On 8 Mar 2012, at 02:58, Lyle Giese wrote (on bind-users):
> On linux boxes, adding
>
> options rotate
>
> to the /etc/resolv.conf helps.
[cross-posted, reply-to header set]
Is there a DHCP option which expresses that, and which
typical fielded DHCP clients will respe
Hi there,
On Thu, 8 Mar 2012, Spain, Dr. Jeffry A. wrote:
Other posts have alluded to the Debian openssl flaw reported in May
2008 (http://www.debian.org/security/2008/dsa-1571). This led to
predictable random primes being used to generate RSA moduli ...
Just in case anyone thinks that this i
Continuing a thread from November & January (these experiments do
take a long time, absent a fake clock)...
One experiment I have been doing is to see whether a rollover done
as described in https://www.iana.org/dnssec/icann-dps.txt (which is
only approximately RFC 5011-like) would cause BIND's m
Hello,
thanks for the answer. That was my first change :
/etc/resolv.conf like :
domain example.fr
search example.fr example2.fr
nameserver 192.168.0.1
nameserver 192.168.0.2
options rotate
options timeout:1
options attempts:1
This works fine.
But the issue is now mainly coming from the client
On 3/8/12 8:15 AM, "Romgo" wrote:
> I can use a VIP for DNS server, but I though that master/slave
> configuration was made in order to avoid to use a VIP.
Master/slave was to avoid SPOF -- if the master dies, who cares with a
reasonable expire time. :-)
So go ahead, setup a VIP...even using fr
On 3/8/12 10:20 AM, "Mike Hoskins" wrote:
> On 3/8/12 8:15 AM, "Romgo" wrote:
>> I can use a VIP for DNS server, but I though that master/slave
>> configuration was made in order to avoid to use a VIP.
>
> Master/slave was to avoid SPOF -- if the master dies, who cares with a
> reasonable expir
Thanks, that did the trick!
On 3/8/12, Mark Andrews wrote:
>
> In message
>
> , Nick Edwards writes:
>> On 3/8/12, Nick Edwards wrote:
>> > On 3/7/12, Mark Andrews wrote:
>> >
>> >>> resigned it again as about 3 months using:dnssec-signzone -a -e
>> >>> +15724800 -K keys/ -N INCREMENT gui
In article ,
michoski wrote:
> On 3/8/12 8:15 AM, "Romgo" wrote:
> > I can use a VIP for DNS server, but I though that master/slave
> > configuration was made in order to avoid to use a VIP.
>
> Master/slave was to avoid SPOF -- if the master dies, who cares with a
> reasonable expire time. :
In BIND 9.9.0(CentOS 4.6)
Mar 9 06:58:51 X named[17533]: general: critical: client.c:318:
INSIST(client->newstate <= 3) failed, back trace
Mar 9 06:58:51 X named[17533]: general: crit
9 matches
Mail list logo
