DOMAIN, id: 4761
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
Unfortunatly before you can continue to trouble shoot this you would
need to get your ISP to fix their stuff. You should also ask what they
are trying to do in requesting a transfer of 104
the TLSA records.
But for this to work I would need to enable recursion on the
authoritative server for masters, I understand that for very good
reasons this is considered a very bad idea.
So how best to provide aliasing?
--
John Allen
KLaM
--
I just go
On 1/16/2015 8:59 AM, Phil Mayers wrote:
On 16/01/2015 13:00, John wrote:
But for this to work I would need to enable recursion on the
authoritative server for masters
Why?
___
Further problem is that DNSSEC tests show problem with NS records
On 1/16/2015 8:59 AM, Phil Mayers wrote:
On 16/01/2015 13:00, John wrote:
But for this to work I would need to enable recursion on the
authoritative server for masters
Why?
Because the last time I tried it, it did not work!
I have just tried it again and I don't get the answers I e
the zones at a single
zone file. however I am not sure that that will work as smoothly as I
would like.
--
John Allen
KLaM
--
Why do psychics have to ask your name?!
smime.p7s
Description: S/MIME Cryptographic Signature
On 1/16/2015 10:26 AM, Phil Mayers wrote:
Turned out that my (old) router was glitching and losing stuff along the
way. New router solved problem!
--
John Allen
KLaM
--
How do you tell when you're out of invisible ink?
smime.p7s
Description: S
is there a separate DNSSEC mailing list?
--
John Allen
KLaM
--
A day without sunshine is like, night?
smime.p7s
Description: S/MIME Cryptographic Signature
___
Please visit https://lists.isc.org/mailman
On 1/17/2015 12:12 PM, /dev/rob0 wrote:
On Sat, Jan 17, 2015 at 11:43:33AM -0500, John wrote:
is there a separate DNSSEC mailing list?
If *you* are using BIND for signing or validation, anything
pertaining to DNSSEC is quite relevant here.
Google for "dnssec mailing list" brough
On 1/17/2015 12:21 PM, Jeremy C. Reed wrote:
On Sat, 17 Jan 2015, John wrote:
is there a separate DNSSEC mailing list?
You may use this bind-users list to discuss DNSSEC.
There are other lists for DNSSEC managed outside of ISC and not specific
to BIND, such as:
Dnssec-deployment.org (but I
Engineer, Retired
E-mail: rkober...@gmail.com <mailto:rkober...@gmail.com>
It still say "Mailing list to do"!
--
John Allen
KLaM
--
Inside every older person is a younger person wondering what the hell
happened!!
smime.p7s
Description: S/MI
Does anybody know if key rolling is going to be part of Bind (as part
of maintain/inline) maybe?
Has the been any discussion on basing the +/-nn part of the date/time
params, not on today, but on one of the existing params when the -S
option is used?
I little while back I started to write a simple script to automate rollover.
Before I go much further I think I should find out if I am duplicating
something that has already been done, or is in the works?
Is there anything know, or even rumored?
--
John Allen
KLaM
20150126173534
ZSK -I
20150527015028
20150225173534
--
John Allen
KLaM
--
If you are out to describe the truth, leave elegance to the tailor.
smime.p7s
Description: S/MIME Cryptographic Signature
oops!! I swapped the ZSK and KSK in the table.
On January 26, 2015 9:09:40 PM John wrote:
my experimental zone (the family site) klam.ca has a KSK and a ZSK.
There appear to be time differences between the records reported by DIG
and the source records on file.
In the case of the ZSK the
How useful are SRV records? Are they worth installing? What are their
benefits, and pitfalls?
Similar question about HINFO.
--
John Allen
KLaM
--
How do you tell when you're out of invisible ink?
smime.p7s
Description: S/MIME Cryptographic Sign
On 2/17/2015 3:47 AM, Carsten Strotmann (sys4) wrote:
Hello John,
John Allen wrote:
Does anybody now if there are any developments in this standard and its
implementation. Particular reference to email.
people from Verisign have implemented an library+API, Thunderbird
integration and they had
-clients { localhost; localnets; };
...
}
view "external-recursive" {
match-clients { any; };
match-recursive-only yes;
blackhole { any};
}
view "external" {
...
}
-- John
[EMAIL PROTECTED]
___
bind-users mailing list
bind-u
e
for this post is to start a discussion on the pros / cons.
-- John
[EMAIL PROTECTED]
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ruary and was advised to
upgrade to 9.3.6, however I'm using 9.5.1-P3 (debian release).
Any ideas how to fix this?
Thanks,
john
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Mon, 7 Dec 2009, Dmitry Rybin wrote:
Hi! RTFM :)
/etc/security/limits.conf
binduser softnofile 32384
binduser hardnofile 32384
change binduser - to you real BIND user.
Thanks,
john
___
bind-users mailing list
bind-users
for people willing to try it out, but mainly just sharing and
caring.
Source available at http://github.com/udoprog/bsa
Licensed under GPLv3.
-- John-John Tedro
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
igning information for wunderkind.co and found
none. That's cool, we didn't expect them to be."
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.
valid.
I have my suspicions of what's happening, but not enough information to
form a solid hypothesis or perform tests. I want higher confidence that
I'm recognizing the important lines in the logs before I start casting
stones.
--
Do things because you should, not just because you
e to do so, and
returns a SERVFAIL to the customer.
I haven't yet tried, but I don't expect I can define an RPZ to trap such
illegal names. Can I? If I could, it would reduce the traffic to Akamai,
and the number of validations I'm trying to do.
--
--
Do things
D of the numerics I see in my logs, and ignore the
rest. I think this will get me what I want, at a level of complexity I
can accept.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
O
.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 1/25/2023 8:36 AM, John Thurston wrote:
Off-list, it was suggested to me that I _could_ handle this in my RPZ,
by enumerating all 255
zone). Is anyone else seeing similar behavior?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
th
serial
number, and waiting patiently for the refresh interval to expire before
checking again.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 1/27/2023 1:53 AM, Ondřej Surý wrote:
FTR
think of a good way to test this.
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds
the other views, would be
uninterrupted.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 2/17/2023 10:23 AM, Ondřej Surý wrote:
*CAUTION:* This email originated from o
e you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 2/17/2023 10:46 AM, Ondřej Surý wrote:
Well, the serial number arithmetics is there for a reason - you
usually don’t want to rollback to previous versi
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software
Fr2+XHeB8O8GTLqk7HgfdM8=
) ; KSK; alg = RSASHA256 ; key
id = 46144
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State o
en performing these tests.
Arguments against:
* Maybe I misunderstand, and such NS records aren't actually benign
Unknown:
* Does the answer change if we want to start signing either zone?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
joh
ned appserviceenvironment.net
names? Were you able to do it with your RPZ?
*
https://learn.microsoft.com/en-us/azure/app-service/environment/create-ilb-ase
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Admin
look at https://launchpad.net/~isc/+archive/ubuntu/bind I think
it is telling me that 1:9.18.16-1+ubuntu22.04.1+isc+1 should be available.
Has anyone successfully updated to 9.18.16 from this PPA? Can you
suggest what I'm doing wrong today?
--
--
Do things because you should, not just be
amd64 Packages
500 http://security.ubuntu.com/ubuntu bionic-security/main
amd64 Packages
1:9.11.3+dfsg-1ubuntu1 500
500 http://azure.archive.ubuntu.com/ubuntu bionic/main amd64
Packages
--
Do things because you should, not just because you can.
John Thurston907-465
Welp, there I have it. I thought I had until April 2028 :(
Sorry for the noise.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 6/23/2023 12:04 PM, Ondřej Surý wrote
-
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software w
, and accept an NXDOMAIN with
confidence.
And since writing my earlier note, I have re-located the code I think I
stumbled across earlier
Tony Finch's "nsdiff"
https://dotat.at/prog/nsdiff/
--
Do things because you should, not just because you can.
John Thurston907-465
shing accurate PTRs from all of the
possible DNS services in the environment. But this is achievable, and
will address the problem (of our own making) which is causing pain.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
De
ittedly, the second and third hours were of diminishing value, as
my caffeine wore off and my frustration grew. After a night's sleep, and
a pot of fresh tea I figured it out.
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@ala
ones the best way to correct
this?
Or maybe add the un-used RFC 1918 zones to our RPZ?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/li
get, why should my clients be trusting *me* to validate them?
Can someone make a good case to me for continuing to perform DNSSEC
validation on my central resolvers?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.go
things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 2/26/2024 7:35 AM, Victoria Risk wrote:
The BIND 9.16 release branch is approaching EOL as of April, 2024. We
encourage users running 9.16 or
I can use dig to request a zone transfer:
dig AXFR foo.com
I am unable to find a simple way to craft a NOTIFY message. Can anyone
help me out?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
(i.e. We found what we wanted in the cache of bad
entries)
Can anyone confirm my hypothesis?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/ma
ssec-failed.org. IN A
;; ANSWER SECTION:
www.dnssec-failed.org. 7198 IN A 68.87.109.242
www.dnssec-failed.org. 7198 IN A 69.252.193.191
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(localhost) (UDP)
;; WHEN: Tue Apr 16 15:21:46 AKDT 2024
;; MSG
success
17-Apr-2024 08:40:40.323 validating dnssec-failed.org/DS: marking as
secure, noqname proof not needed
17-Apr-2024 08:40:40.323 validator @0x7fb8722b7a00:
dns_validator_destroy
17-Apr-2024 08:40:40.323 validating www.dnssec-failed.org/A: in
validator_callback_ds
17-Apr-2024 08:40:4
such
signatures. Is there a way to narrow it down?
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 4/17/2024 9:21 AM, Ondřej Surý wrote:
Let me guess - you are running on RHEL (w
};
Can such forward-zones be defined in catalog-zones?
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsu
will
notice it.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 5/5/2024 8:15 AM, Luca vom Bruch via bind-users wrote:
Hello,
I use bind (stock from alma 9.3) as a nameserver for
uld not just be hammered into our RPZ ?
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
Assurance you are actually trying to compile current code.
A statement of what your operating system is.
Actual output of your compile steps.
Actual logged output of your attempt to launch.
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs
It doesn't answer your original question, but I suggest looking at the
'algorithm' of that key.
Might it be a hmac-md5 ?
If you 'named-conf -px' does it appear in the list of keys?
--
Do things because you should, not just because you can.
John Thurston
ould, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 6/17/2024 2:32 AM, Michał Kępień wrote:
While I don't have a specific date for you, we plan to do such a
"rollover" again when BIND 9.20.1 or 9.20.
than expected
3. every query to the server will be slower than expected
4. something else
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
On 8/1/2024 2:03 PM, James Stegemeyer wrote:
broken trust chain resolving 'scra.dmdc.osd.mil/A/IN': 96.7.136.4#53
;; resolution failed: broken trust chain
--
--
Do things because you should, not just because you can.
John Thurston907-465-8591
john.thurs...@alaska.gov
Department of Administration
State of Alaska
--
Visit https://list
When the answer contains an alias to some other
domain, my server hands that name back into its own recursing process.
Is there some way to configure BIND so it will simply pass back to the
customer whatever answer is received from the distant resolver?
--
--
Do things because you should, n
which are ghosts (new different ghost names
could, of course, be created).Is this correct?
Thanks,
John
---
John Hascall, j...@iastate.edu
Team Lead, NIADS (Network Infrastructure, Authentication & Directory Service
ost names
> >could, of course, be created).Is this correct?
> AFAIK 'rndc flush' will do the same.
Thanks - we're doing a nightly restart for other reasons.
John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-us
What I would like to have happen is for the IPv6 () query
for "evil-domain.com" to return "no data", but for the IPv4 (A)
query for "evil-domain.com" to return "CNAME ".
Is this possible? If so, how?
Thanks,
John
__
.isc.org/software/bind/delegation-only> about ISC's BIND
Delegation-only feature is an addendum to the BIND 9.5 ARM.
Thanks
John Manson
CAO/HIR/NI Data-Communications | U.S. House of Representatives | Washington, DC
20515
Desk: 202-226-4244 | Team: 202-225-5552 | john.man...@mail.hous
I've noticed the support in ARM for specifying both the "forward" and
"forwarders" configuration in a zone stanza for "slave" zones. What is
the purpose and value of specifying such? It seems contradictory and
confusing.
-- John
_
Hi Samad,
It's entirely possible to roll out a parallel BIND installation. We're
doing something similar at Brandeis right now--a mix of BIND and
PowerDNS servers. I take it that your current BIND setup is purely
authoritative? Or is it also handling recursive requests?
John
If that's an exact copy of your record, I'm going to also assume that
the ORIGIN at the time of the record is "toto.be". As such, the
resulting record becomes:
www.toto.be.toto.be. 86400 IN CNAME www.titi.be.toto.be.
Note that trailing '.'s are required to prevent the automatic addition
of t
s6 is a subdomain of the parent domain. Unless otherwise specified,
subdomains are mastered (NS'd) by the parent (or extended parent domain)
containing NS records. As such, because you didn't put any NS records
in the zone file for s6, it follows the NS records of the parent which
happen to b
master for that zone?
We are also looking at the app rsync for db transfers so we will have mirrored
masters, IP traffic separated by routers.
Thanks
https://help.ubuntu.com/8.04/serverguide/dns-configuration.html
John Manson
CAO/HIR/NI/Data-Communications
U.S. House of Representatives
Des
to support
the flipping of masters which requires intelligent scripting to make it
failure resistant.
It would be nice if bind natively supported the concept. However, until
such time, manual / scripting means are needed.
On 05/11/2012 11:27 AM, wbr...@e1b.org wrote:
John wrote on 05/11/2
How can I find out which Unix files/libraries bind requires before I do the
compile?
Thanks
John Manson
CAO/HIR/NI Data-Communications | U.S. House of Representatives | Washington, DC
20515
Desk: 202-226-4244 | Team: 202-225-5552 | john.man...@mail.house.gov
Yes
It would help if you could add the version of each listed below.
What are the 'few others"?
Thanks
-Original Message-
From: Dennis Clarke [mailto:dcla...@blastwave.org]
Sent: Tuesday, May 22, 2012 12:14 PM
To: Manson, John
Cc: 'bind-users@lists.isc.org'
Su
In theory, you would use views to serve up different data to subnets. For
example, you may want to show your internal clients one set of IP addresses
while the external world see's a subset of that data. That is a perfect
utilization of views.
You may want to setup different instances of BIND
Is there a command for bind that will list all Options default names and
settings in named.conf?
Might be helpful in understanding why bind is acting a certin way.
Thanks
John Manson
CAO/HIR/NI Data-Communications | U.S. House of Representatives | Washington, DC
20515
Desk: 202-226-4244
Will bind run on VMware?
John Manson
CAO/HIR/NI Data-Communications | U.S. House of Representatives | Washington, DC
20515
Desk: 202-226-4244 | Team: 202-225-5552 | john.man...@mail.house.gov
___
Please visit https://lists.isc.org/mailman/listinfo
one;};\n\
.
.
.
.
The file also includes defaults for 'view' and 'zone'.
Thanks
-Original Message-
From: Evan Hunt [mailto:e...@isc.org]
Sent: Tuesday, June 05, 2012 3:04 PM
To: Mike Hoskins
Cc: Manson, John; 'bind-users@lists.isc.org'
Subject: Re: Default Op
Will bind run on VMware?
Yes, if the guest operating system supports it.
Of more interest to me is: are there limitations?
Types of configs or workloads that should
not be run under VMware?
John
P.S. Aps are sometimes distributed bundled with an OS,
i.e., forming a package that does run
CN's still
answering queries for brandeis.edu.
As others have mentioned, change your DNS servers with your domain
registrar, and you'll be fine.
John
On 06/18/2012 11:49 AM, Alexander Gurvitz wrote:
Can someone enlighten me on the following scenario
(I guess it's explained
eople's domains), so I've
contacted them again. Hopefully the cease-and-desist won't be necessary.
John
On 06/19/2012 06:45 AM, Tony Finch wrote:
Mark Andrews wrote:
In message<4fdf631a.4060...@brandeis.edu>, John Miller writes:
We've actually run into this bef
We've just resolved this amicably--I'd missed the
commercial.service@rcn.comaddress, but was contacted off-list by one
of RCN's engineers, who read
this thread and has removed our domain from their nameservers. He was
quite helpful. No cease-and-desist letter needed--not by a l
I have an environment that hosts a BIND based internet facing domain, call it
abc.com. I also have an internal Active Directory instance that hosts a MS
based DNS instance called abc.com as well. Everything works fine until we
decided to implement DNSSEC on Active Directory.
Here is my questi
will
not allow that. That would be ideal though.
Thanks,
JT
From: Marc Lampo
To: 'John Williams' ; bind-users@lists.isc.org
Sent: Friday, June 29, 2012 3:07 AM
Subject: RE: BIND, DNSSEC & AD
Hello,
(not a Bind related question !)
Last ti
Thanks to all that replied. I think the solution I want to pursue is to
integrate AD 2012 DNS with BIND. Talk about bleeding edge huh??
From: Tony Finch
To: Marc Lampo
Cc: John Williams ; bind-users@lists.isc.org
Sent: Monday, July 2, 2012 11:10 AM
e to a bug report and/or
changelog for this? A quick Google search for 'bind resolver source
address bug' didn't yield much.
John
--
John Miller
Systems Engineer
Brandeis University
781-736-4619
johnm...@brandeis.edu
___
Please visit h
e it _could_
happen.
Thanks for your help!
John
On 07/23/2012 05:38 PM, Kevin Darcy wrote:
We've been running with 127.0.0.1 in /etc/resolv.conf for years, on a
wide variety of platforms (including Berkeley-derived ones), and never
run into this bug.
127.0.0.1 in /etc/resolv.conf is
ack in 2007:
https://lists.isc.org/pipermail/bind-users/2007-February/065751.html
Good to know that the resolver handles this nowadays.
John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mai
nd-users lately and so missed this
announcement and only became aware of the release today.
Thank you.
--
John Marshall
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-use
n the key repository but the only way to exclude
deleted KSK's from the dsset file seems to be to remove them from the
key repository directory.
Am I not driving this properly?
Thank you.
--
John Marshall
___
Please visit https://lists.isc.o
On 03/08/2012 09:28, John Marshall wrote:
> The behaviour of the dsset file generation appears to be unaffected by
> the smart signing switch (-S). The generated dsset file includes all
> KSK's found in the key repository (-K) irrespective of any timing
> metadata (e.g. del
On 03/08/2012 18:00, John Marshall wrote:
> On 03/08/2012 09:28, John Marshall wrote:
>> The behaviour of the dsset file generation appears to be unaffected by
>> the smart signing switch (-S). The generated dsset file includes all
>> KSK's found in the key repositor
are there ways to make this work with bind?
-John
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
available. Is this supported or
>> are there ways to make this work with bind?
>
> Not at this time. We've discussed the subject at some length and it
> may appear in a future release, but it's not on the near-term roadmap.
Couldn't this be done w
e-ID:
Content-Type: text/plain; charset="us-ascii"
Don't know. I haven't used it. Do you have experience with it?
From: Chris Buxton
To: Evan Hunt ,
Cc: john.debe...@teradyne.com, bind-users@lists.isc.org
Date: 08/06/2012 12:13 PM
Subject:
I've a system with two interfaces; a management and a data interface. My
default route is set out to the data interface.
doing a
dig +tcp someIP.com @some.resolver
works fine.
If I want a UDP based query, I have to specify -b option and provide IP of the
interface otherwise it fails.
form: internal.
Then, you only have the internal. zone on your internal facing
server and it only houses names which should override the normal
domain's entries.
Your clients in this case would not use a fully qualified domain name.
Instead they would just use the hostname.
--John
On Sat, 1
stated, and is assumed, the clients are separated
by different DNS servers, then simply mastering the domain on the
internal vs public servers is sufficient.
-- John
On Sat, 18 Aug 2012 18:43:41 +
"Michael Hoskins (michoski)" wrote:
> -Original Message-
>
> Fro
Good explanation of Service Discovery:
http://www.dns-sd.org/
Also, Bonjour is a big offender:
http://en.wikipedia.org/wiki/Bonjour_%28software%29
A lot of Apple apps use it like itunes.
-Original Message-
From: bind-users-bounces+john.manson=mail.house@lists.isc.org
[mailto:bind-use
In our case, 90% of the dns-sd queries were for the 192.168 network.
These are from 1 client:
DNS C db._dns-sd._udp.0.158.168.192.in-addr.arpa. Internet PTR ?
DNS C dr._dns-sd._udp.0.158.168.192.in-addr.arpa. Internet PTR ?
DNS C lb._dns-sd._udp.0.158.168.192.in-addr.arpa. Internet PTR ?
DNS C cf.
ross the 3 views between the master and slave. Then add in whatever
other acls needed to support non-master/slave comm. Once you have
that, then augment it with the rest of zones you need to support.
-- John
___
Please visit https://lists.isc.org/mai
The key names will show up in syslog messages along with IPs and view names.
Compare master and slave syslogs for clues.
JM
--
Message: 1
Date: Sat, 25 Aug 2012 11:48:47 -0400
From: John Wingenbach
To: bind-users
This url works.
http://www.internic.net/domain/named.root
You can edit your hints file to change or add info, just be sure to follow the
existing format.
JM
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this l
1 - 100 of 823 matches
Mail list logo
