On Thu, 2009-01-22 at 10:25 +1100, Mark Andrews wrote:
> One way to test is to have a test box that sends spoofed traffic
> to a machine you control.
Thanks, Mark.
That tells me pretty well what I needed to know, but
hoped not to hear: I have to build my own bot-net. 8-)
On Wed, 2009-01-21 at 19:14 -0600, Jeremy C. Reed wrote:
> Maybe we should just remove the "immediately" part.
>
> Any suggestions would be appreciated.
If you're going to make a change, adding a little more
information wouldn't hurt, would it? Perhaps:
s/immediately/cle
Hello all,
first question :
for have log i add this in my named.conf
logging {
category "resolver" { "debug"; };
category "client" { "debug"; };
category "queries" { "debug"; };
channel "debug" {
file "/var/log/named/named.log" versions 2
On Wed, Jan 21, 2009 at 11:47:01AM -0500,
Todd Snyder wrote
a message of 38 lines which said:
> I am sure there is much in the RTFM category, and I will continue to
> RTFM,
The FM here is RFC 2671, published nine years ago (a lot of time in
Internet terms).
> We are seeing some firewall mess
On Jan 22 2009, Stephane Bortzmeyer wrote:
[...]
As mentioned by Anton Korotin, the root name servers send answers > 512.
Well not unless the EDNS flag and buffer size are set in the query,
of course.
This prompted me to look at what data is omitted from the additional
section of the respon
> Matus UHLAR - fantomas wrote:
> > This is _NOT_ a problem of BIND. This is a problem of its admin who can't
> > read the docs and set up max-cache-size, which does exactly what is needed
> > in this case.
On 21.01.09 17:38, Dmitry Rybin wrote:
> Hmm... And why bind allocate all system memory, if
On Wed, Jan 21, 2009 at 12:10:05PM +0300, Dmitry Rybin wrote:
> view "view0"{
> max-cache-size 16M;
> match-clients {
> XXX.XXX.XXX.XXX;
> };
> include "net-views/view0.conf";
> };
>
> [... skip 48 views ...]
>
> view "view50"{
> max-cache-size 8M;
> match-clients {
> XXX.XXX.
Actually thinking about your problem i just got an idea for a quick and
dirty solution that might just be it for you:
Keep running the views on your fontend nameserver but forward all
recursive queries to another recursive server via the "forward only;"
statement. IIRC that should cause BIND not to
I have setup and configured TSIG on our Bind 9. DNS servers. How can you
verify/test that it is working correctly?
Thanks in advance for any assistance provided.
Mark
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman
Mark A. Moore wrote:
> I have setup and configured TSIG on our Bind 9. DNS servers. How can you
> verify/test that it is working correctly?
Check your logging:
xfer.log:20-Jan-2009 20:06:24.677 xfer-out: info: client
149.20.XX.XX#60073: transfer of '154.XX.XX.in-addr.arpa/IN': AXFR-style
IXFR sta
Shouldn't using dig fail from the slave?
For example:
[...@stuey ~]$ dig -t AXFR domain.tld @ns1.someserver
; <<>> DiG 9.5.1-P1 <<>> -t AXFR domain.tld @ns1.someserver
;; global options: printcmd
; Transfer failed.
On Thu, January 22, 2009 08:58, Mark A. Moore wrote:
> I have setup and conf
Vincent Rivellino wrote:
> Shouldn't using dig fail from the slave?
>
> For example:
>
> [...@stuey ~]$ dig -t AXFR domain.tld @ns1.someserver
>
> ; <<>> DiG 9.5.1-P1 <<>> -t AXFR domain.tld @ns1.someserver
> ;; global options: printcmd
> ; Transfer failed.
It all depends on what you do with t
I will be out of the office starting 01/20/2009 and will not return until
01/26/2009.
If it is an emergency, the help line at 760-6277
-- Confidentiality Notice --
This email message, including all the attachments, is for the sole use of the
intended recipient(s) and contains confidential in
In article ,
Mark Andrews wrote:
> In message , Scott Haneda
> writ
> es:
>
> > Is BCP 38 really as solid and plug and play as it sounds? In a
> > shared, or colo'd environment, can that ISP really deploy something
> > like this, without it causing trouble for those that assume unfettered
Thank you for this notification. It indicates that today would be a
great day for for miscreants to make hacking attempts at your account.
You don't put a sign up in the front yard of your home that you're away
on vacation do you?
;-)
-david
rd...@monroehosp.org wrote:
> I will be out of the o
> Hello all,
>
> first question :
>
> for have log i add this in my named.conf
>
> logging {
> category "resolver" { "debug"; };
> category "client" { "debug"; };
> category "queries" { "debug"; };
> channel "debug" {
> file "/var/log/named/named.
Hello,
Thank you for answering my quesiton yesterday.
I have a new question about allow-query-cache and its effect on a dns server'
response resolution time.
allow-query-cache "specifies which hosts are allowed to get answers from the
cache". I'm assuming this is refering to the memory cache
Hello, I want to do some spring cleaning on my dns. WHOIS seems to
throttle me back with too many checks, how can I use dig to check for
registration of a domains?
If I do `dig NS example.com` and grep out my NS, does that suffice for
making sure my primary and secondary are listed?
What
On 22-Jan-2009, at 16:00 , LENA MATUSOVSKAYA, BLOOMBERG/ 731 LEXIN
wrote:
Hello,
Thank you for answering my quesiton yesterday.
I have a new question about allow-query-cache and its effect on a
dns server' response resolution time.
allow-query-cache "specifies which hosts are allowed t
I believe there are any restrictions if you run a WHOIS from your dig
prompt.
[ch...@ks1dc ~]$ whois newgeo.com
[Querying whois.internic.net]
[Redirected to whois.wildwestdomains.com]
[Querying whois.wildwestdomains.com]
[whois.wildwestdomains.com]
The data contained in this Registrar's Whois data
oops..arent any
On Thu, Jan 22, 2009 at 4:24 PM, CB wrote:
> I believe there are any restrictions if you run a WHOIS from your dig
> prompt.
>
> [ch...@ks1dc ~]$ whois newgeo.com
> [Querying whois.internic.net]
> [Redirected to whois.wildwestdomains.com]
> [Querying whois.wildwestdomains.com]
>
There are, I ran a repeat loop in bash, for only 50 domains, and I was
thorttled back to I believe, once every 3 minutes.
Different WHOIS servers may have different policy, but it is also
slow. Dig should speed up my queries by a large degree.
Thank you.
On Jan 22, 2009, at 1:24 PM, CB wr
Thank you
Maybe I didn't word my question correctly.
allow-query-cache definitions states allow-query-cache "specifies which hosts
are allowed to get answers from the cache." Which cache is it refering to?
Could the cache also contain records which a master server is authoritative
for? With allo
My goal is for my authoritiative server to use its memory cache to reply to the
queries its authoritiative for. However, it should not satisfy all other
queries - NO to recursion ;) . Overall, I'm wondering what affect setting
"allow-query-cache" to "none" has on the performance of authoritative
On 22 Jan 2009 17:09:28 -0500, LENA MATUSOVSKAYA, BLOOMBERG/ 731 LEXIN
wrote:
> My goal is for my authoritiative server to use its memory cache to reply to
> the queries its authoritiative for. However, it should not satisfy all other
> queries - NO to recursion ;) . Overall, I'm wondering what
On Jan 22 2009, LENA MATUSOVSKAYA, BLOOMBERG/ 731 LEXIN wrote:
My goal is for my authoritiative server to use its memory cache to
reply to the queries its authoritiative for. However, it should not
satisfy all other queries - NO to recursion ;) . Overall, I'm wondering
what affect setting "allow
Niall O'Reilly wrote:
> On Wed, 2009-01-21 at 19:14 -0600, Jeremy C. Reed wrote:
>> Maybe we should just remove the "immediately" part.
>>
>> Any suggestions would be appreciated.
>
> If you're going to make a change, adding a little more
> information wouldn't hurt, would it?
The ou
27 matches
Mail list logo
