-Original Message-
From: Matus UHLAR - fantomas
Date: Tuesday, November 27, 2012 12:28 PM
To: "bind-users@lists.isc.org"
Subject: truncated responses vs. minimal-responses?
>Hello,
>
>last few weeks I have seen many discussions over UDP truncating and using
>"minimal-responses yes;" to
-Original Message-
From: "Jeremy C. Reed"
Date: Friday, November 30, 2012 4:18 PM
To: "Adamiec, Lawrence"
Cc: "bind-users@lists.isc.org"
Subject: Re: another performance tuning question
>On Fri, 30 Nov 2012, Adamiec, Lawrence wrote:
>
>> I got similar results when running against the m
-Original Message-
From: Phil Mayers
Date: Thursday, January 3, 2013 9:44 AM
To: "bind-users@lists.isc.org"
Subject: Re: Distribute named.conf
>On 03/01/13 14:36, Warren Kumari wrote:
>
>> Yup, have a look at Puppet.
>>
>> For the first while it will seem like way way more work than it
-Original Message-
From: Jeff Wright
Date: Thursday, January 3, 2013 8:41 AM
To: "bind-users@lists.isc.org"
Subject: Re: open-source tool for filter out stats from dns logs
>There might be some tools already out there (like Splunk) that do this
>for you. I think you can get a free Splu
-Original Message-
From: "wbr...@e1b.org"
Date: Thursday, January 3, 2013 2:29 PM
To: "bind-users@lists.isc.org"
Subject: Re: Distribute named.conf
>How does Puppet compare to Ansible? http://ansible.cc/
Thanks for sharing, first I'd heard of it...
>From a quick glance (in a rush atm
-Original Message-
From: "wbr...@e1b.org"
Date: Thursday, January 3, 2013 3:15 PM
To: Mike Hoskins
Cc: "bind-users@lists.isc.org" ,
"bind-users-bounces+wbrown=e1b@lists.isc.org"
Subject: Re: Distribute named.conf
>Mike wrote on 01/03/2013 02:45:29 PM:
>
>> Thanks for sharing, first
-Original Message-
From: Jan-Piet Mens
Date: Tuesday, January 8, 2013 4:35 PM
To: "bind-users@lists.isc.org"
Subject: Re: gitnamed, a project to manage name server by git
>> GitNamed is a project that manage name server by git. you can clone
>> the git repo to any workstation, edit zone
-Original Message-
From: Daniele
Date: Wednesday, January 9, 2013 9:17 AM
To: "bind-users@lists.isc.org"
Subject: Re: Name resolution fails if not forwarding
>This is the scenario.
>
>I installed BIND9 via `apt-get` on a newly installed UBUNTU 12.04,
>virtualized on VirtualBox.
>The net
-Original Message-
From: Gaurav Kansal
Date: Wednesday, January 9, 2013 12:34 AM
To: Sten Carlsen , "bind-users@lists.isc.org"
Subject: Re: query about EDNS UDP Packet
>Thanks for help.
>My Firewall was dropping packet size larger than 512 bytes.
>Cisco 5580 having ASA 8.3. It is by def
-Original Message-
From: Vernon Schryver
Date: Wednesday, January 16, 2013 5:05 PM
To: "bind-users@lists.isc.org"
Subject: Re: MNAME not a listed NS record
>> From: Dave Warren
>
>> Various online DNS diagnostic tools throw warnings,
>
>Speaking of so called DNS diagnostic tools, one c
-Original Message-
From: Alan Batie
Date: Thursday, January 17, 2013 1:52 PM
To: "bind-users@lists.isc.org"
Subject: Re: what do you use for logging?
>On 1/17/13 10:48 AM, Jan-Piet Mens wrote:
>
>>> By the way, all of the BIND10 logging
>>> messages are unique and we provide a paragraph
-Original Message-
From: Timothe Litt
Date: Friday, January 25, 2013 6:13 PM
To: "bind-users@lists.isc.org"
Subject: Re: BIND 9.9.3b1 is now available
>On 25-Jan-13 17:32, Michael McNally wrote:
>> BIND 9.9.3b1 is the first beta release of BIND 9.9.3.
>>
>> Makes available a new X
Note: Removing cross-post, but feel free to forward.
-Original Message-
From: Nick Urbanik
Date: Tuesday, February 12, 2013 10:00 PM
To: "keepalived-de...@lists.sourceforge.net"
, "bind-users@lists.isc.org"
Subject: Slaving from DNS masters behind LVS
>Dear Folks,
>
>We have a pair of
-Original Message-
From: Robert Moskowitz
Date: Wednesday, February 13, 2013 10:53 AM
To: "bind-users@lists.isc.org"
Subject: chroot/etc/named/ directory?
>I am upgrading my server from bind-9.3.6 via Centos 5.5 to 9.8.2 in
>Centos 6.3.
>
>I have and will run bind chrooted and on my tes
-Original Message-
From: Robert Moskowitz
Date: Wednesday, February 13, 2013 2:15 PM
To: Mike Hoskins
Cc: "bind-users@lists.isc.org"
Subject: Re: chroot/etc/named/ directory?
>>Having said all that, you might search the archives (SRPMS have been
>> provided by community members) or oth
-Original Message-
From: Jan-Piet Mens
Date: Friday, February 15, 2013 12:57 AM
To: "bind-users@lists.isc.org"
Subject: BIND9 statistics-server: JSON?
>As a fan of BIND's statistics-server I was tempted to see if I could
>reduce the size of the data (XML) named produces by adding an opt
-Original Message-
From: Robert Moskowitz
Date: Friday, February 15, 2013 1:33 PM
To: "bind-users@lists.isc.org"
Subject: Randoming ports and firewall rules
>So it is past time for me to only use port 53 and support port
>randomization. But I do run iptables (and ip6tables) and the ser
-Original Message-
From: Jsilliman
Date: Wednesday, February 20, 2013 1:57 PM
To: Alan Clegg
Cc: "bind-users@lists.isc.org"
Subject: Re: Cannot create A record issue
>Ubuntu does not use that:
>
>root@:/etc/bind# cat /etc/resolv.conf
># Dynamic resolv.conf(5) file for glibc res
-Original Message-
From: Robert Moskowitz
Date: Thursday, February 21, 2013 12:53 PM
To: Vernon Schryver
Cc: "bind-users@lists.isc.org"
Subject: Re: allow-query and views
>Whow... This is news. A hidden view? Where is this documented. I
>have no restrictions in my general options s
-Original Message-
From: Sowmya Manjanatha
Date: Thursday, February 21, 2013 1:11 PM
To: "bind-users@lists.isc.org"
Subject: Re: BIND master , Windows 2008 stub zone not transferring
>Well, I have a stub zone on Windows 2008 server set-up to use two
>different BIND server as its list of
-Original Message-
From: Shawn Bakhtiar
Date: Friday, February 22, 2013 12:06 AM
To: "bind-users@lists.isc.org"
Subject: RE: Registrar that supports self-run domains and provides
DNSSEC support
>2) We don't buy or maintain street addresses from a for profit company,
>why should domain
-Original Message-
From: Kevin Darcy
Date: Monday, April 1, 2013 2:46 PM
To: "bind-users@lists.isc.org"
Subject: Re: Forward First on Master Zone (bypass SOA)
>On 3/29/2013 12:09 AM, Doug Barton wrote:
>> On 03/28/2013 12:28 PM, Ben-Eliezer, Tal (ITS) wrote:
>>> My organization is evalu
-Original Message-
From: Chris Thompson
Date: Friday, April 5, 2013 3:10 PM
To: Bind Users Mailing List
Subject: Re: Simple question about zone and CNAME
>On Apr 5 2013, John Wobus wrote:
>
>>> DNAME?
>>
>>Or SRV records. Surely browsers are adding support
>>in the next day or two?
>
-Original Message-
From: Doug Barton
Date: Saturday, April 13, 2013 12:34 AM
To: "bind-users@lists.isc.org"
Subject: Re: ANNOUNCEMENT: New BIND versions are available.
>Michael,
>
>Thanks for this announcement, and a welcome change.
>
>Given the following:
>
>1. bind-announce is very l
-Original Message-
From: Chu Ha Khanh
Date: Tuesday, April 16, 2013 10:25 PM
To: 'Jaco Lesch'
Cc: "bind-users@lists.isc.org"
Subject: RE: Caching server - named process is limit at 500MB
>Hi,
>
>How to check 64 bit version of bind?
>
>I often download source code from isc.org and com
-Original Message-
From: Jeremy P
Date: Wednesday, May 8, 2013 1:33 PM
To: Steven Carr
Cc: bind-users
Subject: Re: architecture question
>I understand letter of the law, spirit of the law and playing it safe to
>avoid headaches.
>
>However, there are times where registering a real doma
-Original Message-
From: Jonathan Reed
Date: Wednesday, May 8, 2013 4:38 PM
To: Jeremy P
Cc: bind-users
Subject: Re: architecture question
>It would be a waste of money as their systems never leave the local
>network, except through a NAT connection.
>
>Godaddy is selling .coms for $0.
-Original Message-
From: Tony Finch
Date: Thursday, May 9, 2013 11:01 AM
To: Matus UHLAR - fantomas
Cc: "bind-users@lists.isc.org"
Subject: Re: architecture question
>Matus UHLAR - fantomas wrote:
>> On 09.05.13 10:21, Tony Finch wrote:
>> > Right. Give each student a subdomain of som
-Original Message-
From: Narcis Garcia
Date: Wednesday, June 5, 2013 12:43 PM
To: "bind-users@lists.isc.org"
Subject: This list's prefix
>It's not the only mailing list where I'm subscribed.
>Could please the administrator setup a prefix for messages' subject?
>
>For example:
>[bind-u]
-Original Message-
From: Narcis Garcia
Date: Wednesday, June 5, 2013 1:02 PM
To: "bind-users@lists.isc.org"
Subject: Re: This list's prefix
>Somebody has answered me privately and didn't realized until I've
>checked all details of each message. I've been near to respond to the
>list abo
-Original Message-
From: Warren Kumari
Date: Wednesday, June 5, 2013 1:46 PM
To: Narcis Garcia
Cc: "bind-users@lists.isc.org"
Subject: Re: This list's prefix
>--
>Curse the dark, or light a match. You decide, it's your dark.
>-- Valdis Kletnieks
Very appropriate!
-Original Message-
From: "Elmar K. Bins"
Organization: unorganized since 1789
Date: Thursday, June 6, 2013 6:18 AM
To: "bind-users@lists.isc.org"
Subject: Re: This list's prefix
>s...@resistor.net (SM) wrote:
>
>> >And the 100-dollar-question is: How do you remove them on outgoing
>>mai
-Original Message-
From: Gaurav Kansal
Date: Monday, June 17, 2013 3:27 AM
To: "bind-users@lists.isc.org"
Subject: Health Check feature in BIND ?
>Dear All,
>
>I was just thinking whether it is possible to have a some type of health
>checking of servers through BIND DNS Server and DNS
-Original Message-
From: "", "P.Eng."
Date: Monday, June 17, 2013 2:55 PM
To: Gaurav Kansal
Cc: "bind-users@lists.isc.org"
Subject: Re: Health Check feature in BIND ?
>- Original Message -
>> Dear All,
>>
>> I was just thinking whether it is possible to have a some type of
>>
i'm probably the last to notice, but first...good work on the site
redesign. nice and clean.
generating a new internal package for 9.9.3, and going through the
site/request form i get directed here:
http://www.isc.org/wp-content/plugins/email-before-download/download.php?dl
=7a5b7f9dbac01f45b0f
fwd to spare the list further responses :-)
-Original Message-
From: Mike Hoskins
Date: Monday, June 24, 2013 4:59 PM
To: "sgra...@isc.org"
Subject: Re: 9.9.3-P2
>-Original Message-
>
>From: Sue Graves
>Organization: Internet Systems Consortium
>Reply-To: "sgra...@isc.org"
>D
-Original Message-
From: Dennis Clarke
Date: Friday, June 28, 2013 11:43 AM
To: "bind-users@lists.isc.org"
Subject: sockmgr 1005a1080: unexpected POLL timeout
>
>I have a recent build of BIND 9.9.3-P1 and after bringing up the service
>on a
>Solaris 10 server I begin to see many log en
-Original Message-
From: Shawn Bakhtiar
Date: Wednesday, July 3, 2013 12:15 PM
To: "bind-us...@isc.org"
Subject: RE: configure syslog prefix
>hhhmmm
>
>I have not run multiple binds on the same box, but according to the man
>pages for named.conf (assuming you have a different config
-Original Message-
From: , Ryan
Date: Wednesday, July 3, 2013 12:38 PM
To: Matus UHLAR - fantomas
Cc: "bind-users@lists.isc.org"
Subject: Re: BIND Service Hung
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>On 07/03/2013 05:09 AM, Matus UHLAR - fantomas wrote:
>> On 03.07.13 09:33,
-Original Message-
From: Nidal Shater
Date: Wednesday, August 21, 2013 4:27 PM
To: "bind-users@lists.isc.org"
Subject: The Path of source code
>I have installed BIND by using the command " yum install bind" in
>"centos6.3",what is the location(path) of the source code and espically
>t
-Original Message-
From: Nidal Shater
Date: Tuesday, August 27, 2013 12:02 PM
To: "bind-users@lists.isc.org"
Subject: /etc/named.conf won't be installed !!
>hi
>when I install BIND,,,BIND won't install the /etc/named.conf file why ???
>I think bind has problems with centos6.3
>could an
-Original Message-
From: Nidal Shater
Date: Wednesday, August 28, 2013 5:35 PM
To: "bind-users@lists.isc.org"
Subject: the location of dig and named
>when I typed dig or named ,,, what is the location of the executable
>program dig and named is ?
It will vary by platform, and you can
-Original Message-
From: /dev/rob0
Organization: RTFM
Reply-To: "bind-users@lists.isc.org"
Date: Tuesday, September 3, 2013 5:17 PM
To: "bind-users@lists.isc.org"
Subject: Re: detect if zone/s is frozen
>On Tue, Sep 03, 2013 at 12:31:08PM -0700, Justin T Pryzby wrote:
>> Is there a nic
-Original Message-
From: Tony Finch
Date: Wednesday, September 4, 2013 4:50 AM
To: Mike Hoskins
Cc: "bind-users@lists.isc.org"
Subject: Re: detect if zone/s is frozen
>Mike Hoskins (michoski) wrote:
>> /dev/rob0 wrote:
>> >
>> >I would suggest t
-Original Message-
From: "", "P.Eng."
Date: Wednesday, September 18, 2013 10:08 AM
To: bind-users
Subject: filter--on-v4
>I finally turned this feature on when I built bind-9.9.3-P2
>
>Had only gotten the occasional user complaints that some browser/client
>tries to connect to IPv6
While I mostly agree, simply doing a 'yum update' against the CentOS repos
will pull you up to 5.9...which isn't really old, it was released around
the same time as 6.4. Then at least your base OS is up to date, and you
don't have to use the community RPMs. You can build from source, generate
you
-Original Message-
From: Alan Clegg
Date: Tuesday, October 22, 2013 7:44 AM
To: "bind-users@lists.isc.org"
Subject: Re: Performance Tuning RHEL 5 and Bind
>On Oct 21, 2013, at 9:47 AM, wbr...@e1b.org wrote:
>
>>> From: Alan Clegg
>>
>>> Fix your windows clients.
>>
>> You can't fix s
-Original Message-
From: Matus UHLAR - fantomas
Date: Thursday, October 31, 2013 7:49 AM
To: "bind-users@lists.isc.org"
Subject: Re: [External] Re: intermittent resolution
>On 30.10.13 21:58, Samp, Daniel [USA] wrote:
>>In the past when I've had issues with certain .gov sites (e.g. noa
Hi folks,
Quick question on xml stats... I've used the new style statistics for
monitoring, etc. and find it really useful as I'm sure many do. One of
the things I'm working on is moving to collectd vs remote polling, and the
bind plugin seems to require v2 vs v3 xml schema (my first guess, sin
-Original Message-
From: Mike Hoskins
Date: Saturday, November 2, 2013 1:31 PM
To: "bind-users@lists.isc.org"
Subject: xml stats question
>Hi folks,
>
>Quick question on xml stats... I've used the new style statistics for
>monitoring, etc. and find it really useful as I'm sure many do.
-Original Message-
From: Alan Clegg
Date: Tuesday, November 5, 2013 9:28 PM
To: "bind-users@lists.isc.org"
Subject: Re: Bind server crashing (lots of EAGAIN, ENOENT, ...). With
strace log.
>
>On Nov 5, 2013, at 7:31 AM, K L wrote:
>
>> Here is a strace log from when it happens:
>>
-Original Message-
From: Birta Levente
Date: Wednesday, November 13, 2013 3:29 PM
To: "bind-users@lists.isc.org"
Subject: logging query time
>Hi
>
>I have a caching nameserver (bind 9.8.2) and I curious if I can log the
>duration of queries to the forwarders?
not that i know of easily (
-Original Message-
From: Listas
Date: Thursday, November 14, 2013 12:57 PM
To: "bind-users@lists.isc.org"
Subject: Size boundaries for zones of IPv6 rDNS
>Hi!
>
>Are there size limits for zones of IPv6 reverse DNS ?
>
>For example, is this a valid zone?
>
>5.a.8.3.4.f.3.0.c.a.d.f.ip6.arp
-Original Message-
From: Blake Hudson
Date: Wednesday, November 20, 2013 11:03 AM
To: "bind-users@lists.isc.org"
Subject: Re: RHEL 6 CPU load
>Daniel, what do you see the load as? I see 4.6% CPU usage (100% possible
>- 95.4% idle).
Wondering the same. Don't consider 0.00 high load. ;
-Original Message-
From: Bob McDonald
Date: Wednesday, December 11, 2013 7:10 AM
To: "bind-users@lists.isc.org"
Subject: Delegation and Forwarding
>I'm a bit confused on the need for a blank forwarders statement inside of
>a zone statement in the named.conf file. Given an internal zone
-Original Message-
From: Warren Kumari
Date: Friday, December 20, 2013 12:15 PM
To: "bind-users@lists.isc.org"
Subject: Re: Adding DS records
>On Dec 20, 2013, at 10:38 AM, /dev/rob0 wrote:
>
>> On Fri, Dec 20, 2013 at 10:04:59AM -0500, Thomas Schulz wrote:
>>> Has anyone been able to g
Good call out. I'd always enabled empty-zones so didn't get bit by that,
but do think the move to 9.9 is when masterfile-format bit some. Not a
big deal if you're aware of it.Other than that the upgrade as quick
and painless. I would suggest testing the upgrade on a VM or somewhere
first...a
-Original Message-
From: Mike Bernhardt
Date: Thursday, January 16, 2014 4:09 PM
To: "bind-users@lists.isc.org"
Subject: RE: Upgrading from 9.8.3 to 9.9.4
>Sorry for the double post, but I forgot to ask this:
>And if it is indeed enabled regardless of my RFC1918 ranges, I would
>imagine
-Original Message-
From: Mike Bernhardt
Date: Wednesday, January 22, 2014 at 3:25 PM
To: "'Lawrence K. Chen, P.Eng.'" ,
"bind-users@lists.isc.org"
Subject: RE: Upgrading from 9.8.3 to 9.9.4
>Thanks for that. I just remembered there was also the change to the db
>file
>having a default ra
-Original Message-
From: Thomas Schulz
Date: Thursday, January 23, 2014 at 9:50 AM
To: "bind-users@lists.isc.org"
Subject: RE: Upgrading from 9.8.3 to 9.9.4
>> I just remembered there was also the change to the db file
>> having a default raw format on slaves unless specified.
>
>Interes
From: , Frank
Date: Wednesday, February 19, 2014 at 12:41 PM
To: "bind-users@lists.isc.org"
Subject: Difference between BIND 9.8 and 9.9
>Hello
>
>is there a link to a documentation that lists the main differences
>between BIND 9.8 and 9.9 ?
>
>I would like to read it before swiching from 9.
Hi Jason,
I've experienced similar things in the past on 9.8. Since then we've
moved to the latest 9.9, but don't think this is at all version specific
(that said, you could obviously try upgrading). I don't have an exact
solution for you, but some ideas of things to check and personal
experienc
In the past when doing this with Cisco GSS I followed Akamai's example,
and had success with stuff like (gdns* were the CSS):
; delegation of gslb.domain.com
$TTL 172800 ; 2 days
gdns1.domain.com. A a.b.c.d
gdns2.domain.com. A e.f.g.h
gdns3.domain.com. A i.j.k.l
g
Cisco (apply liberal amounts of salt considering my FROM) has a product
suite called Prime, one piece of which is CNR (unless it's been renamed
again this week) -- Cisco Network Registrar, which handles the IPAM piece
and has DHCP and DNS components as well. CNR can integrate with BIND (as
well as
-Original Message-
From: Nicholas F Miller
Date: Thursday, June 5, 2014 at 10:25 AM
To: "bind-users@lists.isc.org"
Subject: SPF RR type
>Are SPF RR types finally dead or not? I¹ve read through rfc7208 it
>appears that they are:
>
> "SPF records MUST be published as a DNS TXT (type 16)
-Original Message-
From: Samad Agha
Date: Friday, June 27, 2014 at 1:07 PM
To: "bind-users@lists.isc.org" , DNS BIND
Subject: In BIND 8.2 running on Solaris 8, how to start logging
>Hi All,
>I have two Solaris 8 servers running BIND 8.2. I'd like to retire them
>both and transfer everyth
-Original Message-
From: Asai
Date: Friday, July 11, 2014 at 12:56 PM
To: "bind-users@lists.isc.org"
Subject: Caching Nameserver and BIND RPM Compatibility
>Greetings,
>
>We're setting up caching-nameserver on an existing BIND instance. The
>version of BIND is 9.7. Is there a specific co
-Original Message-
From: Mark Andrews
Date: Friday, July 11, 2014 at 8:41 PM
To: Mike Hoskins
Cc: "bind-users@lists.isc.org"
Subject: Re: Caching Nameserver and BIND RPM Compatibility
>Not every *important* fix is a *security* fix.
>
>OS vendor that just backport security fixes are doin
-Original Message-
From: Gary Wallis
Date: Sunday, July 13, 2014 at 12:11 PM
To: "bind-users@lists.isc.org"
Subject: Public facing authoritative NS all masters
>Hello,
>
>What are the drawbacks, if any, of running only master name servers for
>the set of authoritative NSs?
>
>For example
-Original Message-
From: Matus UHLAR - fantomas
Date: Sunday, July 13, 2014 at 6:24 AM
To: "bind-users@lists.isc.org"
Subject: Re: initial lookup fails every time
>On 12.07.14 01:19, Tony Publiski wrote:
>> I'm hoping someone has seen this before. I'm running a couple of BIND
>> 9.8.2 DN
I haven't used those, but not sure if smokeping's DNS plugin would do what
you want.
-Original Message-
From: Barry Greene
Date: Monday, July 21, 2014 at 11:59 PM
To: "bind-users@lists.isc.org"
Subject: Tools to automatically test the resolution speed ...
>Hi Team,
>
>I'm going to get m
-Original Message-
From: Tony Finch
Date: Friday, August 1, 2014 at 5:31 AM
To: Reindl Harald
Cc: "bind-users@lists.isc.org"
Subject: Re: rndc (and now nsupdate too)
>Reindl Harald wrote:
>> Am 31.07.2014 um 21:08 schrieb /dev/rob0:
>> >
>> > The proper tool to manage zone data is nsup
-Original Message-
From: Reindl Harald
Organization: the lounge interactive design
Date: Friday, August 1, 2014 at 9:23 AM
To: "bind-users@lists.isc.org"
Subject: Re: rndc (and now nsupdate too)
>
>Am 01.08.2014 um 15:14 schrieb Mike Hoskins (michoski):
>> Fro
-Original Message-
From: Evan Hunt
Date: Monday, August 4, 2014 at 1:26 PM
To: John Anderson
Cc: "bind-users@lists.isc.org"
Subject: Re: Metazones or Something Else?
>> So to the best of your knowledge this functionality is still on drawing
>> board, unless implemented out-of-band? (i.
-Original Message-
From: Reindl Harald
Organization: the lounge interactive design
Date: Friday, August 8, 2014 at 6:33 AM
To: "bind-users@lists.isc.org"
Subject: Re: Logs problem with Bind 9.9.4
>so if you have nothing to say go back from where you came
abusive
>why do you reply off-l
Do you guys have max-cache-size set? I didn't see it in the borderworlds
named.conf. I've seen similar growth problems when testing 9.x before
setting that (experiment at the time just to see what would happen, and
confirmed this behavior). Set sensible resource limits based on available
resourc
-Original Message-
From: Thomas Schulz
Date: Friday, September 12, 2014 at 11:47 AM
To: "bind-us...@isc.org"
Subject: Re: bind-9.10.0-P2 memory leak?
>> Mike Hoskins wrote:
>>
>> Do you guys have max-cache-size set? I didn't see it in the
>>borderworlds
>> named.conf. I've seen similar
-Original Message-
From: Doug Barton
Date: Friday, September 12, 2014 at 2:15 PM
To: Mike Hoskins , Thomas Schulz ,
"bind-us...@isc.org"
Subject: Re: bind-9.10.0-P2 memory leak?
>On 9/12/14 11:07 AM, Mike Hoskins (michoski) wrote:
>> I do have a lot of interest in th
-Original Message-
From: Doug Barton
Date: Wednesday, October 1, 2014 at 2:07 PM
To: "bind-users@lists.isc.org"
Subject: Re: Diagnostic help part 2
>On 10/1/14 8:17 AM, Barry Margolin wrote:
>> In article ,
>> Eli Heady wrote:
>>
>>> With response sizes growing (dnssec, ipv6), answers
-Original Message-
From: Dave Sparro
Date: Friday, October 3, 2014 at 1:04 PM
To: "bind-users@lists.isc.org"
Subject: Re: Diagnostic help part 2
>On 10/1/2014 3:45 PM, Tony Finch wrote:
>> (Sorry for straying off topic. I have less experience of Cisco PIX/ASA
>> breaking DNS than of them
For what little it's worth, I've seen this somewhat even on 9.8 (it's not new),
though increasingly on 9.9...not saying it's BIND specific, just that I've hit
these kind of annoyances with remote servers awhile now.
I've tried explaining this on numerous internal email threads, tickets, webex
(
Thanks for digging in so fast. Our mitigation will be sticking to
9.9.6-P1, since we like ESV anyway.
Wanted to point out that (perhaps sadly) this isn't so crazypants...or at
least not uncommon. The *edge* and *aka* references speak Akamai DNS+CDN.
From my last overview, this has gotten cleane
The other thing is, you mention having tried and failed (agreed that isn't a
bad thing, we've all failed countless times and it's how we learn)...how have
you failed?
What I think you'll find is you have a list (many lists and other resources
really) of mentors. BIND much like many other Inter
-Original Message-
From: John
Date: Tuesday, February 10, 2015 at 7:29 PM
To: "bind-users@lists.isc.org"
Subject: SRV records etc
>How useful are SRV records? Are they worth installing? What are their
>benefits, and pitfalls?
>Similar question about HINFO.
In my limited experience, this
The answer is BIND does accept TCP queries by default (it's required to be
RFC compliant), but a lot of times upstream firewalls/ACLs/etc block TCP,
munge UDP packet size, etc... Just firing up BIND with basic
configuration and checking netstat will show you TCP 53 listening. If
it's not working
-Original Message-
From: Reindl Harald
Organization: the lounge interactive design
Date: Wednesday, April 1, 2015 at 2:44 PM
To: "bind-users@lists.isc.org"
Subject: Re: com.google how did they do that
>Am 01.04.2015 um 20:42 schrieb Thomas Schulz:
>> As of the time I am sending this, yo
Another option might be changing 'file' to 'syslog' then using stuff like
":msg, contains, 'skipping nameserver' stop" (or whatever pattern you want
to match) in your rsyslog configuration.
http://www.rsyslog.com/doc/rsyslog_conf_filter.html
-Original Message-
From: Reindl Harald
Organiz
Hi folks,
I've read about RRL with interest since its inception, but just now
getting around to rolling it out. That is partially because we run a very
small authoritative infrastructure serving mostly as Akamai EDNS origins.
However, since it is exposed externally, used by a few tenants and RRL
FWIW as another data point we've seen the same in the wild across
RHEL/CentOS 5.x and 6.x on "large" (32 core) Xeon based servers
(E5-2650's), including 6.6 with the 2.6.32-504.16.2.el6.x86_64 kernel.
Observed while debugging other things, and haven't had time to follow up.
-Original Message--
I'm not sure if BIND has a separate tunable for the "timeout vs true
negative answer" scenario you seem to describe, but have you tried setting
max-ncache-ttl very low to see if it affects this?
On 6/11/15, 9:27 AM, "Gerd v. Egidy" wrote:
>Hi,
>
>I've got a bind running as recursive resolver be
Inline...responding to each of these including Kathy's soon (thanks to the
community for the responses). Following with interest as we've seen this
for awhile, though we are possibly a special case which I'll describe more
in another response.
On 6/18/15, 7:00 AM, "Matus UHLAR - fantomas" wrote
On 6/18/15, 7:09 PM, "Stuart Browne"
wrote:
>Just wondering. You mention you're using RHEL6; are you also getting
>messages in 'dmesg' about connection tracking tables being full? You may
>need some 'NOTRACK' rules in your iptables.
Just following along, for the record... On our side, iptabl
Inline...
On 6/18/15, 9:22 AM, "Cathy Almond" wrote:
>On 18/06/2015 12:00, Matus UHLAR - fantomas wrote:
>> On 17.06.15 22:39, Shawn Zhou wrote:
>>> BIND on my resolvers reaches the max open file limit and I am getting
>>> lots
>>> of SERVFAILs
>>> http://pastebin.com/SxRsHLff
>>
>>> After I i
x27;dmesg' about connection tracking tables being full? You
>>>may
>>>need some 'NOTRACK' rules in your iptables.
>
>On 18.06.15 23:11, Mike Hoskins (michoski) wrote:
>>Just following along, for the record... On our side, iptables is
>>completely
On 6/19/15, 1:16 PM, "bind-users-boun...@lists.isc.org on behalf of Reindl
Harald" wrote:
>Am 19.06.2015 um 18:44 schrieb Mike Hoskins (michoski):
>> I suppose the only way to avoid any "intermediate" firewalls would be to
>> place everything you run on a LA
On 6/19/15, 4:07 PM, "bind-users-boun...@lists.isc.org on behalf of
/dev/rob0"
wrote:
>On Fri, Jun 19, 2015 at 02:55:23PM -0500, I wrote:
>> On Thu, Jun 18, 2015 at 11:11:16PM +,
>> Mike Hoskins (michoski) wrote:
>snip
>> Note that connection tracking
DNS and BIND is the de facto standard:
http://shop.oreilly.com/product/9780596100575.do
Getting stale, but some good info:
https://www.cymru.com/Documents/secure-bind-template.html
Good reference:
http://www.zytrax.com/books/dns/
...and of course the ARM for your BIND version:
https://kb.isc
On 8/24/15, 6:40 AM, "bind-users-boun...@lists.isc.org on behalf of Reindl
Harald" wrote:
>
>Am 24.08.2015 um 12:29 schrieb Ken Peng:
>> I know it's DNS as a service.
>> But what's the standard? how to implement it?
>
>it's just a buzzword for DNS hosting
You could also say "SaaS" is just a buz
Few points for clarification:
With rhel/centos you're not getting the major version as reported. You
need to look at the changlog for the package to see what fixes/features
have been backported. That effort including associated QA is part of what
you're paying for with rhel or getting for free a
On 9/4/15, 1:12 PM, "bind-users-boun...@lists.isc.org on behalf of
/dev/rob0"
wrote:
>On Thu, Sep 03, 2015 at 11:02:23PM +0200, Reindl Harald wrote:
>> Am 03.09.2015 um 22:59 schrieb Robert Moskowitz:
>> >On 09/03/2015 04:35 PM, Leandro wrote:
>> >>Ok ...
>> >>I got BIND 9.10.2-P3 working.
>> >
1 - 100 of 108 matches
Mail list logo
