On Thu, Sep 20, 2012 at 07:49:08PM -0500, Oscar Ricardo Silva wrote:
> I have several recursive, caching BIND servers that were running the
> Redhat package of BIND. Our servers started crashing because of a
> bug (previously identified AND fixed by ISC) so we've decided to
> ditch that version an
On 21 Sep 2012, at 08:55, Adam Tkac wrote:
> Because rc2 was released too late to get it into RHEL 6.3... Btw which is the
> bug that bothers you? Why don't you report it to RH bugzilla?
I don't understand why RH would choose to include a release candidate
rather than a stable re
On Fri, Sep 21, 2012 at 09:36:11AM +0100, Niall O'Reilly wrote:
>
> On 21 Sep 2012, at 08:55, Adam Tkac wrote:
>
> > Because rc2 was released too late to get it into RHEL 6.3... Btw which is
> > the
> > bug that bothers you? Why don't you report it to RH bugzilla?
>
> I don't understand w
Hi
We are running BIND 9.8.0 on Solaris 10 machine.
We are getting continuous hits from various IPs to isc.org (snoop report
attached)
Due to it our DNS is not responding to other genuine query and users are
not able to browse.
0.2 59.178.138.195 -> 203.94.243.70 DNS C isc.or
Dear All,
i have the minimum value in my dns server as 60 mins,
and my TTL is 60 Seconds , but still when users hit a non exist record ,
the other dns hold the negative cache for 60 secs instead of 60 mins ..
? why ?
$TTL 60
@ IN SOA NS1.TEST.BIZ. Abuse.TEST.BIZ. (
201208281 ;
serial, today
Hello,
I used to get a lot of these kind of junk queries for ripe.net and isc.org in
ANY type.
I just manually block these source IPs in iptables. I did this work for several
months and there was no more junk queries after.
Also, one of my another DNS server was hacked or whatever and was used
-Original Message-
From: "Tony Xue"
Date: Fri, 21 Sep 2012 10:09:37
To: Amit Gupta;
;
Reply-To: xuez...@gmail.com
Cc:
Subject: 答复: DDOS Atatck on BIND 9.8.0
Hello,
I used to get a lot of these kind of junk queries for ripe.net and isc.org in
ANY type.
I just manually block these s
Actually I don't have very good idea about it. It's kind of you just cannot do
anything about it. Also you're not the server used to attack others so there're
less action can be done.
I just think you can upgrade to BIND 9, because you're ISP level so most
actions I have done , you can't do it.
On Fri, 21 Sep 2012, Robert JR wrote:
> i have the minimum value in my dns server as 60 mins, and my TTL is 60
> Seconds , but still when users hit a non exist record , the other dns hold
> the negative cache for 60 secs instead of 60 mins .. ? why ?
>
> $TTL 60
> @ IN SOA NS1.TEST.BIZ. Abuse.TE
Thank you very much.. this helped alot ..
Thanks again Jeremy
On
2012-09-21 16:13, Jeremy C. Reed wrote:
> On Fri, 21 Sep 2012, Robert
JR wrote:
>
>> i have the minimum value in my dns server as 60 mins,
and my TTL is 60 Seconds , but still when users hit a non exist record ,
the other dn
Sounds like the internet is using your external dns server to do recursive
queries.
This will reduce the unwanted queries.
On your external dns server, create 2 views, one for your internal dns
forwarders to point to (recursive) and one for internet queries to you
(authoritative).
Name them Insi
On 09/21/2012 02:55 AM, Adam Tkac wrote:
On Thu, Sep 20, 2012 at 07:49:08PM -0500, Oscar Ricardo Silva wrote:
I have several recursive, caching BIND servers that were running the
Redhat package of BIND. Our servers started crashing because of a
bug (previously identified AND fixed by ISC) so we
On 09/20/2012 09:35 PM, Chris Buxton wrote:
On Sep 20, 2012, at 5:49 PM, Oscar Ricardo Silva wrote:
I have several recursive, caching BIND servers
[...]
The current servers are configured to forward any queries for our domain
straight to our authoritative servers
[...]
I've been readin
On 9/20/12 5:49 PM, Oscar Ricardo Silva wrote:
> If I'm correct, it will send non-recursive queries to the listed servers
> and will honor delegations. I've tested this configuration in our lab
> and it all appears to be working.
Yup, static stub will do exactly that.
> With our configuration, a
>
>It's time to back in again (front in?). Now that Comcast is
>validating,
>any mistakes that people make will get fixed right quick. 1.7 million
>people doing validation is good incentive to get things right and fix
>them quickly. At UC Berkeley, validation has been turned on for four
>years
Hello List,
I would like to use openldap to store DHCP config and DNS zones.
I've scoured the web for howtos and I've learned a lot.
For openldap backed DNS it seems that DLZ is the best option (faster,
and the data is better organised in ldap).
My main question is about dynamic updates from the
16 matches
Mail list logo
