On 23/02/2019 05:28, @lbutlr wrote:
> I did try manually updating vi nsupdate -l
>
>> zone example.com
>> update add example.com. 86400 IN SOA ns1.example.net.
>> admin.example.com. 2019022200 3600 300 1209600 3600
>> update add konamicode.example.com. 86400 IN CNAME www.example.com [
On 23 Feb 2019, at 14:45, Mark Andrews wrote:
> On IPv6 why wouldn’t you support it?
Our ISP does not support it. We get 5 static IPv4 addresses and no IPv6 at all.
--
Critics look at actresses one of two ways: you're either bankable or
boinkable.
__
On IPv6 why wouldn’t you support it? The world ran out of IPv4 addresses years
ago and IPv4 is only limping along now due to ISPs spending big money to put in
CGN boxes which you are paying for.
Turning on IPv6 reduces the required size of these CGN boxes with on average
70% of residential t
On 22 Feb 2019, at 12:28, @lbutlr wrote:
> ; Communication with ::1#53 failed: timed out
I am still getting this error whenever I try to make a change in the zone with
nsupdate -l, should I not worry about it?
I mean, the records appear to be updating… 🤷🏼♀️
--
First we must assume a spherica
On 22 Feb 2019, at 12:12, Tony Finch wrote:
> Get it from the link above, if you want :-)
Doh!
OK, got it, installed it, changed the path to perl, and that’s pretty slick.
--
"I don't think the kind of friends I'd have would care.”
___
Please visit
I did try manually updating vi nsupdate -l
> zone example.com
> update add example.com. 86400 IN SOA ns1.example.net. admin.example.com.
> 2019022200 3600 300 1209600 3600
> update add konamicode.example.com. 86400 IN CNAME www.example.com.
> send
; Communication with ::1#53 failed: ti
@lbutlr via bind-users wrote:
> On 22 Feb 2019, at 09:54, Tony Finch wrote:
> > You might want a config like
> >
> > zone "example.com" {
> > type master;
> > file "master/example.com”;
>
> Not example.com.signed?
No, in inline-signing mode the zone you interact with
On 22 Feb 2019, at 09:54, Tony Finch wrote:
> You might want a config like
>
> zone "example.com" {
> type master;
> file "master/example.com”;
Not example.com.signed?
> update-policy local;
> auto-dnssec maintain;
> in
@lbutlr wrote:
>
> Nope, now the .signed file isn’t touched at all after the zone file is edited.
>
> zone "example.com" {
> type master;
> file "master/example.com.signed";
> update-policy local;
> auto-dnssec maintain;
> };
It sounds to me like you are expecting it to wo
Grant Taylor via bind-users wrote:
>
> I'm sorry. I gave you the wrong command. You want "sync", not "flush".
You don't need to sync as well as freeze: `rndc freeze` also syncs the zone.
Tony.
--
f.anthony.n.finchhttp://dotat.at/
Faeroes, Southeast Iceland: Southerly, veering southwesterl
On 21 Feb 2019, at 20:43, Grant Taylor via bind-users
wrote:
>
> On 2/21/19 6:28 PM, @lbutlr wrote:
>> rndc reload did not recreate (or at least update the time stamp) on the
>> .signed file.
>
> Hum. Maybe it's something different about how you're doing DNSSEC than I am.
>
> I have BIND man
On 2/21/19 6:28 PM, @lbutlr wrote:
rndc reload did not recreate (or at least update the time stamp) on the
.signed file.
Hum. Maybe it's something different about how you're doing DNSSEC than
I am.
I have BIND managing DNSSEC for me via "auto-dnssec maintain;". So I
don't get .signed file
On 21 Feb 2019, at 18:28, @lbutlr wrote:
> Is the original random key that was generated at the time of signing kept
> somewhere? NSEC3 seems to contain a 16 character hex sting that recurs
> throughout the file.
OK, I moved aside the signed file, resigned the domain using the 16 character
str
>> OK, but rndc flush example.com results in:
>> rndc: 'flush' failed: not found
>
> *FACEpalm*
>
> I'm sorry. I gave you the wrong command. You want "sync", not "flush". My
> brain always thinks "flush the journal to disk" when it's really supposed to
> be "sync the journal to disk". You c
On 02/21/2019 02:03 PM, @lbutlr via bind-users wrote:
OK, but rndc flush example.com results in:
rndc: 'flush' failed: not found
*FACEpalm*
I'm sorry. I gave you the wrong command. You want "sync", not "flush".
My brain always thinks "flush the journal to disk" when it's really
supposed
On 22/02/2019 07:03, @lbutlr via bind-users wrote:
>> I don't recall if reloading or thawing will automatically re-sign the zone
>> or if you need to also explicitly "rndc sign $ZONE".
>
> Sign recreates the .jnl file, but doesn't touch the .signed file.
>
> Doing the following recreated the .s
> On 21 Feb 2019, at 13:41, Grant Taylor via bind-users
> wrote:
>
> On 02/21/2019 01:34 PM, @lbutlr via bind-users wrote:
>> I edited a zone file after issuing a rndc freeze command, added two new sub
>> zones, changed the serial number, saved the file, and then did an rndc thaw.
>
> I don'
On 02/21/2019 01:34 PM, @lbutlr via bind-users wrote:
I edited a zone file after issuing a rndc freeze command, added two new
sub zones, changed the serial number, saved the file, and then did an
rndc thaw.
I don't see an "rndc flush " in there.
Which means that BIND likely still has the jour
I edited a zone file after issuing a rndc freeze command, added two new sub
zones, changed the serial number, saved the file, and then did an rndc thaw.
In var/log.messages I get
zone serial (2019020105) unchanged. zone may fail to transfer to slaves.
which is the previous serial number.
So, I
19 matches
Mail list logo
