On 01.08.10 13:02, Rick Dicaire wrote:
> I've seen no mention of this, but is it possible to implement dnssec
> while using one of dlz or sdb backends that contain zone data?
You apparently mean if it's possible to use BIND's autosigning feature(s).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ;
Manao ahoana, Hello, Bonjour,
Without grepping the configuration files from the system shell, is it
possible to lists all the master zones on a running bind9? What tool
with?
Misaotra, Thanks, Merci.
--
Architecte Informatique chez Blueline/Gulfsat:
Administration Systeme, Recherche
On 03/08/10 10:39, Mihamina Rakotomandimby wrote:
Manao ahoana, Hello, Bonjour,
Without grepping the configuration files from the system shell, is it
possible to lists all the master zones on a running bind9? What tool
with?
How about this:
# add this to named.conf
statistics-channels {
inet
Dear all,
Le 02.08.2010 23:43, Denis BUCHER a écrit :
I have a simple question, when reloading Bind, I get these messages, and
later on in the logs, the transfer seems to work with IPv4.
Aug 2 23:24:13 cirrus named[1581]: network unreachable resolving
'(host)/A/IN': 2001:620::4#53
Aug 2 23:24:1
Kevin,
Thanks for the good ideas. Here is what I am seeing based on your
recommendations:
1. Zone has expired (to confirm: check logs)
No errors or notices regarding the zone being expired.
2. Corrupted/truncated journal file (to confirm: check logs, or, shut
down gracefully, delete journal and
One thing you have top remember is the Slave NEVER updates the
Master.
The updater is always the Master and the receiver is always the
Slave.
I have posted about using 2 masters. You should be able to do a
search on he
archive and find the post.
In short all you need to do is setup 2 master
My employer decided to host our website on another server off-site.
My problem is getting our dns to point from our old server to the new.
Currently we own all the ip's and host our own website. Here is the
zone file for harrisonburg.k12.va.us:
$ORIGIN .
$TTL 259200 ; 3 days
harriso
On 8/3/2010 8:07 AM, dhottin...@harrisonburg.k12.va.us wrote:
> $TTL 259200; 3 days
> harrisonburg.k12.va.us. A 174.143.193.47
>
>
> I made the entry for the new website's ip (174.143.193.47). But when I
> do a dig, it still comes back with 204.111.40.10. What do I need to do
3.8.2010 15:07, dhottin...@harrisonburg.k12.va.us kirjoitti:
My employer decided to host our website on another server off-site.
My problem is getting our dns to point from our old server to the new.
Currently we own all the ip's and host our own website. Here is the
zone file for harrisonb
Am Tue, 03 Aug 2010 08:07:58 -0400
schrieb dhottin...@harrisonburg.k12.va.us:
> My employer decided to host our website on another server off-site.
> My problem is getting our dns to point from our old server to the
> new. Currently we own all the ip's and host our own website. Here is
> the z
Which DNS server are you digging? It's possible that (by default) you're
digging against a server that has the old entry still cached.
Frank
-Original Message-
From: bind-users-bounces+frnkblk=iname@lists.isc.org
[mailto:bind-users-bounces+frnkblk=iname@lists.isc.org] On Behalf O
Dwayne Hottinger wrote:
> I made the entry for the new website's ip (174.143.193.47). But when
> I do a dig, it still comes back with 204.111.40.10.
From what I can see here, your ns1 returns SERVFAIL, while your ns2 still
serves an old zone with SOA serial 2009111201.
I'd suggest you look
Wow,
Best mailing list Ive ever been on. You guys were spot on. I didnt
increment my serial number right (old eyes dont see so well), so
things were propagating correctly, and I had an error in my named.conf
file. I appreciate all the help.
ddh
--
Dwayne Hottinger
Network Administrat
To all,
The term "master" has different meanings in different contexts. Each zone
is configured with a "type" of master or slave, etc, and in this context
the term "master" refers to a functional paramater of this zone on this
server. But within the configuration of a zone that is of type "slav
Hello,
since today morning (~06:30 CEST) I get several 1.000 errors like:
[ '/var/log/named.log' ]
Aug 3 10:12:39 dns1 named[26425]: 03-Aug-2010 10:12:39.951 lame-servers: info:
unexpected RCODE (REFUSED) resolving 'lists.colo.xensource.com/A/IN':
Dear all,
I have a question, it's not really a big problem, but it's annoying.
In the logs I get plenty of lines like :
client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1 Time(s)
client 202.152.172.4 query (cache) 'denkstunde.de/MX/IN' denied: 2 Time(s)
client 202.152.172.4 quer
Denis BUCHER wrote:
Dear all,
I have a question, it's not really a big problem, but it's annoying.
In the logs I get plenty of lines like :
client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1
Time(s)
client 202.152.172.4 query (cache) 'denkstunde.de/MX/IN' denied: 2
Time(s)
cl
On Tue, 03 Aug 2010 18:01:27 +0200, Denis BUCHER
wrote:
> Dear all,
>
> I have a question, it's not really a big problem, but it's annoying.
>
> In the logs I get plenty of lines like :
>> client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1
>> Time(s)
>> client 202.152.172.4 quer
At Tue, 3 Aug 2010 12:39:05 +0300,
Mihamina Rakotomandimby wrote:
> Manao ahoana, Hello, Bonjour,
>
> Without grepping the configuration files from the system shell, is it
> possible to lists all the master zones on a running bind9? What tool
> with?
If you enable "zone-statistics" you can see
> p.may...@imperial.ac.uk :
>How about this:
Very good!
Thank you.
--
Architecte Informatique chez Blueline/Gulfsat:
Administration Systeme, Recherche & Developpement
+261 34 56 000 19
___
bind-users mai
Dear all,
I have a question, it's not really a big problem, but it's annoying.
In the logs I get plenty of lines like :
client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1 Time(s)
client 202.152.172.4 query (cache) 'denkstunde.de/MX/IN' denied: 2 Time(s)
client 202.152.172.4 quer
On 8/3/2010 7:50 AM, Atkins, Brian (GD/VA-NSOC) wrote:
Kevin,
Thanks for the good ideas. Here is what I am seeing based on your
recommendations:
1. Zone has expired (to confirm: check logs)
No errors or notices regarding the zone being expired.
2. Corrupted/truncated journal file (to confirm:
Dear Lyle,
Le 03.08.2010 18:17, Lyle Giese a écrit :
I would like to know if I can block hosts doing that at the level of
/etc/hosts.allow or should I do it at the level of Bind itself ?
Use IPTables or add rules to your firewall. I don't believe that BIND
pays any attention to /etc/hosts.allow
Le 03.08.2010 18:28, wllarso a écrit :
This seems to be due to a script-kiddie.
I would like to know if I can block hosts doing that at the level of
/etc/hosts.allow or should I do it at the level of Bind itself ?
And sorry if this is not 100% on topic, I know it's at the border
between BIND and
>> I would like to know if I can block hosts doing that at the level of
>> /etc/hosts.allow or should I do it at the level of Bind itself ?
> Use IPTables or add rules to your firewall. I don't believe that BIND
> pays any attention to /etc/hosts.allow
BIND has a "blackhole" option that will essen
Blackhole isn't better IMHO because I found in the past that they still try
your server ad nauseum even though they're blocked - blocking at iptables is
doing it at kernel level before BIND. However it does work and is certainly
one way to do it especially on systems that don't have their own
On 8/3/2010 3:03 PM, Denis BUCHER wrote:
Dear Lyle,
Le 03.08.2010 18:17, Lyle Giese a écrit :
I would like to know if I can block hosts doing that at the level of
/etc/hosts.allow or should I do it at the level of Bind itself ?
Use IPTables or add rules to your firewall. I don't believe that B
Yes - I had already written him off list in reply to an email he sent me and
pointed it out. It also only blocks port 53 so if he had other ports open the
script kiddie would still be able to see those other ports.
-Original Message-
From: bind-users-bounces+jlightner=water@lists.
On 7/28/10, I wrote:
>> I have a BIND config question. First some history.
>>
>> My initial two DNS servers (A and B) had three NICs and three IP
>> addresses. Then I installed two additional servers (C and D),
>> each with one NIC; each server has one base address and one DNS address.
>> All fo
It might be worth pointing out
a) that you're trying to recursively query a non-recursive nameserver
b) that the MX record is technically superfluous, since its target is
the same as the owner name, and all mail clients will fail over to doing
an A query of the same name if no MX record is prese
I'm trying to put together a training environment with a "fake" internet. The
idea is that a computer running windows xp will be attached to the WAN side of
a router to be the "internet". Any (http, possibly other protocols) requests
going out from the router should be caught by the box attach
Kevin Darcy wrote:
On 8/3/2010 3:03 PM, Denis BUCHER wrote:
Dear Lyle,
Le 03.08.2010 18:17, Lyle Giese a écrit :
I would like to know if I can block hosts doing that at the level of
/etc/hosts.allow or should I do it at the level of Bind itself ?
Use IPTables or add rules to your firewall. I
2 rules aren't needed if you don't specify protocol and port in the first one.
It simply drops ALL traffic from that IP.
-Original Message-
From: bind-users-bounces+jlightner=water@lists.isc.org
[mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Lyle
Giese
S
In message <20100803142625.gc27...@tamay-dogan.net>, Michelle Konzack writes:
> This is a MIME-formatted message. If you see this text it means that your
> E-mail software does not support MIME-formatted messages.
>
> Hello,
>
> since today morning (~06:30 CEST) I get several 1.000 errors like
In message <4c58668d.2010...@chrysler.com>, Kevin Darcy writes:
> On 8/3/2010 7:50 AM, Atkins, Brian (GD/VA-NSOC) wrote:
> > Kevin,
> >
> > Thanks for the good ideas. Here is what I am seeing based on your
> > recommendations:
> >
> > 1. Zone has expired (to confirm: check logs)
> > No errors or n
I host a re-direct for the local soccer organization
The "real" owner (non-technical) let the domain lapse, and I recommended
the registrar I use (that automatically provides secondary DNS services) -
but they didn't use them.
Now they can NOT get to the site - am I configured wrong? -- or --
In message ,
bill.li...@kp.org writes:
>
> I host a re-direct for the local soccer organization
>
> The "real" owner (non-technical) let the domain lapse, and I recommended
> the registrar I use (that automatically provides secondary DNS services) -
> but they didn't use them.
>
> Now they c
37 matches
Mail list logo
