On Wed, May 13, 2009 at 11:46:29AM +0800,
Tech W. wrote
a message of 14 lines which said:
> When an upper DNS returns a domain's authorised DNS server, will it
> also returns the authorised DNS server's IP address? So glue record
> works as this way?
Why don't you test? Computer science is an
Mark Andrews wrote:
In message <4a093b9c.5060...@afnic.fr>, sandoche BALAKRICHENAN writes:
I want to rewrite a query of the form
"sgtin.5.4.0.0.0.1.3.2.4.5.6.7.6.id.onsam.test" to
"sgtin.5.4.0.0.0.1.3.2.4.5.6.7.6.id.onseu.test" using NAPTR rewrite.
The NAPTR RR in the zone config is as fol
Hello -
(bind9.6.0-P1)
I have set up a zone that is signed.
It is an island of security zone for testing purposes.
I have set up a TSIG key and set the allow-update
to accept the key.
I have followed every step, afaict, in the various
how-tos on how to sign a zone.
But when I try to do an upda
I am running bind in a chroot jail, btw.
I had this working a while ago, and left it for a while
and then tried to set it up again, with no luck.
I am sure it is something simple...
--
Jack Tavares
From: bind-users-boun...@lists.isc.org [bind-users-boun...@lists
In message <4b18a8f75a6384449755bc7784073e93603b776...@exch11.olympus.f5net.com
> Hello -
>
> (bind9.6.0-P1)
>
> I have set up a zone that is signed.
> It is an island of security zone for testing purposes.
>
> I have set up a TSIG key and set the allow-update
> to accept the key.
>
> I have f
--- On Wed, 13/5/09, Stephane Bortzmeyer wrote:
>
> Glue was sent back since wanadoo.fr's name servers are
> under
> wanadoo.fr .
Ok please see dig info below.
if I understand for it correctly, gdpu.cn is not under b.dns.cn, why b.dns.cn
returns glues?
Thanks.
# dig gdpu.cn ns @B.DNS.cn
On Wed, May 13, 2009 at 03:37:19PM +0800,
Tech W. wrote
a message of 39 lines which said:
> if I understand for it correctly, gdpu.cn is not under b.dns.cn,
True, but irrelevant.
> why b.dns.cn returns glues?
Because the name servers of gdpu.cn are under gdpu.cn.
_
In article ,
"Tech W." wrote:
> --- On Wed, 13/5/09, Stephane Bortzmeyer wrote:
>
> >
> > Glue was sent back since wanadoo.fr's name servers are
> > under
> > wanadoo.fr .
>
>
> Ok please see dig info below.
> if I understand for it correctly, gdpu.cn is not under b.dns.cn, why b.dns.cn
>
yes.
And I when I previously failed to specify the correct key-directory, I got an
error
"found no private keys, unable to generate any signatures"
I corrected that error and now get the "failure" message
everything is owned by named .
options {
dnssec-enable yes;
dnssec-validation yes;
key-d
I have a glue (nameserver host) record which hasn't been used in years and I
want to delete it (and ultimately re-use the name). Attempting a delete through
UKreg (Fasthosts) gives me this:
Error: NameServerHosts Delete (Nameserver deletion failed at registry: 420
Object association prohibits o
Oh yes, I have got it. Thanks.
--- On Wed, 13/5/09, Stephane Bortzmeyer wrote:
> From: Stephane Bortzmeyer
> Subject: Re: glue record
> To: "Tech W."
> Cc: "Stephane Bortzmeyer" , bind-users@lists.isc.org
> Received: Wednesday, 13 May, 2009, 3:40 PM
> On Wed, May 13, 2009 at 03:37:19PM
> +080
Your domain is still broken. You need to remove the NS record for your
internal host.
$ dig @dns2.gdpu.cn gdpu.cn ns
;; ANSWER SECTION:
gdpu.cn.3600IN NS dns1.gdpu.cn.
gdpu.cn.3600IN NS dns2.gdpu.cn.
gdpu.cn.3600IN
--- On Wed, 13/5/09, Kal Feher wrote:
> From: Kal Feher
> Subject: Re: glue record
> To: bind-users@lists.isc.org
> Received: Wednesday, 13 May, 2009, 5:34 PM
> Your domain is still broken. You need
> to remove the NS record for your
> internal host.
>
I have requested the hostmaster, who
On Wed, May 13, 2009 at 06:08:23PM +0800,
Tech W. wrote
a message of 27 lines which said:
> She can't remove this hostname from the windows DNS server. Once it
> was removed, after some time, it will be added into the name server
> automatically by windows. How can she handle this case?
Remov
Hello,
I have a bind host installed. It has two public IP addresses.
I want to give two NS records for my domain, each NS take each of the IP set in
the host.
more details, the host has two IPs:
61.145.121.59
211.66.80.59
surely policy reoute for two nics was enabled.
I add these info into na
--- On Wed, 13/5/09, Stephane Bortzmeyer wrote:
>
> Remove the allow-update directive.
>
But she is running the windows DNS server not Bind..
Need a Holiday? Win a $10,000 Holiday of your choice. Enter
now.http://us.lrd.yahoo.com/_ylc=X3oDMTJxN2x2ZmNpBF9zAzIwMjM2MTY2MTMEdG1fZG1lY2g
On Wed, May 13, 2009 at 09:04:07PM +0800,
Tech W. wrote
a message of 13 lines which said:
> > Remove the allow-update directive.
> >
>
> But she is running the windows DNS server not Bind..
Then it is probably off-topic for this list.
___
bind-use
On Wed, May 13, 2009 at 09:02:55PM +0800,
Tech W. wrote
a message of 34 lines which said:
> I want to give two NS records for my domain, each NS take each of
> the IP set in the host.
Why? This would be completely useless. RFC 1034 and other documents
call for at least two name servers, for r
In message <809645.28773...@web15601.mail.cnb.yahoo.com>, "Tech W." writes:
>
> Hello,
>
> I have a bind host installed. It has two public IP addresses.
> I want to give two NS records for my domain, each NS take each of the IP set
> in the host.
>
> more details, the host has two IPs:
> 61.14
On May 13, 2009, at 6:51 AM, Stephane Bortzmeyer wrote:
On Wed, May 13, 2009 at 09:02:55PM +0800,
Tech W. wrote
a message of 34 lines which said:
I want to give two NS records for my domain, each NS take each of
the IP set in the host.
Why? This would be completely useless. RFC 1034 and ot
In article ,
Bradley Giesbrecht wrote:
> On May 13, 2009, at 6:51 AM, Stephane Bortzmeyer wrote:
>
> > On Wed, May 13, 2009 at 09:02:55PM +0800,
> > Tech W. wrote
> > a message of 34 lines which said:
> >
> >> I want to give two NS records for my domain, each NS take each of
> >> the IP set in
It is network redundancy only in so far the DOS attack doesn't cause
your CPU and memory to get slammed.
If you're doing redundancy you really ought to do the whole thing by
getting another server and putting IT on the other network. Then you
don't have a single point of failure (unless they'
> Date: Wed, 13 May 2009 10:29:19 -0400
> From: "Jeff Lightner"
>
> It is network redundancy only in so far the DOS attack doesn't cause
> your CPU and memory to get slammed.
>
> If you're doing redundancy you really ought to do the whole thing by
> getting another server and putting IT on t
I've encountered a similar issue when using DSA keys with BIND 9.5.1-P1.
The dynamic records weren't added to a master zone signed with DSA keys
- the journal file doesn't get created at all, just similar messages
logged in syslog:
Mar 19 11:53:23 new named[28753]: client 172.20.210.4#38722: view
On May 13, 2009, at 7:29 AM, Jeff Lightner wrote:
It is network redundancy only in so far the DOS attack doesn't cause
your CPU and memory to get slammed.
I would block the block the ip under attack upstream so no cpu or
memory issues.
I didn't claim anything other then there can be in fa
Thanks, but that is not my problem.
the error message you are getting at leasts give a hint:
Mar 19 11:53:23 new named[28753]: client 172.20.210.4#38722: view
default4: updating zone 'fred.com/IN': RRSIG/NSEC update failed: sign
failure
My error says:
13-May-2009 22:04:59.662 client 127.0.0.1#46
Luke Hopkins wrote:
I have a glue (nameserver host) record which hasn't been used in years and I
want to delete it (and ultimately re-use the name). Attempting a delete through
UKreg (Fasthosts) gives me this:
Error: NameServerHosts Delete (Nameserver deletion failed at registry: 420
Object a
Jeff, my apologies. I read the quoting levels wrong.
On May 13, 2009, at 8:01 AM, Bradley Giesbrecht wrote:
On May 13, 2009, at 7:29 AM, Jeff Lightner wrote:
It is network redundancy only in so far the DOS attack doesn't cause
your CPU and memory to get slammed.
I would block the block th
No worries. Compared to some posts directed my way in various forums
(even this list) this was mild and I just wanted to set the record
straight.
In one list I'm on this kind of response would immediately result in a 3
day thread about why top posting (or bottom posting or in line posting
or mayb
In message , "Alexa Petrean" writes:
>
> I've encountered a similar issue when using DSA keys with BIND 9.5.1-P1.
> The dynamic records weren't added to a master zone signed with DSA keys
> - the journal file doesn't get created at all, just similar messages
> logged in syslog:
>
> Mar 19 11:53:
Hello Everybody
I'm running a bind 9.4.2-p2 and a 9.5.1-P1 both on a FreeBSD 6.x box as
caching servers.
let's call them ns1 and ns2 :P
short after we shutdown server one we get error messages on the other server
-> socket: too many open file descriptors
I tried to recompile named with FD_SETSIZ
So I posted a couple of message about how my nsupdates
were failing intermittenly when attempting to update a signed zone.
The only error I get in the log is:
14-May-2009 13:17:09.077 client 127.0.0.1#10277: view external: updating zone
'test.net/IN': prerequisites are OK
14-May-2009 13:17:09.077
32 matches
Mail list logo
