Hello all,
We have a sort of private DNS such that servers can lookup zones that don’t
actually exist in the real, public DNS, they just exist within our private
NOCs. In addition, we have always had both Windows AD handling the Windows
side of things and we have had BIND handling Linux.
When
I have ours setup with AD as a stub, and then point all our clients to our
bind servers as resolvers. Works well.
On Tue, Apr 8, 2014 at 5:08 AM, Bryan Harris wrote:
> Hello all,
>
> We have a sort of private DNS such that servers can lookup zones that
> don't actually exist in the real, publi
Hello All,
we've stumbled upon a particularity with Bind 9.8 and 9.9 versions, and are
wondering if anyone else already bumped into this.
When using more than 1 active ZSK, in a bind auto-maintain scenario, BIND tends
to lose control when renewing RRSIG’s.
You experience this as sudden bursts in
On 2014-04-08 06:08, Bryan Harris wrote:
Hello all,
We have a sort of private DNS such that servers can lookup zones that
don’t actually exist in the real, public DNS, they just exist within
our private NOCs. In addition, we have always had both Windows AD
handling the Windows side of things an
On Tue, Apr 8, 2014 at 6:15 AM, Joseph S D Yao wrote:
>
> The MSW workstations and servers do only look up from the MSW AD servers,
> for some MSW reason that nobody can explain except "MS says they have to".
> The MSW AD servers forward all DNS queries that they cannot resolve to the
> Linux/BI
In article ,
Joseph S D Yao wrote:
> On 2014-04-08 06:08, Bryan Harris wrote:
> > ...
> > The current mechanism is to put the Windows AD server into the
> > resolv.conf BEFORE the BIND servers, since, as has been explained to
> > me a Linux server will perform a query against all three
> > simul
Regardless of what you've been told, the resolvers ("nameserver"s) in
/etc/resolv.conf are tried *in*sequence*, and if a valid response (where
NXDOMAIN _is_ a valid response) is received from one resolver, none of
the others are tried. So, I'm surprised that your
mix-and-match-resolvers hack ac
On Mon, 7 Apr 2014 18:08:57 –0400, Kevin Darcy
mailto:k...@chrysler.com>> wrote:
I'm assuming you have forwarding set up. Make sure to set "forwarders { };" in
the aelabad.net zone definition. Failure to do so means that your recursive
queries for names in subzones forward out towards the Inte
I'm interested in a special use-case, where (say, in an emergency),
access to most of the Internet (and hence the root servers) is cut off.
In this situation, there is an emergency connected network consisting of
several domains, each with known nameserver IP addresses. The hosts in
domain a
9 matches
Mail list logo
