Have you looked at mirror zones for root?
Zone type "mirror" = it's appropriate for "." but not for other zones.
(Oh - and don't forget to disable ixfr for this zone when you do that -
it's more efficient for the validation step)
Details in the BIND ARM.
Cathy
On 19/11/2023 21:10, Elmar K.
Hi Cathy :-)
cat...@isc.org (Cathy Almond) wrote:
> Have you looked at mirror zones for root?
No... post-1990, what do I know about them ;-)
I did read up in the docs; it does not mention access control, which I would
like to behave just like "hint" zones (only respond to requests coming from a
I'm by no means an expert in DNS or how it fully works so I can't be of
any more help about this problem then I already have. But it seems
Teamviewer have rebooted their DNS servers and now windows bind allows
the Teamviewer to load faster
--
Visit https://lists.isc.org/mailman/listinfo/bind-u
So more tests and the problem has come back but I think I know why
thinking internet sharing was the problem I found a way to disable it
because it bind shared access for port 53 on 0.0.0.0 so that the problem
I think now after testing with it on.
For any interested MS has made it really hard
On Mon, Nov 20, 2023 at 03:30:13PM +1300, Nick Tait via bind-users wrote:
! On 20/11/2023 1:00 pm, Peter wrote:
! > It's tricky. One problem is these are slave zones, they are
! > authoritative and do not work well with DNSSEC.
!
! I'm curious... What issues did you have with these zones and DNSSE
Now its not working fast again! I don't know now must be Teamviewer DNS
delaying replies causing windows bind to fail in some way.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Hi there.
Can you send some information, for those unfamiliar with what you're trying
to do?
- Full BIND config
- IP addresses of relevant things, like interfaces of the servers on which
you are running BIND and of Teamviewer.
- What does Teamviewer need from DNS? What kinds of queries is it making
I'm just using bind to do my DNS look ups with no forwarders thats all
Teamviewer app uses DNS to find its servers from what I can tell it can
take over 4000ms to get a answer.
The following seems to help in bind
resolver-retry-interval 5000;
I think if I can then find a setting in windows t
On starting Teamviewer it can say no connection when bind does the
lookup with this delay it cause bind to not reply LAN side sometimes
which causes the app to fail yet with a bind on Ubuntu there is no problem.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this
This might show the problem even more on two interfaces WAN side and LAN
you can see 192.168.53.19 ask for routerpool8 #60 then bind goes out #62
gets a answer # 75 and no reply back to 192.168.53.19
https://ufile.io/v8oob3jg
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubs
Have you checked the routeing table on this server?
Without any other evidence, this looks to me like packets are going places
you aren't expecting.
In the first screenshot the query goes to 213.227.191.1 and apparently a
response doesn't come back until 4s later. When I try it using dig I get an
This is the thing the setup works for many site fast just this
Teamviewer and their DNS servers are a problem and bind does reply to
192.168.53.19 all be it 26 seconds later! but Teamviewer trys over and
over then it connects yet the for the WAN side took under 4 seconds to
get the answer WAN s
and this from dig maybe a routing iusse why it take so long for me?
C:\Program Files\ISC BIND 9\bin>dig @213.227.191.1
router14.teamviewer.com +norecurs
; <<>> DiG 9.16.45 <<>> @213.227.191.1 router14.teamviewer.com +norecurs
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEAD
So here is a theory if a client asks a query and bind goes out for that
query and the reply is delayed but you get the answer then for what ever
reason the reply to the client from bind is delayed more! So the quicker
the answer the quicker the answer to the client.
Why? I have no idea?
--
Vi
14 matches
Mail list logo
