You were correct (of course). I had my versions mixed up and was
starting an older version without GSSAPI support.
The kerberos authentication seems to be working now but I still can't
the updates working. If I understand the output in named.run correctly,
I believe the kerberos authentication
On Dec 29, 2008, at 11:35 PM, David Ford wrote:
I use DLZ w/ postgres. It's been working pretty good for me for a
while
now.
Another "just out of curiosity" question. What sort of performance do
you see with BIND/DLZ/Postgres?
The http://bind-dlz.sourceforge.net/ site has some BIND-DLZ
On second thought I think it must be:
named.conf
options {
[...]
tkey-gssapi-credential "DNS/dns.test.net";
tkey-domain "TEST.NET";
};
view "internal" {
[...]
zone "test.net" {
type master;
file "test.net.zone
On second thought I think it must be:
named.conf
options {
[...]
tkey-gssapi-credential "DNS/dns.test.net";
tkey-domain "TEST.NET";
};
view "internal" {
[...]
zone "test.net" {
type master;
file "test.net.zone
I know of named-checkzone but it doesn't handle missing trailing periods on
CNAME's like I want it to
Are there any scripts out there that can better verify if a zone file is
correct.
For example named-checkzone says this line is ok
host IN CNAME host.domain.com
I know technically it is valid..
I don't suggest using a "heavy" DB back end such as SQL for 50M records
without thought. Each DNS query might do several SQL lookups depending
on the type of query and number of hostname components. Factor in a
mail server and the number of hits becomes a dozen for one instance.
I.e. a.b.c.def.c
At Tue, 30 Dec 2008 16:05:10 +0100, Nico De Ranter wrote:
>
> update-policy {
> grant TEST.NET krb5-subdomain * A;
> };
Microsoft invented their own naming scheme for host principals
("machi...@realm" instead of "host/mach...@realm").
Try "ms-subdomain
At Mon, 29 Dec 2008 20:51:26 -0800 (PST),
"Paul B. Henson" wrote:
> Is there any way to configure a dynamic zone which is shared between both
> views, where an update from a box with an "internal" ip is seen by a query
> from a box with an "external" ip, and vice versa? Short of setting up a
> co
All,
I have installed a caching only instance of BIND (9.2.4) on a CentOS
machine on my internal network. I have noticed that initial DNS requests
against the server take a rather large amount of time (usually around 7
seconds). I have done some basic troubleshooting and I am coming up at a
loss
On Tue, 30 Dec 2008, [iso-2022-jp] JINMEI Tatuya / wrote:
> Is your goal something like this?
>
> - the server has an authority for a zone, e.g., "example.com".
> - example.com is defined for both the internal and external views, and
> these views share the content of the example.com zo
FYI,
Here is the snoop data I forgot to post before.
**NOTE** This snoop data is from a different lookup than the BIND debug
data I posted earlier. If expanded snoop data is needed to help
troubleshoot please let me know and I will be happy to provide it.
Snoop Data
No. Time
At Tue, 30 Dec 2008 12:14:32 -0800 (PST),
"Paul B. Henson" wrote:
> > Is your goal something like this?
> >
> > - the server has an authority for a zone, e.g., "example.com".
> > - example.com is defined for both the internal and external views, and
> > these views share the content of the exam
At Mon, 29 Dec 2008 08:05:52 -0800 (PST),
"jmorrise...@gmail.com" wrote:
>
> When doing a RNDC reload with Bind 9.5.1 we are getting the following
> error.
> This only happens if we list more than one master name server IP. If
> we only have one IP in the "masters" statement it is fine. If we h
In message <7227c6c70812300937s7a4be464h16db91c6ead84...@mail.gmail.com>, "Mike
Zupan" writes:
>
> I know of named-checkzone but it doesn't handle missing trailing periods on
> CNAME's like I want it to
>
> Are there any scripts out there that can better verify if a zone file is
> correct.
>
>
On Tue, 30 Dec 2008, [iso-2022-jp] JINMEI Tatuya / wrote:
> So, you at least need to fix one on-memory zone image that can be
> dynamically updated. You'll then have to configure the other view where
> the "shared" zone is a secondary of the real dynamic zone in the other
> view, or a fo
15 matches
Mail list logo
