2011/12/20 Matus UHLAR - fantomas :
>> 2011/12/20 Mark Andrews :
>>>
>>> Named has a compiled in set of root hints. It is used if
>>> a root zone is not defined in named.conf.
>
>
> On 20.12.11 17:37, Peter Andreev wrote:
>>
>> Whether it means that without hint zone named still can
2011/12/20 Mark Andrews :
Named has a compiled in set of root hints. It is used if
a root zone is not defined in named.conf.
On 20.12.11 17:37, Peter Andreev wrote:
Whether it means that without hint zone named still can perform
iterative lookups for its internal purposes?
2
In message <2011122018.ga3...@fantomas.sk>, Matus UHLAR - fantomas writes:
Long time ago when we were trying to have multiple web servers for
redundancy and balancing, we have found that multiple IP's is not a
good solution (parts of web pages didn't load). We selected L3
switches then...
O
2011/12/21 Matus UHLAR - fantomas :
2011/12/20 Mark Andrews :
>
> Named has a compiled in set of root hints. It is used if
> a root zone is not defined in named.conf.
>
>
>>> On 20.12.11 17:37, Peter Andreev wrote:
Whether it means that without hint zone na
Hello, list!
I have split view on my name-servers (master and slave), for internal
and external clients i have zone with similar names, but different content.
Part of config named.conf on master:
view "internal" {
match-clients { myclients; };
recursion yes;
match-recursive-only yes
21.12.2011 13:54, Konstantin V. Krotov пишет:
Hello, list!
I have split view on my name-servers (master and slave), for internal
and external clients i have zone with similar names, but different content.
Part of config named.conf on master:
view "internal" {
match-clients { myclients; };
recurs
Hi,
Maybe this can help you.
First you need two network interfaces with diferent ip.
At the internal view declaration add transfer-source 192.168.11.x; ( has to
be different from your public/external)
In the zone statement, you must specify the private IP address of your
slaves, at allow-transf
In message <20111221083337.gb5...@fantomas.sk>, Matus UHLAR - fantomas writes:
> >In message <2011122018.ga3...@fantomas.sk>, Matus UHLAR - fantomas write
> s:
> >> Long time ago when we were trying to have multiple web servers for
> >> redundancy and balancing, we have found that multiple IP'
In article ,
Matus UHLAR - fantomas wrote:
> On 20.12.11 19:37, Martin T wrote:
> >I have seen setups where one domain name has two address records.
> >First IP address is in the ISP-A network and the other one is in the
> >ISP-B network. In case I execute "host www..com", I always
> >get two IP
"if a root zone is not defined in named.conf"
I wonder if you really do NOT want to ever hit root zones you could make your
own entry in named.conf that points to localhost for root zone and thereby
avoid hitting any real root?
-Original Message-
From: bind-users-bounces+jlightner=w
On 20.12.11 17:37, Peter Andreev wrote:
Whether it means that without hint zone named still can perform
iterative lookups for its internal purposes?
On 21.12.11 13:05, Peter Andreev wrote:
Well, we run a bunch of authoritative-only slave servers and obviously
they don't have to perform any kin
2011/12/21 Matus UHLAR - fantomas :
> On 20.12.11 17:37, Peter Andreev wrote:
>>
>> Whether it means that without hint zone named still can perform
>> iterative lookups for its internal purposes?
>
>
> On 21.12.11 13:05, Peter Andreev wrote:
>>
>> Well, we run a bunch of authoritati
2011/12/21 Matus UHLAR - fantomas :
Disabling recursion should do the same afaik. However, disabling
additional-from-cache is OK and afaik disabled by default.
On 21.12.11 19:21, Peter Andreev wrote:
No, it is enabled by default.
server needs to resolve names if it's supposed to send NOTIFY
Zone refresh checks and zone transfer requests are not recursive queries. With
match-recursive-only, the view cannot act as a master to any slave. You might
want to consider a hidden master that does not have this option set.
Regards,
Chris Buxton
BlueCat Networks
On Dec 21, 2011, at 1:54 AM, K
No, that's not correct. You can use TSIG keys to differentiate between views,
without using separate interfaces. However, this will not solve the problem --
removing match-recursive-only will solve the problem.
Regards,
Chris Buxton
BlueCat Networks
On Dec 21, 2011, at 2:23 AM, Gelo wrote:
> H
On Wed, 21 Dec 2011, Peter Andreev wrote:
Ok, may be I'm a paranoid and worrying about trifles, but news about
compiled in hints astonished me.
The test shown here may calm you (if it shows refusal):
https://www.dns-oarc.net/oarc/articles/upward-referrals-considered-harmful
Dave
--
David Fo
On 12/20/2011 10:06 PM, SM wrote:
> At 17:53 20-12-2011, Doug Barton wrote:
>> I've been given an interesting challenge that I doubt I'm the first one
>> to face, so I thought I'd ask. :) I have an internal project for which
>> I have a large'ish number of hostnames that I want to return a fairly
David, thank you, I checked and all seems good :).
2011/12/21 Matus UHLAR - fantomas :
>> 2011/12/21 Matus UHLAR - fantomas :
>>>
>>> Disabling recursion should do the same afaik. However, disabling
>>>
>>> additional-from-cache is OK and afaik disabled by default.
>
>
> On 21.12.11 19:21, Peter A
18 matches
Mail list logo
