In message , Michael
McConnell writes:
>
> The $client$ parameter appears to work for zone transfers, as per this =
> example https://github.com/opennetadmin/ona/wiki/bind-dlz
> However if I use $client$ on any other queries bind segfaults.
>
> Strace doesn't seem to show anything useful...
>
On 04/01/2013 11:46 AM, Kevin Darcy wrote:
On 3/29/2013 12:09 AM, Doug Barton wrote:
On 03/28/2013 12:28 PM, Ben-Eliezer, Tal (ITS) wrote:
My organization is evaluating the use of split-view DNS in our
environment.
Simple ... don't do it. It's almost never the right answer, and as
you're lear
Hi,
in case of classless IN-ADDR.ARPA
delegations(http://www.ietf.org/rfc/rfc2317.txt) I have usually seen
at least one NS record pointing to name server other than the
end-customer ones. Example from rfc2317.txt where there are two NS
records and the second one is not the end-customer name server
On 04/01/2013 07:36 PM, Carlos M. Martinez wrote:
Reframing the question in more general terms... Which events trigger a
zone re-sign and reload when using "auto-dnssec maintain" ?
As someone else has already said, zone updates, signature expiration and
key events.
In particular, it's normal
Can anyone explain this to me?
If a name exists in the response policy, and also exists in the real Internet
namespace, the value from the policy is returned. But if it doesn't exist out
on the Internet, then the value is not returned -- an NXDOMAIN (or SERVFAIL, or
whatever) is returned instea
- Original Message -
> > From: "Lawrence K. Chen, P.Eng."
>
> > ... So, being able to filter out these 'bad' things when responding
> > queries against that data might be a good thing.
>
> RPZ might be used for such things. However, by design RPZ rewrites
> entire responses. It is tr
On 02.04.2013 01:13, Michael McConnell wrote:
Unfortunatelly, $client$ is only supported in allowzonexfr() method (see
e.g. http://bind-dlz.sourceforge.net/mysql_driver.html for some info about
SDLZ methods). It would be nice to have it in others, too, but BIND does not
pass it via current API
On Tue, 2013-04-02 at 14:16 -0700, Chris Buxton wrote:
> Can anyone explain this to me?
>
> If a name exists in the response policy, and also exists in the real Internet
> namespace, the value from the policy is returned. But if it doesn't exist out
> on the Internet, then the value is not retu
In message <515a92a5.3020...@imperial.ac.uk>, Phil Mayers writes:
> On 04/01/2013 07:36 PM, Carlos M. Martinez wrote:
> > Reframing the question in more general terms... Which events trigger a
> > zone re-sign and reload when using "auto-dnssec maintain" ?
>
> As someone else has already said, zo
> From: "Lawrence K. Chen, P.Eng."
> First thing that got my attention was that "The rules encoded in a
> response policy zone (RPZ) are applied only to responses to queries
> that ask for recursion". But, these are authoritative only nameservers
> So, would RPZ work in this case?
This is s
If a zone is being made available to the public (which these are)
then steps should be taken to ensure it is resolvable all the time.
This means having multiple servers that are not subject to common
failures. This is basic DNS.
In message
, Martin T
writes:
> Hi,
>
> in case of classless IN-
Thanks certainly blows up the possibility of doing native GeoDNS at the moment…
Any chance I am overlooking a method which I could effectively get the clients
address into a MySQL query with the current 9.9.2 release?
Thanks again,
Michael
--
Michael McConnell
WINK Streaming;
email: mich...@wi
> From: Chris Buxton
> If a name exists in the response policy, and also exists in the real
> Internet namespace, the value from the policy is returned. But if it
> doesn't exist out on the Internet, then the value is not returned --
> an NXDOMAIN (or SERVFAIL, or whatever) is returned instead.
>
On Apr 3, 2013, at 4:13 PM, Vernon Schryver wrote:
>> From: Chris Buxton
>
>> If a name exists in the response policy, and also exists in the real
>> Internet namespace, the value from the policy is returned. But if it
>> doesn't exist out on the Internet, then the value is not returned --
>> an
On 4/2/2013 2:00 AM, Doug Barton wrote:
On 04/01/2013 11:46 AM, Kevin Darcy wrote:
On 3/29/2013 12:09 AM, Doug Barton wrote:
On 03/28/2013 12:28 PM, Ben-Eliezer, Tal (ITS) wrote:
My organization is evaluating the use of split-view DNS in our
environment.
Simple ... don't do it. It's almost n
> Thanks certainly blows up the possibility of doing native GeoDNS at the
> moment? Any chance I am overlooking a method which I could effectively
> get the clients address into a MySQL query with the current 9.9.2
> release?
It's not quite the same as %client%, but I suggest you take a look at
co
On 04/02/2013 12:47 AM, Martin T wrote:
Is NS record pointing to "some other name server" needed in case of
classless IN-ADDR.ARPA delegations? What happens if one does not
specify this?
It's very common for the parent name server(s) to slave the 2317 zone so
that it can answer directly. It's
On 04/03/2013 05:30 PM, Kevin Darcy wrote:
It's still not clear to me what you think is the "right" way to do it.
I'm not saying that there is only one right way. I'm saying you first
have to answer the question, "What might we want to achieve by having
different answers internally vs. extern
e $client$ parameter appears to work for zone transfers, as
> per this
> >> example https://github.com/opennetadmin/ona/wiki/bind-dlz
> >> However if I use $client$ on any other queries bind segfaults.
> >>
> >> Strace doesn't seem to show anything use
e $client$ parameter appears to work for zone transfers, as
> per this
> >> example https://github.com/opennetadmin/ona/wiki/bind-dlz
> >> However if I use $client$ on any other queries bind segfaults.
> >>
> >> Strace doesn't seem to show anything use
20 matches
Mail list logo
