Hi Sami.
If you can, I would set up a new BIND (test) server running the current
code - 9.18.27 - next to your current production system and compare how
they behave: current code uses NS queries for qmin rather than _... A
queries. There may still be failures, but this would allow you to pinpoint
b
We have just upgraded the "bind-esv" repository from BIND 9.16.50 to
BIND 9.18.27, i.e. the same version as in the "bind" repository.
We will try to keep everyone informed about further major version
upgrades in our package repositories in the coming months.
--
Best regards,
Michał Kępień
--
Vi
Running Bind 9.18.18 on Ubuntu 22.04
We would like to use root servers within our organization rather than the
actual root servers.
I updated the hints file with the names and IPs of our servers, but we seem to
still access the official root servers.
Wondering how I ignore the internal/build-in
Hi Brian.
Yes, you can define your own hint zone and tell BIND to use it. The
contents (I called the file "db.root" but the name is your choice) could be
as simple as:
@ 300 IN A 127.0.0.3
@ 300 IN NS @
which says for this zone (which will be called ".", coming next) the NS is
the same name and i
Hi Brian R,
I built a lab to investigate DNS cache poisoning with custom root servers,
no DNSSEC. What you're trying to do is possible in production I'm just not
sure it's recommended.
You will need to update your root.hints (or whatever file name you're using
for the root hint zone) file to poin
Greg, David,
Thanks, much easier than what I thought it would be.
I have two "root" servers so I went with this format, allowing a round robin
selection.
Essentially this, sorry trying to be vague on the IPs.
@ 518400 IN A xx.yy.zz..7
@ 518400 IN A xx.yy.zz..8
. 518400IN NS @
Server
Hi Brian.
Ni problem. The server may tell the client (dig; please not nslookup)
information about where the answer came from, if 'minimal-responses' is set
to "no". Usually clients don't need to know that, so please take a look at
how m-r works:
https://bind9.readthedocs.io/en/latest/reference.html
> I have configured qname to disabled for now. Once the issue is resolved,
> I will set it to relaxed. I have provided a download link for the log
> files and a dig +trace test for more details on this issue, which I do
> not think is related to BIND or its configuration.
Sami,
Discussions of non
8 matches
Mail list logo
