Re: dns master-slave transfer

于 2012-10-29 9:58, kavin 写道: Now，I want transfer the zone data from the master dns serverto slave dns server ,the master dns use bind-dlz+mysql and the slave dns server use bind+file. AFAIK, BIND DLZ doesn't send a notify message to slave, so both your master and slave should be able to use th

Re: BIND and DNSSEC

? 2012-10-31 23:05, Kobus Bensch ??: Can anybody point me in the direction of a good guide on setting up BIND split horizon DNS and DNSSEC? Take a look at: http://www.dnssec.lk/docs/DNSSEC_in_6_minutes.pdf ___ Please visit https://lists.isc.org/mailma

Re: Is there a way to count the number of queries?

于 2012-11-7 17:39, Tony Xue 写道: Would please someone tell me a way to count the queries that my DNS server received? I also want to count the number of queries from a specific IP address. BIND has a zone-statistics option which can be set to on. For the statistics by IP I think you may want to

is there a also-allow-transfer

Hello, I have the allow-transfer{} section in the global options{} block. But for a special zone, I want to include another IP to allow transfer besides the global IPs. Is there a also-allow-transfer option in BIND? If not how to control this? Thanks.

Re: is there a also-allow-transfer

于 2012-12-13 15:23, Mark Andrews 写道: > acl xxx { }; > > options { > allow-transfer { xxx; }; > }; > > zone "yyy" { > allow-transfer { xxx; extra; }; > } cool. thanks! ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to un

Re: is there a also-allow-transfer

8: expected IP address near 'NAMESVR' Please help. Thanks. 于 2012-12-13 15:23, Mark Andrews 写道: > In message <50c9818e.2060...@nsbeta.info>, Feng He writes: >> Hello, >> >> I have the allow-transfer{} section in the global options{} block. >> >&g

Re: is there a also-allow-transfer

Thanks. So how to handle the case described as below? We already have the also-notify{} section in the global options{} block. But for a special zone, just want to include another IP to also-notify besides the global IPs. 于 2012-12-13 17:00, Sten Carlsen 写道: > > On 13/12/12 9:46, F

Re: is there a also-allow-transfer

This would be easy by hand, but not by programming, since I have lots of zones for updates :) 于 2012-12-13 17:35, Sten Carlsen 写道: > also-notify { 74.81.81.82; 74.81.81.81; }; ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubsc

Re: is there a also-allow-transfer

于 2012-12-13 18:06, Sten Carlsen 写道: > Well, you can NOT use an ACL in any form of notify. > > This topic has been discussed a number of times, look in the archives. > that's right. thanks. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-

Re: Can we load balance trafgic for CNAME records?

于 2012-12-14 13:27, Manish Rane 写道: Like say i need to play with mail services and I have 2 ISPs.say ISP A and ISP B. MX 10 mail.example.com 20.20.20.20 (from isp A) Mx 20 mail01.example.com 30.30.30.30 (from isp B) CNAME cas.example.com <

Re: Can we load balance traf[f]ic for CNAME records?

于 2012-12-14 17:14, Manish Rane 写道: I understand that Mail Delivery load balance can be achieved by usingMX priorities. My concern is not that, rather I am more worries about users who will be using A record to configure their mail clients like IMAP or POP. I am thinking on load balancing their s

Re: How can I migrate my Domain from ISP hosted to my own BIND server?

于 2012-12-14 17:55, Manish Rane 写道: I need to migrate my domain which is hosted at my ISP on to my own internal BIND server and have my own NS record. Does anyone steps I need to take care of or complete procedure? you'd better pick up a book to read for the begin :) ___

Re: Just wondering if BIND can do GLB -Global Load Balancing Stuff?

I once maintained two F5-BIGIP-GTM boxes a coupe of years ago, at that time they called as F5 3DNS. GTM does have a BIND installed, but that means nothing. Its GSLB DNS module is not BIND, but a customized module in Linux kernel. Among with this module there are some scheduler methods to balance

nsupdate for default TTL

Hi Is there a way to dynamic update the zone's default TTL by nsupdate? Thanks and Merry Xmas! ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://l

Re: nsupdate for default TTL

于 2012-12-26 22:12, Carsten Strotmann 写道: > Because there is no concept of a "default TTL" in a loaded zone, you > can only change the dedicated TTLs on each individual resource record > using the "nsupdate" tool. Thanks Carsten. Happy new year! ___ Plea

Re: Distribute named.conf

于 2013-1-3 19:06, Joerg Stephan 写道: So we are seeking a way to distribute the named.conf.x for the several zonfiles. Currently this is solved by powerdns via mysql replication. Is there any tool in bind we could use. Generating the conf file and syncing via ssh/rsync is discussed on our side,

zone files in bind-9.9

Hi I upgraded my BIND from 9.7 to 9.9. For BIND 9.7 all zone files under /var/cache/bind are clear textes. But under BIND 9.9 it seems the zone files are binary format. So how can we check the content of zone files now? Thanks. ___ Please visit https://

Re: zone files in bind-9.9

于 2013-1-6 21:53, Carsten Strotmann 写道: > you can use "named-compilezone" to convert from RAW-Format to Text-Format. > > Or you can use "dig" with axfr to get a zone-transfer from the server > (dig @server axfr zone.tld). > > You can change the format for writing zone files in the named.conf if >

Re: zone files in bind-9.9

Another question, since the zone files are raw format now, how can we edit the zones? I use nsupdate only so it's not a problem, but for editting by hand, how to? Thanks. 于 2013-1-6 21:53, Carsten Strotmann 写道: > you can use "named-compilezone" to convert from RAW-Format to Text-Format. > > Or y

Re: zone files in bind-9.9

于 2013-1-7 10:44, Mark Andrews 写道: > Master zones still use text format by default. > > Slave zones use raw format by default. You are not expected to > edit slave zones. OK I see. that's right. ___ Please visit https://lists.isc.org/mailman/listinfo/b

Re: Difference between netstat & rndc status

2011/7/3 Bind : > Hello Admins > When i run : > #netstat -an |grep udp |wc > it returns a number which is lower than the output of rndc status recursive > clients. > what is the difference between netstat -an |grep udp |wc(open udp ports to > dns server) and amount of recursice clients in the rndc

a death loop with DNS query

When I dig this: dig s1.mytest.blogchina.org +trace I got many these info: mytest.blogchina.org. 600 IN NS ns1.dnsv5.com. mytest.blogchina.org. 600 IN NS ns2.dnsv5.com. ;; BAD (HORIZONTAL) REFERRAL ;; Received 95 bytes from 183.60.59.217#53(ns1.dnsv5.com) in 6 ms

Re: about AUTHORITY SECTION

2011/7/8 Kevin Darcy : > > I think it's worth emphasizing that in the first case, the contents of the > Authority Section were *mandatory* (see RFC 2308, Negative Caching), whereas > in the second case the authoritative nameserver was *optionally* providing > NS records in the Authority Section. I

questions on the dig info

Hello list, $ dig www.qq.com ns @ns1.qq.com ; <<>> DiG 9.4.2-P2.1 <<>> www.qq.com ns @ns1.qq.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50734 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 0 ;; WARNING: recursion reques

Re: questions on the dig info

2011/7/9 Lyle Giese : > > qq.com zone is the parent to the subdomain www.qq.com, so it has to have > knowledge of the name servers for the www.qq.com subdomain.  That is how a > recursive name server finds www.qq.com. > Do you mean the reference? I don't think the first case is answering with a

Re: master slave different site different resolution

2011/7/14 Gabriele Gabriele : > Dear lists, > > I have an issue to resolve about 2 dns server Master/Slave. > > > The Master is positioned in a site with public ip 1.1.1.1 and all the public > dns resolutions point to 1.1.1.1 > the Slave is positioned in a site whit public ip 2.2.2.2  and obviously

Re: master slave different site different resolution

2011/7/14 Gabriele Gabriele : > Ok, may be I was not so clear to explain.. > > > for example I have in my Master work site the our webmail > "webmail.mydomain.com" that when Master work site in UP the resolution is > 1.1.1.1 but if the master go down in My slave work site, my slave dns resolv > "we

Re: Patching bind for additional stats - any tips?

Sounds a great project. I wish google's improved BIND is as well as gmail. Regards. On Tue, Jul 19, 2011 at 9:13 AM, Alex Kolchinski wrote: > Hi everyone - I'm at Google and currently starting on a mini-project to get > some more insight into how our BIND servers are performing. Our first > thou

about the dig

Hi list, When I deleted all the entries in /etc/resolv.conf (I am using Linux), dig can't work. I was thinking since dig is a standard resolver, it should have the capibility to follow the referrel from root, thus it will work fine even there is no system dns resolving. Am I right? Thanks. __

Re: about the dig

t; or > 2) dig @IP.address > or > 3) No "@..." argument used at all ? > > In cases 1 & 3, dig will need data from /etc/resolv.conf. > Only in case 2 dig can do without. > > Kind regards, > > Marc Lampo > > > -Original Message- &g

Re: about the dig

On Tue, Jul 19, 2011 at 1:50 PM, Marc Lampo wrote: > the list cannot be built-in, because some organisations work with an > internal >  root.  The local caching name server is the only one to know those "new" > root's.) > I don't think so. BIND 9 has the built-in root list. __

Re: about the dig

On Tue, Jul 19, 2011 at 2:47 PM, G.W. Haywood wrote: > > man resolv.conf > > " If  this file doesn't exist the only name server to be queried will be on > the local machine; the domain name is determined from the >       hostname and the domain search path is constructed from the domain > name.

BIND and DNS protocol

I saw this statement: BIND (Berkeley Internet Name Domain) is an Open Source implementation of the Domain Name System protocols originally developed by the University of California, Berkeley. I'm not sure, is it BIND or DNS protocols or both developed by University of California, Berkeley? Than

MX choosing

Given the MX hosts for sympatico.ca domain: $ dig sympatico.ca mx +short 5 mxmta.sympatico.ca. $ dig mxmta.sympatico.ca +short 67.69.240.17 67.69.240.24 67.69.240.22 67.69.240.23 67.69.240.21 67.69.240.20 67.69.240.19 67.69.240.18 when the peer MTA fail to talk to one of these hosts,will it try

Re: MX choosing

, 2011 at 5:11 PM, Matus UHLAR - fantomas wrote: > On 22.07.11 16:50, Feng He wrote: >> >> Given the MX hosts for sympatico.ca domain: >> >> $ dig sympatico.ca mx +short >> 5 mxmta.sympatico.ca. >> >> $ dig mxmta.sympatico.ca +short >> 67.69.240

Re: MX choosing

On Fri, Jul 22, 2011 at 5:58 PM, Tony Finch wrote: > >  The question of whether a sender should attempt retries using the >  different addresses of a multihomed host has been controversial. The >  main argument for using the multiple addresses is that it maximizes the >  probability of timely del

Re: howto know if a query was delegated to cache

There is a "rr" flag in the response which indicates the answer is not from a cache. On Mon, Jul 25, 2011 at 6:14 PM, harish badrinath wrote: > (Originally sent to bind-workers, sorry if this is considered cross > posting. Slightly modified from the original message) > > Hello, > > I am using Bi

Re: howto know if a query was delegated to cache

You may have been confused about what should be cached and what should not be cached. This is an answer which is coming from the authoritative server and which is not a cached response: $ dig www.google.com @ns1.google.com ; <<>> DiG 9.6-ESV-R4 <<>> www.google.com @ns1.google.com ;; global opti

Re: stub zone

On Tue, Jul 26, 2011 at 3:55 AM, ju wusuo wrote: > Would like to use the BIND stub zone function, however, heard that ISC > considers stopping support to stub zone in the future, is that true? > ___ Hi, what's the use of stub zone? I never used it, tha

Re: stub zone

On Wed, Jul 27, 2011 at 8:51 AM, Chris Buxton wrote: > > On Jul 25, 2011, at 10:33 PM, Feng He wrote: > >> On Tue, Jul 26, 2011 at 3:55 AM, ju wusuo wrote: >>> Would like to use the BIND stub zone function, however, heard that ISC >>> considers stopping suppo

Re: DNS update on host down

I did the same stuff using a script. When the host is down, run "dynamic update" to modify the records. Some BIND based GSLB such as F5 BIG-IP GTM has this feature. Regards. On Tue, Jul 26, 2011 at 10:23 PM, Paul Reilly wrote: > Is there a simple utility, which can ICMP ping or HTTP ping a host,

Re: client ... query (cache) './NS/IN' denied:

On Fri, Aug 19, 2011 at 3:24 AM, Shawn Bakhtiar wrote: > > Hi all, > > For the first time my primary name server is not reporting any more > > client XXX.XXX.XXX.XXX query (cache) './NS/IN' denied: 1 Time(s) > This is a DNS attacking. Many DNS Servers are meeting this kind of attack each day here