One of the things you may want to look into, is the notions of "acl" and
"masters". These are sections in named.conf that you can give names, that can
be referenced elsewhere. Below is one such config I have in my own systems
(with IP addresses partially redacted):
// Access Control Lists
// So
On Friday, January 31, 2025 10:03:06 PM CET Karol Nowicki via bind-users
wrote:
> Hi Everyone
> With design where one ISC Bind DNS server is a master for domain
> example1.com while in same time acts like as Slave for another one lets say
> example2.com do we breaks any ISC recomendations or good
Am 31.01.2025 um 21:03:06 Uhr schrieb Karol Nowicki via bind-users:
> With design where one ISC Bind DNS server is a master for domain
> example1.com while in same time acts like as Slave for another one
> lets say example2.com do we breaks any ISC recomendations or good
> practice ?
Such a conf
Use notify-explicit.
--
Mark Andrews
> On 7 Nov 2021, at 20:30, Walter H. via bind-users
> wrote:
>
> Hello,
>
> I have this situation:
>
> both the master and the slave are dualstack (have both an IPv4 and IPv6
> address),
> but the master is not reachable on IPv4 (RFC1918 IPv4 without
Hi Nagesh
On Fri, Oct 14, 2016 at 11:00:24AM +0530, Nagesh Thati wrote:
> Hi,
>
> Can anybody implemented master/slave communication with views and algorithm
> HMAC-SHA* algorithms. I tried with all the HMAC-SHA* algorithms it didn't
> work for me, only HMAC-MD5 algorithm worked for communication.
On Fri, Oct 14, 2016 at 1:30 AM, Nagesh Thati
wrote:
> Hi,
>
> Can anybody implemented master/slave communication with views and
> algorithm HMAC-SHA* algorithms. I tried with all the HMAC-SHA* algorithms
> it didn't work for me, only HMAC-MD5 algorithm worked for communication. If
> anybody has
On 3/9/12 7:58 AM, "Romgo" wrote:
> Even if I use a VIP I can reproduce the issue :
> If the first VIP (so the nameserver 1) is down, I'll have the same
> drawbacks. As the resolver will timeout before falling back to the second
> nameserver.
Sure, we don't live in a perfect world. You can estab
Hello,
I know that I can use VIP with any software (corosync, Linux HA...) But
this will not explain the origin of the issue I am facing :)
Even if I use a VIP I can reproduce the issue :
If the first VIP (so the nameserver 1) is down, I'll have the same
drawbacks. As the resolver will timeout b
On 03/08/2012 06:26 PM, michoski wrote:
Meant to add one thing... In our configuration, we actually have two
recursive VIPs per site, and even considered three (internal IPs are cheap).
We do this.
We also make the two different VIPs use different underlying tech - one
is an anycast route a
In article ,
michoski wrote:
> On 3/8/12 8:15 AM, "Romgo" wrote:
> > I can use a VIP for DNS server, but I though that master/slave
> > configuration was made in order to avoid to use a VIP.
>
> Master/slave was to avoid SPOF -- if the master dies, who cares with a
> reasonable expire time. :
On 3/8/12 10:20 AM, "Mike Hoskins" wrote:
> On 3/8/12 8:15 AM, "Romgo" wrote:
>> I can use a VIP for DNS server, but I though that master/slave
>> configuration was made in order to avoid to use a VIP.
>
> Master/slave was to avoid SPOF -- if the master dies, who cares with a
> reasonable expir
On 3/8/12 8:15 AM, "Romgo" wrote:
> I can use a VIP for DNS server, but I though that master/slave
> configuration was made in order to avoid to use a VIP.
Master/slave was to avoid SPOF -- if the master dies, who cares with a
reasonable expire time. :-)
So go ahead, setup a VIP...even using fr
Hello,
thanks for the answer. That was my first change :
/etc/resolv.conf like :
domain example.fr
search example.fr example2.fr
nameserver 192.168.0.1
nameserver 192.168.0.2
options rotate
options timeout:1
options attempts:1
This works fine.
But the issue is now mainly coming from the client
On 8 Mar 2012, at 02:58, Lyle Giese wrote (on bind-users):
> On linux boxes, adding
>
> options rotate
>
> to the /etc/resolv.conf helps.
[cross-posted, reply-to header set]
Is there a DHCP option which expresses that, and which
typical fielded DHCP clients will respe
On linux boxes, adding
options rotate
to the /etc/resolv.conf helps.
Lyle Giese
LCR Computer Services, Inc.
On 03/07/12 06:54, Bostjan Skufca wrote:
Problem is, most of client resolvers (not resolving nameservers, but
resolvers on workstations etc) query first specified nameserver first,
the
On 3/7/12 9:15 AM, "Barry Margolin" wrote:
> In article ,
> ro...@free.fr wrote:
>> I use bind on my network as DNS Server. Running bind
>> 1:9.6.ESV.R4+dfsg-0+lenny4
>> on Debian Lenny.
>>
>> The setup is quite usual : one master server with one slave server.
>>
>> The slave sync the zone from
In article ,
ro...@free.fr wrote:
> Dear community,
>
> I use bind on my network as DNS Server. Running bind
> 1:9.6.ESV.R4+dfsg-0+lenny4
> on Debian Lenny.
>
> The setup is quite usual : one master server with one slave server.
>
> The slave sync the zone from the master.
>
> I discover tha
Problem is, most of client resolvers (not resolving nameservers, but
resolvers on workstations etc) query first specified nameserver first, then
after timeout start with the others. You should create a HA IP for such
uses.
b.
On 7 March 2012 10:23, wrote:
> Dear community,
>
> I use bind on my
false-positives.
d) you can't have normal master-slave setup, which leads to zone
maintenance problems.
Regards,
Torinthiel
> Date: Thu, 14 Jul 2011 17:42:56 +0800
> Subject: Re: master slave different site different resolution
> From: short...@gmail.com
> To: d_gabr
2011/7/14 Gabriele Gabriele :
> Ok, may be I was not so clear to explain..
>
>
> for example I have in my Master work site the our webmail
> "webmail.mydomain.com" that when Master work site in UP the resolution is
> 1.1.1.1 but if the master go down in My slave work site, my slave dns resolv
> "we
ot; with 1.1.1.1 but that site is down. So it should
resolv it with my backup/slave resolution 2.2.2.2
ok?
> Date: Thu, 14 Jul 2011 17:42:56 +0800
> Subject: Re: master slave different site different resolution
> From: short...@gmail.com
> To: d_gabri...@hotmail.it
> CC: bind
2011/7/14 Gabriele Gabriele :
> Dear lists,
>
> I have an issue to resolve about 2 dns server Master/Slave.
>
>
> The Master is positioned in a site with public ip 1.1.1.1 and all the public
> dns resolutions point to 1.1.1.1
> the Slave is positioned in a site whit public ip 2.2.2.2 and obviously
On Sat, May 1, 2010 at 11:32 AM, Sajeev Ramakrishnan
wrote:
> I have a question regarding configuration of DNSSEC. If I intend to sign a
> particular zone which has master and a slave, would I have to sign both?
No.
Assuming you've correctly setup zone xfers from master to slave, the
actual zone
23 matches
Mail list logo
