on a standard-configuration Windows host system in an IPv4-only network.
-Steve
-Original Message-
From: Ondrej Sur�
Sent: Monday, January 20, 2020 9:37 AM
To: Steve Farr
Cc: bind-users@lists.isc.org
Subject: Re: Slow recursive query performance on Windows x64
The problem is that appare
t's still trying to
> do something on v6 that it shouldn't be doing. So, server ::/0 { bogus yes;
> }; is still the fix... at least on Windows, anyway. Many thanks again to all
> of you for the insightful responses.
>
> -Steve
>
> -Original Message-
> Fro
-Steve
-Original Message-
From: bind-users On Behalf Of Mark Andrews
Sent: Monday, January 20, 2020 1:45 AM
To: Lee
Cc: Ondrej Sury
Subject: Re: Slow recursive query performance on Windows x64
Devices should return ICMP unreachables when networks are not reachable. This
allows app
Devices should return ICMP unreachables when networks are not reachable. This
allows applications to move onto the next address. Not returning unreachables
results in timeouts being the mechanism to move to the next address.
Additionally applications can make parallel connection attempts. This
On 1/20/20, Ondřej Surý wrote:
>
> Please note that filter--on-v4 was always wrong.
how so?
> You should fix your network instead. It’s a bandaid, not a fix.
My ISP doesn't offer ipv6, so I'm not sure how to fix my network..
unless you mean disable ipv6 on everything? (which I'm not sure i
Run named with -4 option, that will disable IPv6.
Please note that filter--on-v4 was always wrong. You should fix your
network instead. It’s a bandaid, not a fix.
Ondrej
--
Ondřej Surý — ISC
> On 20 Jan 2020, at 04:38, Carl Byington via bind-users
> wrote:
>
> -BEGIN PGP SIGNED MESS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Sun, 2020-01-19 at 21:54 -0500, Steve Farr via bind-users wrote:
> Does anyone know of a functionality that replaced the now-obsolete
> filter--on-v4?
plugin query "filter-.so" {
filter--on-v4 yes;
};
-BEGIN PGP
eferral.
Which is weird. Exactly how did you do the packet capture - as in, is it
possible you didn't capture everything to/from the server?
Lee
>
> From: Ondrej Sur
> Sent: Friday, January 17, 2020 3:27 PM
> To: Steve Farr
> Cc: bind-users@lists.isc.org
> Subject: Re: Slow r
weird. Exactly how did you do the packet capture - as in, is
it possible you didn't capture everything to/from the server?
Lee
>
> From: Ondrej Surý
> Sent: Friday, January 17, 2020 3:27 PM
> To: Steve Farr
> Cc: bind-users@lists.isc.org
> Subject: Re: Slow recursive qu
om: Ondrej Surý
Sent: Friday, January 17, 2020 3:27 PM
To: Steve Farr
Cc: bind-users@lists.isc.org
Subject: Re: Slow recursive query performance on Windows x64
Hi Steve,
I would suggest to either bump debugging level in bind9 or use wireshark to
look what’s happening on the wire. My best gue
Hi Steve,
I would suggest to either bump debugging level in bind9 or use wireshark to
look what’s happening on the wire. My best guest is broken IPv6 connectivity,
but it could be something completely different. Looking at the packets is a
easiest way to get better understanding of the problem.
Hi there,
I'm hoping perhaps someone can point me in a good direction for
troubleshooting here. I recently upgraded from BIND 9.9.10-P3 running in
32-bit Windows, to 9.14.9 running on 64-bit Windows. I've tried it in both
Windows 10 and Windows 7, and the behavior is the same: Queries for
addre
The simple answer is that you can do this with allow-recursion. Note that
"recursion no" is a big (instance-wide or view-wide) "off" switch for
recursion, so if you already have that set, you'll have to un-set it in
order to apply your allow-recursion controls in a granular fashion. You may
also wa
Hi,
Is there a possibility to have recursion enabled only for one zone ( sub
domain of a authoritative zone ) ? Is there any other way other than using
view?
Thank you
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
fr
essage-
From: Mark Andrews
Sent: Monday, April 08, 2019 1:38 PM
To: 이석문님/Core솔루션팀
Cc: bind-users@lists.isc.org
Subject: Re: recursive query use tcp ?
I suggest that you fix whatever is blocking the UDP queries as the servers (in
Singapore at least) do respond to UDP queries.
% dig @19
I suggest that you fix whatever is blocking the UDP queries as the servers
(in Singapore at least) do respond to UDP queries.
% dig @194.0.38.1 sukmoonlee.tk +nsid
; <<>> DiG 9.15.0-dev+hotspot+add-prefetch+marka <<>> @194.0.38.1 sukmoonlee.tk
+nsid
; (1 server found)
;; global options: +cmd
;;
Hello.
My Test DNS is not response for "*.tk".
I looked around then my server not work connect using udp for tk's tld name
sever.
But this server is work to using TCP. (below test)
If there is an option on the named server that recursive queries use tcp?
I can't search BIND ARM.
Thanks in Adva
>On 4 Mar 2019, at 16:20, Paul Kosinski wrote:
>> provides our users with general caching DNS service for
>> all other domains.
>
>[...]
>
>> Its "named.conf" file doesn't list any "forwarders" any more, and
>> "forward-only" is gone, but it still has a leftover "recursion yes"
>> clause. Am I cor
In article ,
Paul Kosinski wrote:
> I gather "recursion yes" (explicit or default) controls whether BIND
> *does* recursion itself, in the sense of querying other DNS servers for
> data it doesn't have, not whether it *issues* queries with the
> "recursion desired" flag set. (Somewhat confusing
I gather "recursion yes" (explicit or default) controls whether BIND
*does* recursion itself, in the sense of querying other DNS servers for
data it doesn't have, not whether it *issues* queries with the
"recursion desired" flag set. (Somewhat confusing terminology, in my
opinion.)
So is the "recu
On 4 Mar 2019, at 16:20, Paul Kosinski wrote:
provides our users with general caching DNS service for
all other domains.
[...]
Its "named.conf" file doesn't list any "forwarders" any more, and
"forward-only" is gone, but it still has a leftover "recursion yes"
clause. Am I correct is assuming
On 4 Mar 2019, at 16:20, Paul Kosinski wrote:
> provides our users with general caching DNS service for
> all other domains.
[...]
> Its "named.conf" file doesn't list any "forwarders" any more, and
> "forward-only" is gone, but it still has a leftover "recursion yes"
> clause. Am I correct i
On 4 Mar 2019, at 2:17 am, Matus UHLAR - fantomas
> > wrote:
> >
> > On 03.03.19 07:36, vivek wrote:
> >> thanks, that means for Bind service to work we have to have the
> >> "recursion yes" else the forwarder will also not work.
> >>
t work.
>>
>> Actually I m bit confused between Recursive vs Iterative query mode , so
>> does this mean Bind will only work in Recursive query mode & this makes the
>> "Forwarder " to do his required job.
>>
>> Help in understand so in what
In article ,
vivek wrote:
> thanks, that means for Bind service to work we have to have the "recursion
> yes" else the forwarder will also not work.
>
> Actually I m bit confused between Recursive vs Iterative query mode , so
> does this mean Bind will only work in Re
On 03.03.19 07:36, vivek wrote:
thanks, that means for Bind service to work we have to have the "recursion
yes" else the forwarder will also not work.
Actually I m bit confused between Recursive vs Iterative query mode , so
does this mean Bind will only work in Recursive query m
thanks, that means for Bind service to work we have to have the "recursion
yes" else the forwarder will also not work.
Actually I m bit confused between Recursive vs Iterative query mode , so
does this mean Bind will only work in Recursive query mode & this makes the
"For
On 03.03.19 14:55, Vivek Aggarwal wrote:
Please help in understand what the purpose of specifying "recursion yes"
it means that BIND will provide recursion, e.g. resolve domains not
confiured locally.
in the "named.conf.options" file when I have already configured the
forwarders list in it.
Team,
>
>
>
> Please help in understand what the purpose of specifying "recursion yes"
> in the "named.conf.options" file when I have already configured the
> forwarders list in it.
>
> I've a zone file for managing the internal subnet machines & when I get a
> request outside of my internal subnet
: DNS Capacity issue help -- Recursive Query -- it seems some
packets are dropped by DNS
On 10/04/2018 01:37, PENG, JUNAN wrote:
> Hi, All
>
> I did recursive query capacity test. I used traffic generator to place 15K
> QPS traffic to DNS 1 with FQDN1 (Note, FQDN1 can't be reso
On 10/04/2018 01:37, PENG, JUNAN wrote:
> Hi, All
>
> I did recursive query capacity test. I used traffic generator to place 15K
> QPS traffic to DNS 1 with FQDN1 (Note, FQDN1 can't be resolve by DNS1, it
> need to forward it to DNS2 and TTL is set to 0)
>
> But
PENG, JUNAN wrote:
>
I need to start by saying that my load testing is very unscientific,
so I can only give you a few handwaving hints...
> I did recursive query capacity test. I used traffic generator to place
> 15K QPS traffic to DNS 1 with FQDN1 (Note, FQDN1 can't be resolve
ll
I did recursive query capacity test. I used traffic generator to place 15K
QPS traffic to DNS 1 with FQDN1 (Note, FQDN1 can't be resolve by DNS1, it need
to forward it to DNS2 and TTL is set to 0)
But during the test , I found lots of failure , the successful rate is not high
(85%)
Hi, All
I did recursive query capacity test. I used traffic generator to place 15K
QPS traffic to DNS 1 with FQDN1 (Note, FQDN1 can't be resolve by DNS1, it need
to forward it to DNS2 and TTL is set to 0)
But during the test , I found lots of failure , the successful rate is not high
server ::/0 { bogus yes; };
Adjust for actual reachable topology.
Note the real fix for this is to get IPv6 connectivity to the
world. Trying to run with disconnected IPv6 island is only
asking for pain.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley
Hello.
Our DNS Server has services on IPv6 network.
Clients queries on ipv6 network. But recursive client query is only to use on
ipv4 network.
(DNS Server has not ipv6 network for foreign network.)
So DNS server performs unnecessary a recursive client query for ipv6.
How can limit recursive
recurse to find the IP of www.abc.com <http://www.abc.com/>. and
everything works fine.
*
You say "then using a stub zone for example.com
<http://example.com/>will work", why i will use a stub zone
since a forward do the same thing expected.
And my
bc.com
<http://www.abc.com> and then server1 recurse to find the IP of
www.abc.com <http://www.abc.com>. and everything works fine.
And my question is always this:
forward only; as i read means a recursive query, in other term a query
with the RD bit is enabled. which means
l
work", why i will use a stub zone since a forward do the same thing expected.
And my question is always this:
forward only; as i read means a recursive query, in other term a query with the
RD bit is enabled. which means that when my server1 (which has recursion yes
but can't recu
; Issam HARRATHI
>
> De : Chris Buxton [mailto:chris.p.bux...@gmail.com]
> Envoyé : mercredi 4 mai 2011 08:49
> À : HARRATHI Issam Ext OLNC/DPS
> Cc : bind-users@lists.isc.org
> Objet : Re: forward first: iterative or recursive query
>
> With a static-stub zone, you would
ing statement it sends only the CNAME
server1 is bind9.6-ESV-R4 et server2 bind-9.4.2
Thanks.
Issam HARRATHI
De : Chris Buxton [mailto:chris.p.bux...@gmail.com]
Envoyé : mercredi 4 mai 2011 08:49
À : HARRATHI Issam Ext OLNC/DPS
Cc : bind-users@lists.isc.org
Objet : R
With a static-stub zone, you would get an iterative query. Forwarding always
results in a recursive query.
How are you determining that your server is sending an iterative query?
Can we (the list) see your named.conf?
Regards,
Chris Buxton
BlueCat Networks
On May 3, 2011, at 5:21 AM,
wrote
Hi
from the book DNS and Bind 5th edition [french] (o'reilly)
I read that the forward with the mode first sends a recursive query to the
servers on the forwarders list, but as i see it only sends an iterative query.
Also with forward only it send an itérative query.
So forward first se
In article ,
Mark Andrews wrote:
> In message <4c229962.9000...@zuka.net>, Dave Filchak writes:
> > Hi all,
> >
> > Is there a way to allow a recursive query from a dynamically allocated
> > IP address? I know that the options statements match list requires
In message <4c229962.9000...@zuka.net>, Dave Filchak writes:
> Hi all,
>
> Is there a way to allow a recursive query from a dynamically allocated
> IP address? I know that the options statements match list requires an IP
> address but if the IP address I am coming from ch
Hi all,
Is there a way to allow a recursive query from a dynamically allocated
IP address? I know that the options statements match list requires an IP
address but if the IP address I am coming from changes from
time-to-time, is there any way I can track that? I use DynDNS but I
cannot put
Hi All,
I have looked into the code socket.c file and tusc output for the requirsive
query.
tusc O/P :
-
#3 connect(516, 0x347694, 16) ..
thanks for reply.
This issue is seen only on hp-ux 11.11/11.23 env. I have checked the
configuration and
environment issue not finding anything wrong.
Regards
Kalpesh
On Tue, Aug 11, 2009 at 11:20 PM, Cathy Almond wrote:
> I would recommend tracing or similar to find out why your named daem
I would recommend tracing or similar to find out why your named daemon
is not able to send to the IP address being logged. You may find that
there are network connectivity issues or that the remote IP is sending
back an ICMP response.
The reason this particular logged error is seen on HP-UX is se
Well, you could file a bug report, but I'm not aware of this error
happening on other platforms, so it might end up being a kernel issue of
some sort.
- Kevin
kalpesh varyani wrot
Hi Kevin,
Thanks a lot.
Please find the more details for the same.
BIND version : 9.3.6
OS version : HP-UX 11.23
I have look at the *socket.c* file and seen that "
This error indicates that sendmsg(2) failed with EDESTADDREG ".
---
"#53" designates *port* 53. Nothing unusual about that.
To me, this looks more like a kernel issue-- EDESTADDRREQ is what you
get if you try to send data via a UDP socket that's not connect()ed.
BIND keeps good track of what's connect()ed and what isn't; it's like
the kernel is losing the asso
thanks for your quick reply
I am seen below error msg " once per 60sec" and no seen any query failure.
general: error: internal_send: 192.168.2.222#53: Destination address
required
general: error: /lib/isc/unix/errno2result.c:116: unexpected
error:
general: error: unable to convert errno to isc
On Aug 11, 2009, at 12:39 PM, kalpesh varyani wrote:
Hi,
I have below configuration.
DNS server1 -- Forwarder
DNS server2-- Authoritative
I am seeing following errors on server1.
general: error: internal_send: 192.168.2.222#53: Destination address
required
g
Hi,
I have below configuration.
DNS server1 -- Forwarder
DNS server2-- Authoritative
I am seeing following errors on server1.
general: error: internal_send: 192.168.2.222#53: Destination address
required
general: error: /lib/isc/unix/errno2result.c:116: unexpected
55 matches
Mail list logo
