Thank you for this. Had a look and it seems fairly easy. Not sure if that is a
flippant remark.
A question: is implementing dnssec a good enough reason to abandon split
horizon DNS?
Kobus
Sent from my iPhone
On 1 Nov 2012, at 02:01, Feng He wrote:
> 于 2012-10-31 23:05, Kobus Bensch 写道:
>
2012/11/1 Chris Thompson :
> On Oct 29 2012, Feng He wrote:
>
>> 于 2012-10-29 9:58, kavin 写道:
>>>
>>> Now,I want transfer the zone data from the master dns serverto slave
>>> dns server ,the master dns use bind-dlz+mysql and the slave dns server
>>> use bind+file.
>>
>>
>> AFAIK, BIND DLZ doesn't s
In article ,
Mark Andrews wrote:
> In message <5091adef.1040...@dougbarton.us>, Doug Barton writes:
> > On 10/31/2012 03:56 PM, Mark Andrews wrote:
> > > You are equating a practice that was techically wrong, and known
> > > to be wrong from the get go, with one that has never been techically
>
On Nov 1, 2012, at 3:02 AM, Kobus Bensch wrote:
> Thank you for this. Had a look and it seems fairly easy. Not sure if that is
> a flippant remark.
As the author of this document, I must say thanks. Deploying DNSSEC is not
hard.
It's the care and feeding after-the-fact (key rollover) that y
> YPYMAYTYP
Zero results from my favorite search engine -- congratulations. ;-)
-JP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists
In article ,
Jan-Piet Mens wrote:
> > YPYMAYTYP
>
> Zero results from my favorite search engine -- congratulations. ;-)
Thank you. Try YPYMAYTYC but I was thinking pick.
Sam
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
Hi
Is that because split horizon doubles admin or because its bad all together?
I have been using split horizon for many years now and found it very useful.
Any thoughts from any on the list would be most welcomed.
Kobus
- Original Message -
From: "Alan Clegg"
To: "Kobus Bensch"
Cc:
On Nov 1, 2012, at 7:14 AM, Kobus Bensch wrote:
> Is that because split horizon doubles admin or because its bad all together?
>
> I have been using split horizon for many years now and found it very useful.
> Any thoughts from any on the list would be most welcomed.
Crafted for a private rep
Feng He wrote:
>
> Take a look at:
> http://www.dnssec.lk/docs/DNSSEC_in_6_minutes.pdf
I recommend using "auto-dnssec maintain" so named keeps the zone signed,
instead of dnssec-signzone.
Tony.
--
f.anthony.n.finchhttp://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasion
Thanks. All makes sense and definitely something to think about in the new
network design.
Also wanted to say, I did like the doc and will be using that, but as you say,
will make particular note about the maintenance side of things.
Thanks
Kobus
- Original Message -
From: "Alan Clegg
On Nov 1, 2012, at 7:34 AM, Tony Finch wrote:
> I recommend using "auto-dnssec maintain" so named keeps the zone signed,
> instead of dnssec-signzone.
I do as well, and this will be documented in the next version of this document.
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
__
On Nov 1, 2012, at 7:34 AM, Tony Finch wrote:
> I recommend using "auto-dnssec maintain" so named keeps the zone signed,
> instead of dnssec-signzone.
I do as well, and this will be documented in the next version of this document.
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
__
On Nov 1, 2012, at 7:34 AM, Tony Finch wrote:
> I recommend using "auto-dnssec maintain" so named keeps the zone signed,
> instead of dnssec-signzone.
I do as well, and this will be documented in the next version of this document.
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
On Nov 1, 2012, at 7:34 AM, Tony Finch wrote:
> I recommend using "auto-dnssec maintain" so named keeps the zone signed,
> instead of dnssec-signzone.
I do as well, and this will be documented in the next version of this document.
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
On Nov 1, 2012, at 7:34 AM, Tony Finch wrote:
> I recommend using "auto-dnssec maintain" so named keeps the zone signed,
> instead of dnssec-signzone.
I do as well, and this will be documented in the next version of this document.
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
> I do as well, and this will be documented in the next version of this
> document.
I believe you've mentioned that here before. Several times. Today. ;-)
-JP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
fr
On Nov 1 2012, Jan-Piet Mens wrote:
I do as well, and this will be documented in the next version of
this document.
I believe you've mentioned that here before. Several times. Today. ;-)
"What I tell you three times is true.”
The Bellman, pp Lewis Carroll
--
Chris Thompson
Email: c...@ca
Jan-Piet Mens wrote on 11/01/2012 07:09:14 AM:
> > YPYMAYTYP
>
> Zero results from my favorite search engine -- congratulations. ;-)
Yeah, and bing didn't find it either! :)
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged informat
On 01/11/12 12:26, Alan Clegg wrote:
On Nov 1, 2012, at 7:14 AM, Kobus Bensch wrote:
Is that because split horizon doubles admin or because its bad all together?
I have been using split horizon for many years now and found it very useful.
Any thoughts from any on the list would be most welc
On Oct 31, 2012, at 4:02 PM, Doug Barton wrote:
> On 10/31/2012 03:56 PM, Mark Andrews wrote:
>> You are equating a practice that was techically wrong, and known
>> to be wrong from the get go, with one that has never been techically
>> wrong.
>
> Yes, I'm making exactly the same judgment that typ
On Oct 31, 2012, at 2:31 PM, Kevin Darcy wrote:
> I know of at least 2 commerically-available DNS maintenance systems that, by
> default, do not allow what they call "dotted hostnames", by which they mean a
> name which is at least 2 labels below a zone cut, e.g. "foo.bar" in the
> "example.com"
Should I install bind 9.9.0 first and then update to bind 9.9.1 then update to
bind 9.9.2?
This excerpt from the README file is a little confusing:
BIND 9.9.2
BIND 9.9.2 is a maintenance release and patches the security
flaw described in CVE-2012-4244.
BIND 9.9.1
BIND 9
You can install 9.9.2 directly.
Doug
On 11/01/2012 01:30 PM, Manson, John wrote:
> Should I install bind 9.9.0 first and then update to bind 9.9.1 then
> update to bind 9.9.2?
> This excerpt from the README file is a little confusing:
>
> BIND 9.9.2
>
> BIND 9.9.2 is a maintenance re
On Nov 1, 2012, at 7:45 AM, Alan Clegg wrote:
>
> On Nov 1, 2012, at 7:34 AM, Tony Finch wrote:
>
>> I recommend using "auto-dnssec maintain" so named keeps the zone signed,
>> instead of dnssec-signzone.
>
> I do as well, and this will be documented in the next version of this
> document.
On 11/1/2012 3:31 PM, Sten Carlsen wrote:
The typical server setup (for own servers) is that one name is used for
setting up e.g. the mail server, the ideal situation for everybody is
that whether I am in house or visiting you, if I have any internet
access, I can read and send mail.
Now if the
On 02/11/12 2:08, Barry S. Finkel wrote:
> On 11/1/2012 3:31 PM, Sten Carlsen wrote:
>> The typical server setup (for own servers) is that one name is used for
>> setting up e.g. the mail server, the ideal situation for everybody is
>> that whether I am in house or visiting you, if I have any int
26 matches
Mail list logo
