On Thu, Jan 22, 2009 at 01:16:00PM -0800,
Scott Haneda wrote
a message of 18 lines which said:
> If I do `dig NS example.com` and grep out my NS, does that suffice
> for making sure my primary and secondary are listed?
It depends on the TLD policy. For ".com", as far as I know, there is
no re
Hello,
I see that logs of EDNS problems show the RR which was successfully resolved
after changind packet size or disabling EDNS, but shouldn't they lot the IP
which has this problem?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adve
On Thu, Jan 22, 2009 at 11:06:38AM +,
Chris Thompson wrote
a message of 28 lines which said:
>> As mentioned by Anton Korotin, the root name servers send answers > 512.
>
> Well not unless the EDNS flag and buffer size are set in the query, of
> course.
Which BIND does by default.
> a,
On Jan 23, 2009, at 2:01 AM, Stephane Bortzmeyer wrote:
On Thu, Jan 22, 2009 at 01:16:00PM -0800,
Scott Haneda wrote
a message of 18 lines which said:
If I do `dig NS example.com` and grep out my NS, does that suffice
for making sure my primary and secondary are listed?
It depends on the TL
I configure a BIND 9.5.0 P2 which is both a DNSSEC-validating resolver
and an authoritative server.
With proper trust anchors, it DNSSEC-validates domains like iis.se or
sources.org and sets the AD bit in the answers to 'dig +dnssec XXX
iis.se'.
Except for one domain, generic-nic.net, for which t
Stephane Bortzmeyer wrote:
> I configure a BIND 9.5.0 P2 which is both a DNSSEC-validating resolver
> and an authoritative server.
>
> With proper trust anchors, it DNSSEC-validates domains like iis.se or
> sources.org and sets the AD bit in the answers to 'dig +dnssec XXX
> iis.se'.
>
> Except f
On Fri, 23 Jan 2009 14:48:23 +0100
Stephane Bortzmeyer wrote:
> I configure a BIND 9.5.0 P2 which is both a DNSSEC-validating resolver
> and an authoritative server.
>
> With proper trust anchors, it DNSSEC-validates domains like iis.se or
> sources.org and sets the AD bit in the answers to 'di
I wasn't talking about (or even really looking at, at the time) the
output of rndc -help. I was originally discussing the description in
the Administrators Reference Manual for Bind 9.4.
-rich
On Jan 23, 2009, at 1:45 AM, Doug Barton wrote:
Niall O'Reilly wrote:
On Wed, 2009-01-21 at 1
Redhat release 9
BIND 9.5.0-P2, compiled from source
named.conf has it
/*
logging
*/
... commented out.
rndc status
version: 9.5.0-P2
number of zones: 81
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 8/0/1000
tcp clients
On Fri, 23 Jan 2009, Len Conrad wrote:
> Where and what is telling named to log to syslog?
See the documentation
http://ftp.isc.org/www/bind/arm95/Bv9ARM.ch06.html
If there is no logging statement, the logging configuration will be:
logging {
category default { default_syslog; default_deb
Hi All
I want to set up Bind as a server in an active directory environment
since it now has GSS-TSIG support and I would like some instructions
on how to do this. Can someone please tell me where the manuals are,
better yet PDF versions of it. I have been unable to find a manual I
can search so fa
On Fri, Jan 23, 2009 at 11:06:16AM -0500,
Peter Fraser wrote
a message of 12 lines which said:
> Can someone please tell me where the manuals are, better yet PDF
> versions of it.
It seems ISC does not put them online but they are included with
BIND. To quote the ISC Web site:
DOCUMENTATION
On Fri, 23 Jan 2009, Stephane Bortzmeyer wrote:
> > Can someone please tell me where the manuals are, better yet PDF
> > versions of it.
Peter: Please see
https://www.isc.org/software/bind/documentation
which links to some manuals. (The manuals are in the ARM.)
Also see http://ftp.isc.org/www/bin
Hello All,
Sorry for the bad subject but i wasn't really sure how i could best
describe my circumstances. I would like to ask anyone out there if
something im proposing to implment is incorrect or just plain stupid.
Ok so the situation is that we have one set of developers who like to
call there
On 21/01/2009, at 10:40 AM, Scott Haneda wrote:
Hello, looking at my logs today, I am getting hammered with these:
20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
query (cache) './NS/IN' denied
20-Jan-2009 15:39:06.790 security: info: client 66.230.128.15#31593:
query (ca
Hello;
I have two "DMZ" BIND/DNS servers running whose purpose is to allow lookups via
them from my otherwise incapable internal network.
I've recently upgraded only one of them from BIND 9.5.0-P2 to BIND 9.5.1-P1.
Both servers are running Sparc/Solaris 9.
Upon upgrading one to BIND 9.5.0-P2,
Well I think I need to ask now since I have not been able to find
instructions on how to set up bind 9.5 or 9.6 to use GSS-TSIG and
accept updates from a WIndows DC. I would like to set bind up as an AD
dns server.
Can anyone please help me. Even a good link would do.
Thanks.
wiskbr...@hotmail.com wrote:
> Hello;
>
> I have two "DMZ" BIND/DNS servers running whose purpose is to allow
> lookups via them from my otherwise incapable internal network.
>
> I've recently upgraded only one of them from BIND 9.5.0-P2 to BIND
> 9.5.1-P1. Both servers are running Sparc/Solaris
BIND is suffering from
http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6320428
(sendto() should forward errors up the stack). To provide relief from
this issue the ISC have added additional command line options "-4" and
"-6", as of bind 9.3.2, which instruct BIND to limit requests to
> From: do...@dougbarton.us
>
> wiskbr...@hotmail.com wrote:
>> Hello;
>>
>> I have two "DMZ" BIND/DNS servers running whose purpose is to allow
>> lookups via them from my otherwise incapable internal network.
>>
>> I've recently upgraded only one of them from BIND 9.5.0-P2 to BIND
>> 9.5.1-P1. B
> From:
> To:
> Subject: RE: IPv6 Lookups on BIND 9.5.1-P1 and .GOV Addresses
> Date: Fri, 23 Jan 2009 15:24:55 -0500
> Cc: bind-users@lists.isc.org
>
>
[...]
> By the way, what would cause a DNS server to fragment packets or send
out of order? Aren't the packets typically small enough to f
At Fri, 23 Jan 2009 20:09:37 +,
Stacey Jonathan Marshall wrote:
> BIND is suffering from
> http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6320428
> (sendto() should forward errors up the stack). To provide relief from
> this issue the ISC have added additional command line optio
In message , Nathan
Ollerenshaw writes:
> On 21/01/2009, at 10:40 AM, Scott Haneda wrote:
>
> > Hello, looking at my logs today, I am getting hammered with these:
> > 20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517:
> > query (cache) './NS/IN' denied
> > 20-Jan-2009 15:39:06
In message , wiskbr...@hotmail.com
writes:
>
> Hello;
>
> I have two "DMZ" BIND/DNS servers running whose purpose is to allow lookups v
> ia them from my otherwise incapable internal network.
>
> I've recently upgraded only one of them from BIND 9.5.0-P2 to BIND 9.5.1-P1.
> Both servers are r
On 24/01/2009, at 9:57 AM, Mark Andrews wrote:
You you don't also have blessed silence on the counters
on this rule there is still a problem and you should be
complaining to whoever is sending the packets to you.
This just stops the amplification it doesn't clea
In article ,
John Bond wrote:
> Hello All,
>
> Sorry for the bad subject but i wasn't really sure how i could best
> describe my circumstances. I would like to ask anyone out there if
> something im proposing to implment is incorrect or just plain stupid.
> Ok so the situation is that we have
26 matches
Mail list logo
