r www.google.com. This is as bad a
suggestion as all the others - worse, because it doesn't scale to a
site with multiple workstations.
--
/*****\
**
** Joe Ya
ne "zonename" {
...
file "data/zone.zonename.for-the-many";
...
};
};
--
/*************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\
--
/*************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
Please visit https://lists.isc.org
On Sat, Apr 06, 2013 at 01:04:47AM -0400, Joseph S D Yao wrote:
...
> Just as a logistical thing, the SOA record should be in the zone file
> that $INCLUDEs the rest of the information, anmd no SOA record in the
> latter.
...
Which means, I should have added, that any time you u
to get your
DDS and do dentistry instead, fewer headaches.
--
/*\
**
** Joe Yao j...@tux
On 2013-09-08 07:06, Carol Overes wrote:
Hi Phil,
Apologies if my approach was not clear, after Steve's mail. But I
tested
by using dig without the +trace option. I have tested the following
from
an IP, which is accepted via the trusted ACL:
dig @10.10.10.1 www.domain2.com A
dig @10.10.10.1
On 2013-11-11 12:11, S. Jeff Cold wrote:
...
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 22495
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;jeffdiss.org. IN A
...
BIND's configuration file is :
$TTL 3600
$ORIGIN jeffdiss.org.
; St
On 2013-11-13 00:16, Manish Rane wrote:
...
6.Assume if ISP1 goes down, client coming on ISP1 would never be able
to reach; hence as per DNS protocol will try for another link and
come
on ISP2 and then probably get an IP address of Link 2 i.e. 2.2.2.2.
...
I'm not sure about your DNS setup,
On 2013-11-13 16:44, Mark Andrews wrote:
...
RFC 1123 (October 1989) applies to all applications on all hosts.
Note "SHOULD" and "until".
...
Mark, I've always read "SHOULD" here as more of a plaintive hope than
anything else. People have certainly felt free to ignore it. Yes, that
makes t
On 2014-01-10 15:01, Eduardo Bonsi wrote:
...
It seems like they have their domain configuration A Record pointed
to the localhost. We all know that the localhost is not routable
outside of the internet. Therefore I am sure their website cannot
resolve out of the 127.0.0.1.
In addition to that, i
On 2014-01-12 10:04, Chris Thompson wrote:
On Jan 11 2014, Joseph S D Yao wrote:
[...snip...]
(2) There is no requirement that a domain name refer to the Web site
for that domain. I personally don't like that (for no special
reason), and neither apparently does the owner of this domain
On 2014-01-14 12:39, Blason R wrote:
Hi Folks,
I am not sure if this is an appropriate forum to answer since more or
less it is pertaining to Go Daddy support but since its a huge
community our there and I am sure many of them are already using Go
Daddy wondering if su-domain delegation is possi
On 2014-01-14 09:56, Chris Thompson as IP Register wrote:
...
199.101.28.20 seems to be search.dnsassist.verizon.net. Are you
sure that the nameservers you are using aren't doing "friendly"
rewriting of NXDOMAIN responses for you?
...
Ack. Good thing you can't see how embarrassed I'm blushing
On 2014-04-08 06:08, Bryan Harris wrote:
Hello all,
We have a sort of private DNS such that servers can lookup zones that
don’t actually exist in the real, public DNS, they just exist within
our private NOCs. In addition, we have always had both Windows AD
handling the Windows side of things an
On 2014-04-08 07:35, Jason Brandt wrote:
...
All of our Windows clients resolve through our Bind servers, and have
no problems with any AD resources. The only MSW machines that point
to our AD DNS servers, are our DC's. All clients will resolve just
fine through BIND, so long as your zones are
On 2014-07-13 12:11, Gary Wallis wrote:
Hello,
What are the drawbacks, if any, of running only master name servers
for the set of authoritative NSs?
For example given:
[root@rc37 unxsVZ]# dig latimes.com NS +short
dns1.tribune.com.
dns2.tribune.com.
dns4.tribune.com.
dns3.tribune.com.
Where a
On 2015-11-17 04:21, Ray Bellis wrote:
On 17/11/2015 02:09, Grant Taylor wrote:
On 11/16/2015 06:56 PM, /dev/rob0 wrote:
You either specify a hints file to use, or use the compiled-in root
hints.
Interesting. I was not aware that it was an exclusive or type
situation.
It's important that
#x27;rndc'. For
this, you do need the "rndc.conf" file, IIRC.
--
/*********\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\***
the page is, "Nsbeta.info DNS Lookup | Nameserver Lookup -
Who.is - Who.is". They probably did just exactly that - DNS lookup.
Anything in DNS is public information.
--
/*\
**
** Joe Yao
But I have only done this once, just for the
experience.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mail
\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
visible file compiled in.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.o
***\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Fri, Jan 28, 2011 at 04:40:50PM +0800, p...@mail.nsbeta.info wrote:
> Joseph S D Yao writes:
> > Just because we don't need to, doesn't mean that it's a good practtice
> > not to. And it's so easy to create one on a system where DNS is already
> > se
nized the BigIP in my last posting, you were right!]
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@li
On Fri, Jan 28, 2011 at 09:51:13PM -0500, Joseph S D Yao wrote:
> On Fri, Jan 28, 2011 at 08:10:10PM +, Jack Tavares wrote:
> > I have a question about the hints file.
> >
> > It is "built in" to BIND.
> >
> > Does bind check for updates to
I know. May not be true on some private internets, tho.
--
/*\
**
** Joe Yao j...@tux.org
number is incorrect.]
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
__
change,
with a mutually agreed-on time to make the change (and using decreased
TTLs etc. as usual with such a change).
--
/*************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On Sun, Jan 30, 2011 at 09:40:51AM +0800, p...@mail.nsbeta.info wrote:
> Joseph S D Yao writes:
>
> >
> > The labels must follow the rules for ARPANET host names. They must
> > start with a letter, end with a letter or digit, and have as interior
> > characters on
ter.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mail
***************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ved copies of zone files, it's not expected that humans will be
reading the file, so confusion is not a consideration.]
Teaching texts should use comments rather than $ORIGIN lines to indicate
what the domain is at given points in a zone file.
IMHO, of course.
--
/
ition:
VeriSign has been selected by the U.S. General Services Administration
(GSA) to operate the domain name registry for .gov. ..."
Perhaps the new name servers are different somehow.
--
/*\
**
** Joe Yao
;
allow-transfer { ext-tsig-key; };
type slave;
file "slaved/rest/zone.example.us";
masters { 20.20.20.20; 30.30.30.30; };
}
}
zone "internal.us" {
// sourced and served only in one view
view "here" {
two zone transfers, because sourcing the zone
and serving it are not separate abstractions.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S
j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
this from the earlier description.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing l
job is resolving, that
are not authoritative name servers for any domain. On those name
servers, you forward queries for the domain under discussion to the
unlisted internal name server that nonetheless IS authoritative for the
domain. In less ideal circumstances, the internal recursiv
ttp://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7
Are you running 'rndc' from the same server on which the 'named' is
running? If not, make sure that both have the same time.
--
/*\
**
** Joe Y
the generated keys.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@
't understand the question. Is it at all related to my suggestion?
--
/*\
**
** Joe Yao
with large UDP packets blocked,
this breaking EDNS0. Although there is no firm upper limit, there is a
suggested upper limit of 4096 bytes for EDNS0.
--
/*\
**
** Joe Yao
ponse is appropriate and necessary.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://l
eement between yourself and them about why it's there and how changes
will be communicated.
--
/*****************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
ice.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mail
not.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-us
more than once.
Now, if you are lucky enough to be on a Linux or BSD or Unix or Mac
system, run
$ man nslookup
$ man host
$ man dig
$ man alias
for more information.
--
/***************
***\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
o j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
forwarding - have separate forwarding controls, says I.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
On Fri, Jul 08, 2011 at 10:26:16AM -0700, Chris Buxton wrote:
> On Jul 8, 2011, at 9:11 AM, Joseph S D Yao wrote:
> > I'd rather that recursion controls only control recursion.
> > And not forwarding - have separate forwarding controls, says I.
>
> Forwarding is a res
ichever you
do, as I started out saying, you need both DNS entries. Whatever they
may be.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\**
blic and private info in the private view. I would agree if you were
to argue that separate subdomains are a cleaner way to do this, though.
--
/*\
**
** Joe
a separate
subdomain from static data, which may someday need to be updated.
Apologies if this was obvious. There exist people for whom it was not.
--
/*\
**
** Joe Yao j...@tux.org - Josep
nsolveable.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lis
, but sent as if from your home office, will be rejected by said
mail servers.
--
/*************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
b
)
But, yes. Static data such as the SOA and NS records are mandatory.
--
/*\
**
** Joe Yao j...@tux.org - Josep
other constraints.
Ummm ... why Wintel specifically? There are many non-MS software
components that can do this, and on many non-Intel processors.
--
/************
e them more cleanly.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-us
ever implemented it because it wasn't high
> priority.
Yes.
--
/*****\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing
**************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
, for better or
for worse, I just took exception to the word "only". ;-)
--
/*************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bi
ome; I have not perused their entire list. Nor
do I know who writes on the other one, but that one did seem a bit less
impartial.
--
/*\
**
** Joe Yao j...@tux.org - Josep
- Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
is 88 characters long (including
'=' pads). It was sent me by the owners of the other.example.zone name
server.
Thanks in advance!
--
/***************
On Fri, Jul 31, 2009 at 03:32:48PM +1000, Mark Andrews wrote:
> In message <20090730174054.h23...@gwyn.tux.org>, Joseph S D Yao writes:
...
> > Plus, I'm curious to know what 'dig -k' really wants to see.
>
> A keyfile as generated by "dnssec-keygen -a
On Fri, Jul 31, 2009 at 01:43:58PM +0200, Mark Elkins wrote:
> On Thu, 2009-07-30 at 17:40 -0400, Joseph S D Yao wrote:
>
> > What does work is:
> > dig -y mynet.:Ain/tGonnaTellNoWay== axfr example.zone
> > @other.example.zone
> > but I really, really fin
gust 2006
...
Yah, I guess I need to catch up a wee bit. Thanks again!
--
/*\
**
** Joe Yao j...@tux.org - Joseph
lly, the CNAME records can also be auto-generated by inserting
$GENERATE 96-111 $ CNAME $.96-28
I hope that this helps!
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
After some experimenting, here is the whole answer, hinted at by one
response on this mailing list.
On Thu, Jul 30, 2009 at 05:40:54PM -0400, Joseph S D Yao wrote:
...
> In dig(1), the '-k' option is said to require a "TSIG key file" as an
> option. I have a TSIG file
On Sat, Aug 22, 2009 at 02:45:19PM +0200, Hauke Lampe wrote:
> Joseph S D Yao wrote:
>
> > It turned out that this latter file was needed, but for some
> > inexplicable reason perhaps having to do with library routines [I have
> > not gone chasing down the code], it ALSO
't; or some automatic process that is trying to get your
information will not fail cleanly.
ISTM, it's better to try and do failover some other way, such as with
high-availability Linux, than to try to get DNS to do load balancing.
--
/**************
but nobody else had thought to do that.)
--
/*************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
l to
'umask' immediately before the execution of 'named'.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
ation file, "include" is a part of the actual
language being parsed, and so must appear only where it's expected, and
not at any random position.
I hope that this helps.
--
/*\
**
** Joe Yao j...@tux.org - Joseph S.
r.c and work out in exactly which cases cfg_parse_mapbody
> in the latter gets called :-(
As I've said before, only the code never lies. But it may take some
exegesis.
--
/************
7.9.11.13
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
at the slaved copies for the internal view and the
external view go to DIFFERENT files? Otherwise they overwrite each
other and strange timing effects occur.
Just thoughts.
--
/*\
**
** Joe Yao j...@t
...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
;
category lame-servers { null; };// ignore
category default { all; };
};
--
/*****************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\***
On Wed, Dec 02, 2009 at 12:47:08PM +, Sam Wilson wrote:
> In article ,
> Joseph S D Yao wrote:
[incorrectly]
> > No.
...
> Not true. CNAME chains - CNAMEs pointing to other CNAMEs - are
> inefficient and discouraged but the DNS spec is built to ensure that
>
es against use in RHS of MX and NS.
Which, unfortunately, does not prevent their use in many cases ...
--
/*\
**
** Joe Yao j...
\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
the IQUERY operation, declaring it entirely obsolete.
This document updates RFC 1035.
--
/*\
**
** Joe Yao j...@tux.o
problem with the specific poster, who is presumably using
something from a compile of a current BIND distribution, but a problem
when generalising.
--
/*\
**
** Joe Yao j...@t
s.
Isn't one of Alan Perlis' quotes about, a high-level language is one
where you don't have to worry about unnecessary detail?
--
/*\
**
** Joe Yao
parent zone files to once
again be the SAME IDENTICAL name server information as in your newly
revised zone files.
I hope that this helps!
--
/************
-conscious as
to have separate resolving name servers and authoritative name servers,
then their resolving name servers can have the same "forward" zone
declaration as your name servers.
--
/***************
***\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
r(s) with SOA
> queries whch seems to take a really long time.
Your NOTIFY tree sounds like it's many-to-many. Maybe you should be
using a sparser tree.
--
/*\
**
** Joe Yao
***\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
than the parent's?
Shouldn't there be an additional @parent.name.server argument?
Thanks.
--
/*****\
**
** Joe Ya
n
the global 'also-notify' list will not be sent NOTIFY messages for that
zone."
I suspect that the notify option is set to 'no' either in your global
options or in your view or in your zone.
--
/*\
**
** Joe Yao
**\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
nimum
>
> 1D IN NS172.16.30.30
> * IN A172.16.30.30
--
/*****************\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\**
y doesn't matter! ;-)
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/
st just because it is not YET allocated!
--
/*\
**
** Joe Yao j...@tux.org
On Sat, Apr 10, 2010 at 01:08:16AM -0400, Joseph S D Yao wrote:
...
> I strongly recommend that anyone wanting some degree of security use
> look at the lists of IPv4 networks in RFC 5735/6/7 and the list of IPv6
> networks in RFC 5156. Decide which of those networks you want to b
99. Not that I ever do ...
--
/*\
**
** Joe Yao j...@tux.org - Joseph S. D. Yao
**
\*/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.o
1 - 100 of 114 matches
Mail list logo