Am 18.01.2012 um 23:54 schrieb Evan Hunt:
>> I tried the example from page 23 with a local zone, a trusted key and
>> inline-signing, like:
>> [...]
>> But I'm getting no ad-flag:
>
> That's normal; authoritative servers don't set the AD bit, validating
> resolvers do. (There's not much point i
On Thu, 19 Jan 2012, Axel Rau wrote:
Am 18.01.2012 um 23:54 schrieb Evan Hunt:
I tried the example from page 23 with a local zone, a trusted key and
inline-signing, like:
[...]
But I'm getting no ad-flag:
That's normal; authoritative servers don't set the AD bit, validating
resolvers do. (
Hi,
My resolvers seem to be having problems resolving ed.gov hosts. Others
have reported similar problems, but I am having trouble figuring out
where the problem lies. Some other resolvers seem to be resolving
ed.gov correctly. I am able to query their authoritative servers
directly from the sa
Josh wrote on 01/19/2012 02:06:05 PM:
> My resolvers seem to be having problems resolving ed.gov hosts. Others
> have reported similar problems, but I am having trouble figuring out
> where the problem lies. Some other resolvers seem to be resolving
> ed.gov correctly. I am able to query their
Ugly fix, but it does work. I already had that in place as a "band-aid"
anyways.
Josh
-Original Message-
From: wbr...@e1b.org [mailto:wbr...@e1b.org]
Sent: Thursday, January 19, 2012 2:36 PM
To: Baird, Josh
Cc: bind-users@lists.isc.org
Subject: Re: Problem with ed.gov
Josh wrote on 01/
Hello,
The dhcpd mailinglist sent me your way with a problem I am having with
named/dhcpd.
The problem I have is that I can not seem to get reverse hostname lookups
in my PXEboot, which means my PXEboot clients think they are localhost.
The problem that may be more relevant to the BIND list is t
Josh - are you using Cisco firewalls? We've seen problems resolving other
.gov sites due to EDNS/DNSSEC requests being truncated by "dns inspect
size" set to 512 bytes (out-of-box conf). Changing to 4k yielded good
results and fixed those problems without other operational impact.
Chris Faehl
Dire
Nope, no firewall in front or behind these particular boxes.
Josh
-Original Message-
From: Faehl, Chris [mailto:cfa...@rightnow.com]
Sent: Thursday, January 19, 2012 3:34 PM
To: Baird, Josh
Cc: bind-users@lists.isc.org
Subject: Re: Problem with ed.gov
Josh - are you using Cisco firewall
On Sun, Jan 15, 2012 at 04:41:15PM +, Markus Braun wrote:
> i googled the last daysi cant run DNSMASQ and BIND9 both on
> the same port or?
Obviously not, but I have set them both up on the same machine:
dnsmasq(8) as DHCP and authoritative DNS server, named(8) as
the upstream caching re
rob0 wrote on 01/19/2012 04:05:26 PM:
> ...
> server=127.0.0.1#1053
> # to use "nameserver 127.0.0.1" in resolv.conf(5)
> no-resolv
> ...
> listen-on port 1053 { 127.0.0.1; };
Are both of these listening on port 1053? That ain't gonna work. Put one
of them back on 53 or on some other
Please be aware that RFC 2671, which specifies EDNS0, allows for buffer
sizes to reach 64k, not just 4k. Most implementations default to 4k,
but the buffer size can easily be set higher. Moreover, the EDNS0
buffer size merely specifies the size where the UDP response becomes
truncated and mus
On Thu, Jan 19, 2012 at 07:13:49PM -0500, wbr...@e1b.org wrote:
> rob0 wrote on 01/19/2012 04:05:26 PM:
>
> > ...
> > server=127.0.0.1#1053
This says "contact a nameserver on 127.0.0.1:1053 for unlisted /
unknown names".
> > # to use "nameserver 127.0.0.1" in resolv.conf(5)
This says the syste
This is a modified version of named "dynamic-db" is *not* a valid
configuration option in named as shipped by ISC.
Additionaly "failed to create new zone" is not a log message from
named as shipped by ISC.
As you are seeing a core dump I would suggest that you contact
whomever extended the versi
In message <4f18b4a5.3050...@rancid.berkeley.edu>, Michael Sinatra writes:
> Please be aware that RFC 2671, which specifies EDNS0, allows for buffer
> sizes to reach 64k, not just 4k. Most implementations default to 4k,
> but the buffer size can easily be set higher.
Which often requires a rec
On Jan 19, 2012, at 8:14 PM, Mark Andrews wrote:
>
> In message <4f18b4a5.3050...@rancid.berkeley.edu>, Michael Sinatra writes:
>> Please be aware that RFC 2671, which specifies EDNS0, allows for buffer
>> sizes to reach 64k, not just 4k. Most implementations default to 4k,
>> but the buffer
In message
, =?UTF-8?Q?Stack_Koror=C4=81?= writes:
> There are two other logging files mentioned in the conf files:
> /var/log/named-auth.info never has any information in it.
> /var/log/update-debug.log mostly complains about this:
> update: info: client 127.0.0.1#46599: updating zone 'project.l
On 01/19/2012 09:11 PM, Mark Andrews wrote:
> In message
>
> , =?UTF-8?Q?Stack_Koror=C4=81?= writes:
>> There are two other logging files mentioned in the conf files:
>> /var/log/named-auth.info never has any information in it.
>> /var/log/update-debug.log mostly complains about this:
>> update:
On 01/19/2012 07:02 PM, Mark Andrews wrote:
> This is a modified version of named "dynamic-db" is *not* a valid
> configuration option in named as shipped by ISC.
That came from the Red Hat IPA configuration.
> Additionaly "failed to create new zone" is not a log message from
> named as shipped b
18 matches
Mail list logo
