resolver: DNS format error from

Hi, I have a bind-9.18.7 system on fedora37 and having some strange errors with some queries. $ host info.apr.gov.rs Host info.apr.gov.rs not found: 2(SERVFAIL) in my bind logs I have the following: 16-May-2023 10:37:49.800 resolver: DNS format error from 195.178.56.17#53 resolving ns1.apr.gov.rs

Blocked by spamassassin?

how I should proceed? Thanks, Alex -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind

Understanding query failed errors

at aren't registered. Could this be a bind tuning problem? Neither server where I ran these tests are having resource issues that I know of. Any ideas on how to troubleshoot these to confirm it's not a problem with my own server would be greatly appreciated. Thanks, Alex -- Visit http

Re: Understanding query failed errors

ion errors? How can I determine this, or better identify the reason for the timeouts? Thanks, Alex -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.

resolver: DNS format errors

Hi, I have a fedora38 server with bind-9.18.17 and receiving the following log entries for virtually every query (where "mykey" is my registered spamhaus DQS key): 07-Sep-2023 14:30:13.608 lame-servers: FORMERR resolving ' mykey.hbl.dq.spamhaus.net/NS/IN': 66.42.94.100#53 07-Sep-2023 14:30:13.625

Re: resolver: DNS format errors

... then a strange line like this: 18-Sep-2023 12:13:31.606 lame-servers: success resolving 'um27qfow2knpuwx56o4otvovib2zbomydtlkuo4sktbo34cmjqvq._ file.mykey.hbl.dq.spamhaus.net/A' after disabling qname minimization due to 'failure' btw, their support really sucks. Than

Re: resolver: DNS format errors

Hi, > > Really I don’t want to be writing code to just deal with SpamHaus’s > mis-implementation. They should fix their broken servers. > I have to add that their support absolutely sucks. They have no interest in supporting their customers on any issue, including this one. -- Visit https://lis

bind dies with assertion failure

is bind-9.8.2-0.2.rc1.fc16.x86_64. Is this a known issue? Is this indeed a bug or perhaps something otherwise wrong with the server? How can I troubleshoot this further? Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users

lame-servers and network unreachable errors

ity_file; }; }; zone "." IN { type hint; file "named.ca"; }; zone "sbl.example.com" { type slave; file "slaves/db.sbl.example.com"; masters { 64.XXX.YYY.5; }; allow-transfer { none; }; allow-query { trusted;

Re: lame-servers and network unreachable errors

         server fdxx::::/48 { bogus no; }; > Thank you all. This is perfect. Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Interpreting bind logging queries

logs? Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

statistics-file and file rotation

Hi, I have a bind-9.7.4 server running on fc15. I use the 'size' parameter with the query log file to automatically rotate them. How can I do this with the statistics-file file? It doesn't seem to be documented? Thanks, Alex ___ Ple

Checking proper SPF record

p and smtp1 servers are the only two servers that should be responsible for this domain. Any ideas greatly appreciated. Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: Checking proper SPF record

ns IN TXT "v=spf1 a -all" ns1 IN TXT "v=spf1 a -all" ns2 IN TXT "v=spf1 a -all" smtpIN TXT "v=spf1 a -all" smtp1 IN TXT "v=spf1 a -all" Tha

Slow check for named-checkconf

echo DNS config checking - ERROR cat /dev/shm/named-checkconf.out | grep -v " loaded serial " fi -- Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users

Re: How to debug BIND

al options: +cmd > > you clearly did not use +trace here. > -- Kanogin Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: problem with 9.9.6 and file descriptor limits

many different views, and 15x virtual IPs, so I know > it is a complex configuration. My previous version was bind 9.8.6-P1 > which ran just fine. I have read much information, but can’t seem to > put my finger on the solution. I strongly suspect some type of O/S > limit issue, not

Multiple queries for same host

HI, I have a fedora22 system with bind-9.10.2 that is configured to be authoritative for its domain and also provides recursive query services for a number of trusted hosts. I'm seeing a situation where multiple queries for the same host are occurring in the logs, and I don't understand why. In t

Re: Multiple queries for same host

aus.net=127.0.0.[4..7]*6 bl.mailspike.net*4 bl.spamcop.net*4 bl.spameatingmonkey.net*4 mykey.zen.dq.spamhaus.net=127.0.0.3*4 list.dnswl.org=127.[0..255].[0..255].0*-2 list.dnswl.org=127.[0..255].[0..255].1*-3 list.dnswl.org=12

retry limit exceeded / possible network problem?

ry config { b_debug; }; category security { security_file; }; category lame-servers { null; }; }; zone "." IN { type hint; file "/var/named/named.ca"; }; zone "sbl.example.com" { type slave; file "slaves/db.sbl.example.com";

rDNS for RFC1918 network fails

Internet and the top-level name servers. # dig +trace any 150.1.168.192.in-addr.arpa. Thanks, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid su

Re: rDNS for RFC1918 network fails

Hi, On Sun, Jan 24, 2021 at 4:44 PM Mark Andrews wrote: > > Use the correct zone name. > > 1.168.192.IN-ADDR.ARPA > > You have the full /24 so you don’t need to use RFC2317 techniques. Thanks so much. That worked great. ___ Please visit https://lists.i

logging query errors and timeouts

;s concerning enough that I'd like to determine the cause. Is it possible to log the name server that was used when the timeout occurred, that the domain owner could then use to correlate these entries with a specific nameserver for their domain? Thanks, Alex -- Visit https://lists.isc.org/ma

lame-servers: SERVFAIL unexpected RCODE resolving

ted in zero other similar questions when searching for this error. Any ideas greatly appreciated. Thanks, Alex -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://w

Re: lame-servers: SERVFAIL unexpected RCODE resolving

On Sat, Nov 26, 2022 at 11:05 PM Anders Löwinger wrote: > 26-Nov-2022 09:19:13.969 lame-servers: SERVFAIL unexpected RCODE resolving > 'lists.opensuse.org/NS/IN': 195.135.221.195#53 > > Lots of errors in the zone: > > https://zonemaster.net/result/ff3dacdfc1e41199 > That's very helpful informati

Description of log file contents

Does it have to do with whether it was found in the cache? Thanks, Alex ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: Description of log file contents

Hi, > It is in the ARM. > > http://ftp.isc.org/isc/bind9/cur/9.8/doc/arm/Bv9ARM.ch06.html#id2575842 Thanks everyone for the information. Sure appreciate it. Alex ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.or

Reverse DNS on a /27 delegation and zone files

ad data (check-names)" (from memory) when using the hypen, and learned the hard way I had to switch to the slash. Where is this change documented? Does anyone know if this format is documented well in O'Reilly's DNS&BIND v5? Do you know up to what specific version it

Re: Reverse DNS on a /27 delegation and zone files

ames)" (from memory) Was there a change between 9.4.2 and the current that provided the ability to use the hypens versus the slash as a subnet separator? Does anyone know if this format is documented well in O'Reilly's DNS&BIND v5? Do you know up to what specific version

Query times and recursive-clients

to determine if an upper-bound may be being hit? Thanks, Alex ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: Query times and recursive-clients

scertained from this info? Is there further debugging info I should enable? Thanks again for your help. Best, Alex ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Implementing the bogon list

e IPs, or is it all implemented by listing them in the ACL in named.conf? Once I've implemented it in bind, could it then be used somehow at smtp connect time to reject spoofed connections? How exactly do you use it? Thanks, Alex ___ bind-users mai

Re: Implementing the bogon list

cuments/bogon-bn-agg.txt Ah,. I was expecting it to be a lot more involved than that, I guess. > options { >        blackhole { >                # echo |perl -nle 'print "\t\t$_;";' >                0.0.0.0/8; >                5.0.0.0/8; [...] Perfect, thank

Re: Implementing the bogon list

xt for things like, say, dnssec and key generation? >> You can add the unassigned space to those fairly easily, but make sure >> that you update it as space is assigned. > > Yes, this is worth saying again, and I agree with it (again). :) Yes, that's why the zone transfer id

Re: Implementing the bogon list

d that the primary use is to prohibit internal networks from leaving the organization and some rogue external bogus network from entering as it relates to routing and networking in general, but I also thought it somehow related to SMTP, and that's what I'd like to make sure. Thanks so mu

forward only recursive server doesn't forward

.1#41809 (abc.com.scann.example.com): query: abc.com.scann.example.com IN A + (127.0.0.1) I set up the reverse zone a long time ago, and I don't think the "zone 96/28.104.104.66.in-addr.arpa" is completely correct, but it appears to work. I'm not sure if that's related to t

Re: forward only recursive server doesn't forward

Hi Mark, On Wed, Oct 19, 2016 at 9:48 PM, Mark Andrews wrote: > > In message > , Alex > writes: >> Hi, >> >> I have a bind-9.10.3 server on fedora22 that is authoritative for a >> few domains and their corresponding IP ranges. I'd like to set up >&g

Re: forward only recursive server doesn't forward

Hi, >> >> I have a bind-9.10.3 server on fedora22 that is authoritative for a >> >> few domains and their corresponding IP ranges. I'd like to set up >> >> another domain server (rbldnsd) on a host in one of those domains as a >> >> forward-only server. >> >> >> >> The problem appears to be that t

Re: forward only recursive server doesn't forward

somehow not being completely correct is the result from a host command: # host 66.104.104.100 100.104.104.66.in-addr.arpa is an alias for 100.96/28.104.104.66.in-addr.arpa. 100.96/28.104.104.66.in-addr.arpa domain name pointer email.example.com. It just doesn't look right. Thanks, Alex _

Timeout and SERVFAIL

Hi, I have a few fedora25 systems with bind-9.11 set up for a few domains. One system is master with the other two configured as slaves. The master and one of the slaves are on one network while the other slave is on a totally different network. Last week the network with the master and one of th

Stopping name server abuse

Hi, We had a former customer who parked about 300 domains with his registry on our server but is no longer a customer and hasn't moved his domains. There aren't any hosts behind the domains. Is there anything more I can do to block/prevent them from continually querying my system outside of just r

SERVFAIL and peak utilization

Hi, I have a bind-9.11.4 server on a fedora28 system and are frequently seeing SERVFAIL errors like this: 26-Jul-2018 12:54:04.255 query-errors: info: client @0x7f764314a5c0 127.0.0.1#50719 (223.178.102.199.cidr.bl.mcafee.com): query failed (SERVFAIL) for 223.178.102.199.cidr.bl.mcafee.com/IN/A a

Re: SERVFAIL and peak utilization

Hi, On Thu, Jul 26, 2018 at 1:57 PM, John Miller wrote: > Hi Alex, > > What does your query volume look like on this server? Depending on > volume, the BIND defaults for: > > - clients-per-query > - max-clients-per-query > - recursive-clients > - tcp-clients > &g

Re: SERVFAIL and peak utilization

ed 218 UDP/IPv4 recv errors 7 UDP/IPv4 sockets active 3 TCP/IPv4 sockets active 1 Raw sockets active ++ Per Zone Query Statistics ++ --- Statistics Dump --- (1532634389) On Thu, Jul 26, 2018 at 2:51 PM, Alex wrote: > Hi, > >

Re: SERVFAIL and peak utilization

: timed out/success [domain:dnsbl-3.uceprotect.net,referral:2,restart:1,qrysent:2,timeout:1,lame:0,quota:0,neterr:0,badresp:0,adberr:0,findfail:0,valfail:0] There appears to be a few timeout errors. Is this an indication there is a performance problem with the cable modem or connection? Thanks, Alex

Re: SERVFAIL and peak utilization

Hi, I'm still having a problem and haven't received any replies. Is there anyone with any ideas on how to troubleshoot this? What other information can I provide to help troubleshoot this? On Thu, Jul 26, 2018 at 5:49 PM, Alex wrote: > Hi, here is some further debugging on what

Frequent timeout

de to troubleshoot this? Is it possible that even though the link otherwise seems to be operating okay that there could still be some problem that would affect DNS traffic? I've also clear all firewall rules, and it's not even all queries which fail

Re: Frequent timeout

Cablevision/Optonline has told me there are no problems, but their tests aren't very thorough - if ping works and doesn't drop packets at that particular time, the link must be fine. Thanks, Alex > >

Re: Frequent timeout

On Sat, Sep 1, 2018 at 11:25 PM Carl Byington wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On Fri, 2018-08-31 at 17:18 -0400, Alex wrote: > > ../../../lib/dns/resolver.c:3927 for support.coxbusiness.com/A in > > After 4 seconds, I get SERVFAIL on tha

Re: Frequent timeout

Hi, It was reported there was a permissions problem with my Google Drive link to the pcap file only allowing access to Google users. This should now be public: https://drive.google.com/file/d/1Ui893Lg61psZCR8I_9SJtNqs-Sil_br5/view?usp=sharing Thanks, Alex On Sat, Sep 1, 2018 at 11:45 PM Alex

Re: Frequent timeout

Hi, > > When trying to resolve any of these manually, it just returns > > NXDOMAIN. > > What does >dig -4 71.161.85.209.hostkarma.junkemailfilter.com +trace +nodnssec > show, and it is consistently NXDOMAIN? That ends here with: > > 71.161.85.209.hostkarma.junkemailfilter.com. 2100 IN A 127.0.

Re: Frequent timeout

Hi, On Mon, Sep 3, 2018 at 12:45 PM Carl Byington wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On Sun, 2018-09-02 at 21:54 -0400, Alex wrote: > > Do you have any other ideas on how I can isolate this problem? > > Run tcpdump on the external ether

Re: Frequent timeout

On Thu, Sep 6, 2018 at 3:05 PM John W. Blue wrote: > > Alex, > > Have you uploaded this pcap with the SERVFAIL's? I didn't have time to look > at your first upload but can review this one. Thanks very much. I've uploaded the pcap file here. It's about ~100

Re: Frequent timeout

0 device interrupt 16 memory 0xdf20-df22 Thanks, Alex > > John > > -Original Message- > From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Alex > Sent: Thursday, September 06, 2018 2:54 PM > To: bind-users@lists.isc.org > Sub

Re: Frequent timeout

Hi, > >> tcpdump -s0 -n -i eth0 port domain -w /tmp/domaincapture.pcap > >> > >> You don't need all of the extra stuff because -s0 captures the full packet. > > On 06.09.18 18:42, Alex wrote: > >This is the command I ran to produce the pcap file I s

Re: Frequent timeout

7 for ac949d5d947f8f5cad13e98c68bac6f284c367fd.ebl.msbl.org/A in 30.84: timed out/success [domain:ebl.msbl.org,referral:0,restart:6,qrysent:11,timeout:10,lame:0,quota:0,neterr:0,badresp:0,adberr:0,findfail:0,valfail:0] Thanks, Alex On Mon, Sep 10, 2018 at 12:11 PM Alex wrote: > > Hi, >

Re: Frequent timeout

Hi, On Tue, Sep 11, 2018 at 2:47 PM John W. Blue wrote: > > If you use wireshark to slice n dice the pcap .. "dns.flags.rcode == 2" shows > all of your SERVFAIL happens on localhost. > > If you switch to "dns.qry.name == storage.pardot.com" every single query is > localhost. > > Unless you have

BIND and UDP tuning

Hi, I reported a few weeks ago that I was experiencing a really high number of "SERVFAIL" messages in my bind-9.11.4-P1 system running on fedora28, and I haven't yet found a solution. This is all now running on a 165/35 cable system. I found a program named dropwatch which is showing a significan

Re: BIND and UDP tuning

l like it's really impacting our ability to query RBLs for processing mail. > Whilst mentioned in passing on that thread, there was also poking around with > TOE, pause, coalesce adaptive and ring size settings (look at ethtool -K, > ethtool -A, ethtool -C and ethtool -G), but sadly

Re: BIND and UDP tuning

Hi, > On Thu, Sep 27, 2018 at 10:53:25AM -0400, Alex wrote: > > Many of these values I've already tweaked and have had no effect on my > > SERVFAIL issues :-( > > If you are getting SERVFAILs from a BIND resolver you administer, then > it has responded to your query.

Re: BIND and UDP tuning

een assured by both the cable tech that was here and the dimwits on the other end that it's operating normally. I really wish it were that easy. Thanks, Alex > > -- > > 73, > Ged. > ___ > Please visit https://lists.isc.org/

Re: BIND and UDP tuning

n the packets for processing. No, I actually upgraded from a 65/20mbit to a 165/35mbit recently, thinking it was too slow because it was happening at the slower speeds as well. I've also implemented some basic QoS to throttle outgoing smtp and prioritize DNS but it

Re: BIND and UDP tuning

Hi, > Hi Alex, > > Have you tried on a separate physical server? To rule out the actual hardware > as being the problem? > > Is this some user grade PC with either onboard or external ethernet > interface, or a proper server grade equipment? Age of equipment? What else &

Re: BIND and UDP tuning

Hi, On Fri, Sep 28, 2018 at 12:18 AM Lee wrote: > > On 9/27/18, Alex wrote: > > Hi, > > > >> Just a wild thought: > >> It works with a lower speed line (at least I read it that way) but has > >> problems with higher speeds. > >> Could it be

Re: BIND and UDP tuning

g[3290]: warning: dnsblog_query: lookup error for DNS query 123.139.28.66.dnsbl.sorbs.net: Host or domain name not found. Name service error for name=123.139.28.66.dnsbl.sorbs.net type=A: Host not found, try again I'd really be interested in people's input here. Thanks, Alex ___

Re: BIND and UDP tuning

Hi, > > Sep 29 14:33:54 mail03 postfix/dnsblog[3290]: warning: > > dnsblog_query: lookup error for DNS query > > 123.139.28.66.dnsbl.sorbs.net: Host or domain name not found. Name > > service error for name=123.139.28.66.dnsbl.sorbs.net type=A: Host > > not found, try again > > > > I'd really be i

Re: BIND and UDP tuning

Hi, On Sun, Sep 30, 2018 at 1:19 PM @lbutlr wrote: > > On 30 Sep 2018, at 09:59, Alex wrote: > > It also tends to happen in bulk - there may be 25 SERVFAILs within the > > same second, then nothing for another few minutes. > > That really makes it seem like either

Re: BIND and UDP tuning

Hi, > > It also tends to happen in bulk - there may be 25 SERVFAILs within > > the same second, then nothing for another few minutes. > > Hmmm. If it isn't the modem and it isn't the BLs then it more or less > has to be the service, no? Yes, most likely, but I was looking for more definitive pro

Re: BIND and UDP tuning

Hi, On Mon, Oct 1, 2018 at 9:58 AM Blake Hudson wrote: > > Alex wrote on 9/30/2018 7:27 PM: > > Hi, > > > > On Sun, Sep 30, 2018 at 1:19 PM @lbutlr wrote: > >> On 30 Sep 2018, at 09:59, Alex wrote: > >>> It also tends to happen in bulk - there may

DNS traffic tracking

additional note on this, I had in the past the same issue with the proxy traffic that this same gateway was generating and found a solution by using TPROXY feature of the squid proxy, which exposes the real internal client IP address at the WAN traffic which can later be NATed. Thanx for any ideas, Alex

Re: DNS traffic tracking

Hi Petr, On Mon, May 9, 2022 at 10:26 AM Petr Špaček wrote: > On 06. 05. 22 17:02, Alex K wrote: > > Hi all, > > > > I have the following problem: I run a caching dns server using bind9 > > v9.10.3 in a gateway device which it serves several internal LAN IP > >

Re: DNS traffic tracking

On Mon, May 9, 2022 at 11:48 AM Petr Špaček wrote: > On 09. 05. 22 10:34, Alex K wrote: > > Hi Petr, > > > > On Mon, May 9, 2022 at 10:26 AM Petr Špaček > <mailto:pspa...@isc.org>> wrote: > > > > On 06. 05. 22 17:02, Alex K wrote: > &

Re: DNS traffic tracking

Hi Greg, On Mon, May 9, 2022 at 11:17 AM Greg Choules < gregchoules+bindus...@googlemail.com> wrote: > Hi Alex. > Your use case may be very different to the one I faced in my previous job. > But there we did not and could not charge for DNS. It was seen as a > necessary but f

Re: DNS traffic tracking

On Mon, May 9, 2022 at 1:51 PM Matus UHLAR - fantomas wrote: > >On 09. 05. 22 10:34, Alex K wrote: > >>The initial and current approach is to provide DNS free of charge, > >>which simplified things for me. Though the traffic in question is > >>satellite traffic w

Re: DNS traffic tracking

On Mon, May 9, 2022 at 2:46 PM Bjørn Mork wrote: > Alex K writes: > > On Mon, May 9, 2022 at 1:51 PM Matus UHLAR - fantomas > > > wrote: > > > >> maybe someone uses VPN over DNS... > >> in such case, rate limiting of client comes to mind... > >&g

Re: DNS traffic tracking

On Mon, May 9, 2022 at 7:27 PM Fred Morris wrote: > On Mon, 9 May 2022, Alex K wrote: > > [...] > > The problem now is that I see sometime 700MB of DNS traffic for 2GB of > > Internet browsing within one month. > > That's an eyebrow raiser. Tunneling, antivirus

non-24 bit subnets

ut I assume there has to be a way. If anyone can even point me at some documentation, I'd appreciate it -- I've been looking for a few days, and everything I've found assumes a /24 subnet. Thanks, Alex McKenzie a...@chem.umass.edu -BEGIN PGP SIGNATURE- Version: GnuPG v1.

Re: non-24 bit subnets

settings changed. If there's a way to change all the settings by host in a single file, that would at least make that easier. For larger subnets we can use multiple zones, but I'd hoped to avoid it if possible. It sounds from this like there isn't a way, though. Thanks, Al

Re: non-24 bit subnets

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Miller wrote: > On 10/6/2010 3:21 PM, Jay Ford wrote: >> On Wed, 6 Oct 2010, Alex McKenzie wrote: >>> Unfortunately, we do have need -- or at least a use -- to have smaller >>> subnets in multiple files, but without

Re: non-24 bit subnets

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jay Ford wrote: > On Wed, 6 Oct 2010, Alex McKenzie wrote: >> Out of curiosity: what if it's a /16 or /8 network? Do those also get >> built as 24 bit files, or can they be built differently? I seem to >> recall seei

Patching bind for additional stats - any tips?

ng functionality should be a good way to extend what statistics we're getting, although I'm not sure on that count either. Any thoughts? Thanks, everyone -Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe

Re: Experience with DDNS (RFC 2136)

b.c.d--dot1x.hull.ac.uk. MAC auth for devices such as printers use DDNS to put device in printers.hull.ac.uk. Non network auth buildings use our old SQL database system with dns and dhcp config file builds /reloads etc Rgds Alex On 6 Oct 2011, at 10:16, Phil Mayers wrote: > On 10/06/2011 09:44 AM,

Using bind to provide a dns redirector

"." overrides the above and everything resolves back to my 47.203 address. So, any thoughts as to how I might persuade bind to correctly resolve hostnames in a list of specified domains? TIA Alex smime.p7s Description: S/MIME cryptographic signature ___

DDNS issues

to current releases during tomorrow's maintenance period, but before doing that I would like to know if it will help... TIA, and if anything else is needed, please let me know My configs are available if needed, don't wanna cr

Re: DDNS issues

erver, successfully. This fixes the DNS problem for this client. So, I can do it manually, but why can't the DHCP server request the same thing to be done automagically? Where is the provision for this type of process? Thanks... Alex On Mar 22, 2010, at 1:43 PM, Alex Moen wrote: First of al

Re: DDNS issues ANSWERED

On Mar 23, 2010, at 12:05 PM, David W. Hankins wrote: On Mon, Mar 22, 2010 at 02:33:01PM -0500, Alex Moen wrote: So, I can do it manually, but why can't the DHCP server request the same thing to be done automagically? Where is the provision for this type of process? What yo

bind-9.9.5 exits (due to assertion failure)

:32:28 ns1 named[1057]: exiting (due to assertion failure) Is there any known bug triggering this behaviour ? Thanks in advance. Regards, Alex ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-us

RPZ and DNS traffic on the server

ectly received "domain does not exist". Is this expected behaviour? Is there any way to make the server avoid proceeding with the resolution, when the initial client requests is blocked? Thanx, Alex ___ Please visit https://lists.isc.org/mailman/list

Re: RPZ and DNS traffic on the server

Hi Daniel, Thank you very much! It was exactly what I was looking for. On Tue, Feb 12, 2019 at 4:03 PM Daniel Stirnimann < daniel.stirnim...@switch.ch> wrote: > > Hello Alex, > > > Is this expected behaviour? Is there any way to make the server avoid > > proceeding wi

Re: Recognizing remote IP in shared connections

> for policies purpuose, we need to know which remote site is resolving a Bind > 9.x public DNS Server. > The problem occurs when some carriers "share" the same IP address between > more customers and they surf behind a shared NAT. > > Is there a way? You could use DNS Cookies (https://tools.ie