In article ,
Dave Warren wrote:
> Because it is actually the master, and from what I can tell, the slaves
> will check against the MNAME to confirm whether they're up to date or not.
No, slaves check against the IPs listed in the "master" clause in their
named.conf.
--
Barry Margolin
Arling
Brian Kroth wrote:
>
> > RFC 4035 sec 2.2 says
> >
> > There MUST be an RRSIG for each RRset using at least one DNSKEY of
> > each algorithm in the zone apex DNSKEY RRset. The apex DNSKEY RRset
> > itself MUST be signed by each algorithm appearing in the DS RRset
> > located at the delegating par
I'm going crazy.
This is my named.conf
logging {
channel default_logfile {
file "/var/cache/bind/logs/default.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
c
Tony Finch 2013-01-17 12:02:
Brian Kroth wrote:
RFC 4035 sec 2.2 says
There MUST be an RRSIG for each RRset using at least one DNSKEY of
each algorithm in the zone apex DNSKEY RRset. The apex DNSKEY RRset
itself MUST be signed by each algorithm appearing in the DS RRset
located at the dele
On Jan 17, 2013, at 9:04 AM, Daniele wrote:
> I'm going crazy.
>
> This is my named.conf
>
> logging {
>
> channel default_logfile {
> file "/var/cache/bind/logs/default.log";
> severity info;
> print-category yes;
> prin
Output for `dig NS .`
; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 NS .
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 37032
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;.INNS
For example, also a `dig a.root-servers.net` fails with SERVFAIL, but in
Wireshark I can see the packet with the correct response that arrives at my
network interface.
2013/1/17 Daniele
> Output for `dig NS .`
> ; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 NS .
> ; (1 server found)
> ;; global options:
Hi all,
I googled all the morning without success :( I'm using Bind 9.9.1 and i'm a
newbie of Bind. This is my goal:
- I want to define in my dns server a zone "external_partner.com", which is the
domain of our partner who manages it with his dns public server
"dns.external_partner.com".
-
Alberto wrote on 01/17/2013 10:09:00 AM:
> - I want to define in my dns server a zone "external_partner.com",
> which is the domain of our partner who manages it with his dns
> public server "dns.external_partner.com".
> - I need to define into this zone a couple of servers
> ("vpn_host_1.extern
Brian Kroth wrote:
>
> For instance, suppose I did the following:
>
> - gen new algorithm keys and sign with them
> - wait for some period then publish the new DS (old DS remains)
> - revoke the old algorithm KSK (leave the ZSK alone), which changes its DS
> fingerprint, so publish a new DS
It
If you load the zone your server will believe it knows everything about the
zone and not forward anything below it.
If you load foo.com with two records, nothing but those two records will
ever resolve on that server for foo.com.
One way to make it work would be to load two zones. Vpn1.foo.com an
On 17/01/13 15:16, wbr...@e1b.org wrote:
> Alberto wrote on 01/17/2013 10:09:00 AM:
>> - I want to define in my dns server a zone "external_partner.com",
>> which is the domain of our partner who manages it with his dns
>> public server "dns.external_partner.com".
>> - I need to define into this
Thank you for all your replies!
I'll try to implement your suggestions using a subdomain.
Best regards.
Alberto Zanon
- Messaggio originale -
Da: "Ben Croswell"
A: "Alberto Zanon"
Cc: bind-users@lists.isc.org
Inviato: Giovedì, 17 gennaio 2013 16:21:36
Oggetto: Re: Define an
BIND 9 by default has logging using syslog, using its daemon facility,
and logging of info or higher.
Is using syslog a sane default for new installations or when using
official vendor packages with their startup scripts?
Do any packagers provide a configuration with different-than-default
log
> Is using syslog a sane default for new installations or when using
> official vendor packages with their startup scripts?
I for one would not want to miss BIND9's logging to auto-rotated files:
file "/var/named/log/named.log" versions 10 size 5m;
Other than that, I'd say logging via
On 1/17/13 10:48 AM, Jan-Piet Mens wrote:
>> By the way, all of the BIND10 logging
>> messages are unique and we provide a paragraph or more documentation for
>> each of its 933 possible log identifiers!)
>
> I haven't checked whether you have that, but that screams for a CLI
> utility to show
-Original Message-
From: Alan Batie
Date: Thursday, January 17, 2013 1:52 PM
To: "bind-users@lists.isc.org"
Subject: Re: what do you use for logging?
>On 1/17/13 10:48 AM, Jan-Piet Mens wrote:
>
>>> By the way, all of the BIND10 logging
>>> messages are unique and we provide a paragraph
What are the answers to the following queries starting with the
very basic plain DNS query
dig ns . +norec +noedns @198.41.0.4
Now add in EDNS support
dig ns . +norec +edns @198.41.0.4
Now add in DNSEC support
dig ns . +norec +dnssec @198.41.0.4
Please post the respon
> Could "CLI utility" be man(1) and info(1)? :-)
It could, yes, but `b10-msg NNN` isn't going to break BIND 10's
development budget (I hope), and I feel it to be more practical than
scrolling through a man page with 900+ error-messages in it. ;)
But even a simple text file installed on the serve
19 matches
Mail list logo
