l Best regards. Issam HARRATHI -- Message: 1 Date: Sun, 03 Jul 2011 11:33:13 +0430 From: "Bind" Subject: Difference between netstat

RE: Re: better performance with 32 bit ! why?

As asked, i will made a test with os 32 bit on the same server as the the 64 bit, and will post this result here. Thanks for all for your answers. Regards. Issam Harrathi. De : HARRATHI Issam Ext OLNC/DPS Envoyé : mercredi 29 juin 2011 16:17 À : 's...@whgl.uni-fra

Re: better performance with 32 bit ! why?

When i start Bind on server2 i do it with -n 4 ( to use 4 thread) and on server1 i start bind with -n 8. And i see then on munin that the load is shared on all cores. For the load-server it's another server let's call it server 3. I know that tcpreplay is monothread so i lunch 2*25000 qps for ex

Re: better performance with 32 bit ! why?

on server1(64 bit) i have 2 Intel E5310 quad-core 1.6Ghz and on server2(32 bit) i have 2 Intel Xeon dual-core 2.33Ghz. means 8*1.6 Ghz on server1 and 4*2.33 on server2. 8*1.6 is better and faster than 4*2.33, no? Regards Issam Harrathi. > The 64 bit server(server1) is faster than the 32 bit s

Re: better performance with 32 bit ! why?

The 64 bit server(server1) is faster than the 32 bit server (server2). >Tests: >Test1: OS 64 bit, bind 64 bit ==> 5 qps server1 >Test2: OS 32 bit, bind 32 bit ==> 7 qps server2 >Test3: OS 64 bit, bind 32 bit ==> 5 qps server1 -- Message: 5 Date: Wed, 29 Ju

Re: better performance with 32 bit ! why?

-Message d'origine- De : HARRATHI Issam Ext OLNC/DPS Envoyé : mercredi 29 juin 2011 11:04 À : 'novos...@umdnj.edu'; 'lst_ho...@kwsoft.de'; 'kob6...@gmail.com' Cc : 'bind-users@lists.isc.org' Objet : RE: bind-users Digest, Vol 902, Issue 1 Thanks for the answer, @ Andreas i made the te

RE: bind-users Digest, Vol 902, Issue 1

Thanks for the answer, @ Andreas i made the test and i have the same performance as OS 64 bind 64. NB: when i reach the maximum throughput i still have enough free RAM, free CPU, free NIC capacity. So the limit is in Bind. What to do to reach more capacity? Tests: Test1: OS 64 bit, bind 64 bit ==

better performance with 32 bit ! why?

Hi all, I'm testing the same version of bind 9.4-ESV-R4-P1 on two server, one is a 32 bit (on which i have a redhat 32 bit) and the second a 64 bit server on which i have a redhat 64 bit. on the 32 bit i reach 7 qps but on the 64 bit i only reach 5 qps (using resperf) and also with tcp

where is the bind 9.4-ESV-R4-P1?

Hi, i can't find the version 9.4-ESV-R4-P1 even here: http://ftp.isc.org/isc/bind9/ Last week this version was on the website(http://www.isc.org/downloads/all). why they remove it? I know it's EOL but at least i have to find it here http://ftp.isc.org/isc/bind9/ Thanks Issam HARRATHI **

RE: forward first: iterative or recursive query

Thanks for the answer but: * In the example i post yesterday: on my server1 the recursion is enabled (recursion yes), but the server1 can't recurse because i stop it on firewall and it can't contact the outside. * You say "Don't use forwarding from a recursive server to a non-recursive server

RE: forward first: iterative or recursive query

Hi, i have a server called server1 that is acting as a cache server( recursion none). And i forward the zone example.com to server2 which has recursion enabled and master on some zone like example.com. this is the forwarding zone on server1: zone "example.com" { type forward; for

forward first: iterative or recursive query

Hi from the book DNS and Bind 5th edition [french] (o'reilly) I read that the forward with the mode first sends a recursive query to the servers on the forwarders list, but as i see it only sends an iterative query. Also with forward only it send an itérative query. So forward first send an itéra

[Bind 9.8.0] RPZ deny ALL

Hi, i want to implement a bind server that only answer query on www.google.com and for the rest answer 127.0.0.17. my solution: www.google.com IN CNAME www.google.com. *.com IN A 127.0.0.17 *.fr

RE: Maximum limit of query per second

The result i found with resperf, are not OK for me because when i test with tcpreplay ( i monitor packet in and packet out, and i dont see any problem in CPU or RAM) i found a maximum throughput less (40%) than what i found with resperf. Your test was on linux or Unix, and which hardware? Do yo

Re: priority with A record?

>Or, get a DNS balancer that will send balance the IP addresses sorted in >random, but weighed order. Note that there are many technical and >logical>problems with DNS balancers. Do you mean that with rrset-order random i can add weight, if yes i don't find any documents that talks about that (no

Maximum limit of query per second

Hi, Is there any limit for bind for handling a big number of qps (query per second). Have some one reach the number 10 qps for example. Of course we suppose that i have a very powerfull server, so the problem will not be the materiel, and do we have to tune BIND (ISC_SOCKET_MAXSOCKET, ISC_S

Re: priority with A record?

Thanks Kevin for the answer, But rrset-order, can only disble the round robin (cyclic=round robin | random= random | fixed=disable round robin) And sorlist prioritise basing on IP of the client, i don't see anyway how to send( for example) 75% of http traffic to bigserver1.mysite.com and 25% of

priority with A record?

Hi, can i make priority on a A or NS record? Since with round robin if i put the same record record 2 or 3 time, Bind ignore the duplicates Records, means this: wikipedia NS ns2.wikimedia.org. wikipedia NS ns0.wikimedia.org. is the same like this: wikipedia NS