e the private tld?
Thanks,
Maria
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Thank you for all of the responses, I really appreciate it. Clearly the
best approach is to sign the internal tld, but at the moment I can't do that
because I would need new internal servers, ours don't support dnssec.
I configured it as a slave and it's working. Thanks!
Maria
onf or it will be
overwritten in an update.
If you do this for the same reason as I do, to get the pre-made
/var/named/chroot directory, then you might like this. After the server
is first built, I move /var/named/chroot out of harms way and remove all
the bind packages.
act to DNS in our
environment would be if they dropped udp fragments at the border. It seems to
me I would have to configure our name servers to drop back to tcp when a packet
is over 1500. I'm trying to understand just how much that would impact the
servers.
Thanks,
Maria
_
installed. After I install it the
testing is successful.
Maria
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Is this a known issue with internal private TLDs and I should just give
up on using a shared cache? Getting rid of our internal domain is a huge
undertaking which won't be completed any time soon.
Thanks,
Maria
?
___
Please visit https://lis
ot;in"; the reason I am using views is to make chaos bind queries
work for specific client IPs only. I don't want to waste a bunch of
memory doing that if I don't have to - so I put in the shared cache
option. Taking it out means I have to go back and do my sums again to
work o
ons of why this is a very
bad thing. I would find quick access to thoughtful well-phrased arguments very
useful right now.
Thanks!
Maria
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
causing an outage to the
service/services. And if your not in control of the zone or the
search order it could be difficult to rectify.
-Stacey
On 11/11/2010 00:30, Kevin Darcy wrote:
On 11/10/2010 1:19 PM, Maria Iano wrote:
We are working with a software vendor whose software only works
with
e.com as a
primary zone, I think it should discard that bad A record and hand
back its own.
The vendor's argument is that it should blindly trust the forwarding
resolver.
Can anyone point me to an RFC or reference about this?
Thanks,
Maria
___
g and also seems to me to be a security issue.
Thanks for your help anyway!
Maria
On May 11, 2009, at 2:33 PM, Kevin Darcy wrote:
The "resolver algorithm" in RFC 1034, Section 5.3.3, states
1. See if the answer is in local information, and if so return
it to the clie
that zone into the cache that come from the servers to
which the zone was specified to be forwarded. Never hand out data from
that zone unless it was received from one of the forwarders.
Thanks,
Maria
___
bind-users mailing list
bind-users@lists.isc
x27;t exist and never has in the zone, then we get the answer from
the wildcard. If we query a record that used to exist but was deleted
and now doesn't exist, then we get no answer. We don't get NXDOMAIN, we
get
status: NOERROR
and no answer.
Has anyone else come ac
On Mon, Jun 19, 2017 at 09:08:33PM -0500, /dev/rob0 wrote:
> On Mon, Jun 19, 2017 at 06:19:31PM -0400, Maria Iano wrote:
> > We have a group of users that need to use a wildcard record in
> > their zone. Their wildcard works in general, but they have a
> > situation where i
T PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
; IN ANY
;; AUTHORITY SECTION:
300 IN SOA 2017062002 1200
600 604800 300
;; Query time: 59 msec
;; SERVER:
;; WHEN: Tue Jun 20 10:14:58 EDT 2017
;; MSG SIZE
On Tue, Jun 20, 2017 at 09:29:59AM -0500, /dev/rob0 wrote:
> On Tue, Jun 20, 2017 at 09:17:58AM -0400, Maria Iano wrote:
> > Thanks for your answer. There are no other records with that name
> > in the zone, and an ANY query comes back empty but still with
> > status of NOER
On Tue, Jun 20, 2017 at 09:37:04AM -0500, /dev/rob0 wrote:
> On Tue, Jun 20, 2017 at 09:29:59AM -0500, /dev/rob0 wrote:
> > On Tue, Jun 20, 2017 at 09:17:58AM -0400, Maria Iano wrote:
> > > Thanks for your answer. There are no other records with that name
> > > in the z
On Tue, Jun 20, 2017 at 10:08:44AM -0500, Bryan Bradsby wrote:
> On Tue, 2017-06-20 at 10:51 -0400, Maria Iano wrote:
> >
> > The queries are being directed at an authoritative server, exactly as
> > you describe above.
> >
> > We also pay for a secondary dns
searching for deletedrecord* and not *.deletedrecord*.
It didn't help that both of our secondary dns providers do
hand back the wildcard answer to the query. I take it that means they
are not using bind, and their implementations follow different rules for
wildc
the cause - i.e. the
subdomain records of the deleted records. I had searched for records
beginning with the deleted names, and not records that were
subdomains of the deleted names. Also, our secondary DNS providers hand
out the wildcard record even though the subdomain records exist.
Than
On Tue, Jun 20, 2017 at 11:29:27PM +0100, Cathy Almond wrote:
> On 20/06/2017 14:17, Maria Iano wrote:
>
> As has been explained already, no answer, no error means that the name
> exists, but not an RRset of the type you queried for.
>
> Since the ANY query also comes back empt
Hello
Y have a problem with bind, part of file mesagges is:
Jun 25 12:50:25 amon named[13443]: socket: too many open file descriptors
Jun 25 12:50:26 amon last message repeated 112 times
Jun 25 12:50:26 amon named[13443]: client 200.72.65.45#40268: recursive-clients
soft limit exceeded, aborting
Tatuya / [mailto:jin...@isc.org]
Sent: Jueves, 25 de Junio de 2009 18:27
To: Del Solar Navarrete Maria Cristina
Cc: bind-users@lists.isc.org
Subject: Re: Bind-9.5.0-P2
At Thu, 25 Jun 2009 13:05:27 -0400,
Del Solar Navarrete Maria Cristina wrote:
> Y have a problem with bind, part of f
23 matches
Mail list logo
