Hi,running latest upstream version first might save you some time, it’s this:named can create unrecoverable managed-keys.jnl file (#2895) · Issues · ISC Open Source Projects / BIND · GitLabgitlab.isc.orgOndrej--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different
Hi Bob,
no manually configured bind.keys file is needed. Just don't provide one and
correct compiled-in
defaults will be used.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your n
also enable the warning in BIND 9.18 to notify users
that skip versions.
3. BIND 9.22 will be release in early 2026
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
tements as whole:
- `dscp`
We plan to mark the options as deprecated in BIND 9.16 and 9.18 and remove it
in BIND 9.20 because it's already non-operational.
Cheers,
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated t
> On 5. 1. 2023, at 14:46, Robert M. Stockmann wrote:
>
> On Thu, 5 Jan 2023, [utf-8] Ondřej Surý wrote:
>
>> There's an alternative plan that would include re-implementing the
>> functionality, but there would have to be strong user case behind the
>> wor
It's generally better to pull the server statistics via statistics channel via
XML or JSON that can be directly parsed by many commonly available libraries
and tools.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not
n and perhaps something will stand out
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe fr
Hi,
Yes, it is.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 27. 1. 2023, at 19:07, Elias Pereira wrote:
>
>
> hi,
>
> Is this doc
k yourself, or paying somebody for doing
the work for you. That's where the open-source model shines.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
--
Visit ht
Hi,
it might seem like we do practice black magic, but we really don’t. Thus we
can’t really help if you don’t provide more details like the content of the
file, the source of the package(s), and the version of the package(s).
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your
Those are maintained by Ubuntu, not ISC, so you need to contact them.
Or you can use packages provided by ISC:
https://kb.isc.org/docs/isc-packages-for-bind-9
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply
Why so complicated? Stop the secondary, purge the zone files and journal, and start the secondary. The zones will get retransfered as there’s no state now.--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal
needs to be put in place. And it’s something you don’t really do on a daily basis.Ondrej--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 17. 2. 2023, at 20:34, John Thurston wrote
Tom,
the ADB (Address DataBase) responsible for caching the delegations had been
heavily refactoring in 9.19 branch, I think the best course of action would be
to
fill a GitLab issue with the description, so we can follow-up there.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours
://gitlab.isc.org/isc-projects/bind9/-/issues/3905
Thanks.
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubs
rewrite the destination
addresses from the AnyIP range to single local address (DNAT) or if you are
feeling really fancy I think this could be also accomplished with an eBPF rule.
Ondrej
1. Or implement an extra logic to see whether the bound interface is
"wildcard" or not.
--
Ondřej Su
xternal * CNAME;
};
e.g. you need to quote the path.
The documentation is silent on NAME field, but I would suggest using either *
or . as placeholder.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to rep
> I am not sure how to start debugging this. Can anyone help?
Well, start with sharing as much details as you can. It’s hard to tell what you
are doing from a single configuration line.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do
Hi,
look for break-dnssec in
https://bind9.readthedocs.io/en/stable/reference.html#response-policy-zone-rpz-rewriting
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 22
#x27;s something that's impossible to answer without seeing the full
configuration (named-checkconf -px).
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
--
Visit h
or use ISC BIND 9 packages,
I would recommend upgrading straight to the latest BIND 9.18 (with proper
testing, etc..).
The packages are available from:
https://www.isc.org/download/
(See the paragraph just above the table.)
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and
jects/bind9/-/issues/3953
1. https://en.wikipedia.org/wiki/Site_Finder
2. https://circleid.com/posts/the_name_domain_disrupted_by_site_finder_patch
3.
https://www.afnic.fr/en/observatory-and-resources/news/warning-for-bind-and-delegation-only-users/
Ondřej
--
Ondřej Surý (He/Him)
ond...@isc.or
> On 23. 3. 2023, at 17:57, Matus UHLAR - fantomas wrote:
>
> On 22.03.23 17:36, Ondřej Surý wrote:
>> in line with our deprecation policy, I am notifying the mailing list about
>> our intent
>> to deprecated the delegation-only and root-delegation-only options. Thi
that includes all the
bugfixes and security fixes is BIND 9.16.39, but our general recommendation is
to upgrade to latest 9.18 version (9.18.13 as of now).
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply ou
> On 24. 3. 2023, at 14:36, Klaus Darilion via bind-users
> wrote:
>
> Is there some rate liming in Bind?
https://bind9.readthedocs.io/en/stable/reference.html#namedconf-statement-notify-rate
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may
hardware compatibility than Debian’s armhf
was wrong, so you need to be careful.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 25. 3. 2023, at 3:37, Andrew P. wr
More likely, it’s a malware used to do a targeted attack rather than insecure
routers.
Also why not both? ;)
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 28
-policy on qname-wait-recurse and break-dnssec to turn off the default behavior.Ondrej--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 8. 4. 2023, at 16:32, Matthew Gomez wrote:Hi, has
I don’t think we are ever going to implement something like this. This is a
wrong layer to fix this.
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 10. 4. 2023, at 22
9
snapshot provided by your distro.
And while you are at it - upgrade straight to latest 9.18, your experience will
be much
smoother.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your norma
pms/bind/blob/c8s/f/SOURCES
2. https://lists.isc.org/pipermail/bind-announce/2022-March/001210.html
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 17. 4.
ked by the Debian being frozen for the next stable release).
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
--
Visit https://lists.isc.org/mailman/listinfo/bind-us
Hi,
I can confirm that it’s ok to skip 9.16 and go straight to 9.18. There’s no
need for the intermediate step. As usual, it’s recommended to do a test
migration first if you want to be extra careful.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be
,
running `make install V=1` will give you little bit more detail about the
process.
Uploading config.log and providing link to it also help to give us more
information,
so we can help you.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different
Hi,
the bind-9.xx branches are current major.minor tracking branches.
The old CVS-style branches and tags are kept for the moment until
the dust settles and we are sure nothing broke.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please
From top of my head - try disabling QNAME minimization.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 1. 6. 2023, at 16:58, Jesus Cea wrote:
>
the primary NS? You might be able to configure different
ACLs for the allow-notify block and don’t couple the notify-IP with any TSIG
key.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal
wild like proposed round robin across
default routes. That would be a living hell to debug.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 10. 6. 2023, at 18:55, Alessan
The other approach might be the up/down scripts on your ppp connection that
will reconfigure the query-source(-v6) address as the connection is established
or tore down.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated
What does the logs say? Have you checked them?
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 15. 6. 2023, at 15:54, Michael Martinell via bind-users
>
8. Configuration Reference — BIND 9 9.18.13 documentationbind9.readthedocs.ioI would certainly recommend reading the docs… especially the sections on break-dnssec and qname-wait-recurse.--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel
Which would not be a problem. But we can’t help the OP without the config
(named-checkconf -px)
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 22. 6. 2023, at 17:53, Ma
It’s not. TL;DR use dnssec-policy.
The more elaborate version of the TL;DR can be found in the DNSSEC Guide here:
https://bind9.readthedocs.io/en/v9.18.16/dnssec-guide.html
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to
What doesapt-cache policy bind9say?--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 23. 6. 2023, at 21:28, John Thurston wrote:
I have an Ubuntu instance on which I&#
Ubuntu 18.04 is EOL (End of Standard Support), and we don’t publishing packages for distributions without security support. You need to upgrade to Ubuntu 20.04 or Ubuntu 22.04.Ondřej--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated
--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 23. 6. 2023, at 22:20, John Thurston wrote:
Welp, there I have it. I thought I had until April 2028 :(
Sorry for the noise
> On 26. 6. 2023, at 6:04, Randy Bush wrote:
>
> so, for address foux, how do i know if there is one client or more than
> one?
I think you only know that for an established TCP connection. Everything else
could be port reuse.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working ho
erthub.eu/articles/posts/anonymous-help/
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe fro
ddress
mixes things that **are** important to DNS (caches) and those that **aren’t**
important to the DNS. You used that as a strawman argument and that never helps
to have a useful discussion.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Ple
longer needed. :gl:`#3953`
--cut here--
When you are skipping releases and running development release, I would
strongly advise using `named-checkconf` when doing the upgrades.
Ondřej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
, e.g. bind-9.16, bind-9.18
And just for clarity:
3. The default and development branch is called main (this has been true for
quite some time now)
The rest of the branches is various work in progress (as usual).
Cheers,
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working
detailOndřej--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 16. 7. 2023, at 10:25, Greg Choules via bind-users wrote:Real data please:- example queries (genuine, not invented for illustration
.
And I need to mention that ISC provides packages for RHEL and generally
recommends that user use latest upstream version of the BIND 9.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal
The latest BIND 9.16 release is 9.16.42. You either need to upgrade to the
latest release, preferably directly to 9.18.17. Alternatively, you should
contact the supplier who provided you the outdated version.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be
Hi,
it’s hard to help you if you don’t provide your configuration (named-checkconf
-px) and use example.com instead of real domain names. Are even the IP
addresses real?
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
Well, for starters your primaries list 192.168.2.10, but your logs show
connection from 192.168.1.1…
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 31. 7. 2023, at 9
the server, firewall at the provider) might be
blocking DNS queries to the outside world. You should diagnose that - try
sending DNS queries to those addresses by hand and look what’s happening on the
wire (tcpdump, wireshark, etc. are your friends).
Ondřej
--
Ondřej Surý — ISC (He/Him)
My
dig -x 2001:db8::1 also works
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 24. 8. 2023, at 8:49, Jan-Piet Mens wrote:
>
>
>>
>> IPv6 PTR record
1. Using dnssec-must-be-secure option in named.conf will be now a fatal error
In BIND 9.18 and BIND 9.20:
1. Using dnssec-must-be-secure option in named.conf will issue a deprecation
warning
This is tracked under https://gitlab.isc.org/isc-projects/bind9/-/issues/4263
Thanks.
--
Ondřej Surý (He/
The original issue is tracked under:
https://gitlab.isc.org/isc-projects/bind9/-/issues/1759
This is tracked under https://gitlab.isc.org/isc-projects/bind9/-/issues/4311
Cheers,
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not f
Hi Fred,
the Dnstap UDS support is only tangential to this - the support for AF_UNIX is
implemented in the fstrm library
and is outside of the scope for this change.
Ondřej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
it works now.
I can confirm this works in BIND 9.18.17 and higher. And it's absolutely not
BIND 9's fault.
Cheers,
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
Hi John,GitLab is a good place to fill well-defined feature requests.Thanks,--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 21. 9. 2023, at 18:22, John Thurston wrote:
I
need to look
closely when named starts why the zone isn’t loaded.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 5. 10. 2023, at 19:26, William D. Colburn wr
You are using an end-of-life BIND 9 on end-of-life Ubuntu. Start with that…There is no point in debugging a version with unfixed bugs and security vulnerabilities.Ondřej --Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply
Please don’t use Postel’s Law as excuse for implementations that break standards: https://datatracker.ietf.org/doc/html/rfc9413--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 28. 10
abs.ripe.net/author/bert_hubert/introducing-tdns-the-teachable-authoritative-dns-server/
Once you actually grasp how the DNS protocol works, some answers will become
obvious.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obliga
It means something in your network sent a query containing the literal URL
below. The message is just misleading - the resolver tries to do QNAME
minimization on it, it fails, switches to full name which ends with NXDOMAIN
from root.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and
engineering in the first place.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 6. 11. 2023, at 3:04, Prasanna Mathivanan (pmathiva) via bind-users
> wrote:
>
>
properly describe the
communication between those. Logs from the failing servers are absolute
minimum. Perhaps (annotated) tcpdump (wireshark) dumps would be also helpful.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to
are not novel enough to be covered
by Berne conventions, but IANAL, and even if I were, asking three lawyers will
give you five different answers, so it’s better to err on the safe side and use
on the licenses listed in the Debian packaging.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours
Hi,
I directly see missing semicolon in the failed command. Please provide full
unedited log, so we can be sure that the error was not made when redacting the
output.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated
rease security as the user
under named
runs has to have access to the private key data anyway.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 4. 12. 2023, a
I've added a warning to the KB article now. Thanks for reporting this.
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 4. 12. 2023, at 14:45, Gérard Parat
> On 17. 12. 2023, at 8:20, MEjaz via bind-users
> wrote:
>
> Any hint would be highly appreciated..
Paraphrasing: Logs or it didn’t happen…
Always start with logs. The dig output is useless as we can’t possibly know
what is happening inside named on that server.
Ondrej
--
In the commit you referenced:
https://gitlab.isc.org/isc-projects/bind9/-/commit/561a83a29182b00bda9237ae30343d76a68dcdf4#8ec9a00bfd09b3190ac6b22251dbb1aa95a0579d_147_147
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to
-build.htmlAre you really complaining about the lack of handholding because you want to build the documentation yourself and just can’t download it? Because it really seems like the case here.Ondrej--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel
You need to use rpath to build the libraries that are not in the places where
dynamic linker can find them. This will solve your issue.
But RHEL 6? What’s the point of pretending you are running on old system when
everything you run is new?
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working
container (on RHEL 6) using a still-maintained
distribution, where you don’t have to self-watch the required upgrades for all
the dependencies (libuv, OpenSSL, and others…)
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to
./autogen.sh && \
./configure --prefix="$PREFIX" && \
make -j && \
make install
)
# userspace-rcu
(cd userspace-rcu && \
git clean -xdf && \
git reset --hard HEAD && \
./bootstrap
2NvbQAAAQAB'
should work if I am reading the curl man page correctly (I don't have bind with
doh no-tls here)
dig +http-plain @172.23.0.2
will definitely work.
Ondřej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
o
at's really not needed. The HTTP/2 library
(libnghttp) doesn't provide HTTP/1.1 implementation,
so we would have to bolt something own for a little gain. And it would increase
an attack surface as it would be yet another protocol
open to the world that can have bugs in it.
Ondřej
--
users regardless what I personally think about DoH/2, DoH/3 or DoQ and whatever
the Big Tech comes next to shave a nanosecond from the latency and pushes onto
the open source developers who are limited on resources and maintain software
that has long history…
Ondrej
--
Ondřej Surý — ISC (He/Hi
No, 9.16 is already in the “security or critical bugfixes only” for two years
(or so). This is a very minor issue on platform that’s being obsoleted. Sorry.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply
Hi,
put a real webserver in front of it. Both Apache and Nginx can work as proxy.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 18. 1. 2024, at 15:12, Eric Dewi
know your legacy platforms better than us. Nothing is
stopping you. But it’s you (the legacy platform backed up by large corporation)
who should carry the costs, not us (the open source with limited resources).
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be
You gave us no details, so we can’t really help you unless you give us more details about what you are trying to achieve and what’s the current architecture.If you want community help you need to be as descriptive as possible, so we don’t have to guess.Ondrej--Ondřej Surý — ISC (He/Him)My working
I would recommend to start with upgrading BIND (9.16.1) to a version:
- that's not 4 years old
- that's not going to be EOL in just couple of weeks
e.g. latest 9.18.x version.
ISC provides PPA for BIND 9.18 here:
https://launchpad.net/~isc/+archive/ubuntu/bind
Ondřej.
--
Ondřej Su
9.18 if that helps.
Alternatively, you can bug Ubuntu to provide you with fixed packages ;). This
whole “we support everything for 10 years” is just a sales pitch, not a
something that can be fulfilled.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different
You both need to stop now.Ondrej--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 11. 2. 2024, at 4:44, Ole Aamot wrote:
On Sun, 2024-02-11 at 01:28 +, Ole Aamot wrote
Folks,
Ole Almot has been removed from the list and banned from re-subscribing.
Sorry it took so long, I wanted to give this a benefit of the doubt.
Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply
Yes, that's normal and expected. The server would not know if the zone is
delegated
to it or not, so it responds to queries for zones that are hosted (configured)
on that server.
Ondřej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Plea
Hey,
could you run the other server manually with same configuration but on a
different port and enable -d 99 on a command line? That could give some hints.
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside
Carsten, could you please fill a feature request in the GitLab?
Thanks,
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal working hours.
> On 27. 2. 2024, at 16:06, Carsten Strotmann via bind-us
How does that actually help with anything? The DNS traffic is not one way, but two way and unless everyone is setting DSCP on the DNS messages the incoming DNS messages will have same priority as incoming FTP traffic (to use your example).Ondrej--Ondřej Surý — ISC (He/Him)My working hours and your
that? And if yes, what are
the use cases?
I think BIND is the only server that actually supports this, so it doesn't feel
like the DNS can't function without it.
Thanks,
Ondřej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Ple
ful to imply
that we do things just because "we know better" (paraphrasing).
1. https://en.wikipedia.org/wiki/Katamari_Damacy
Ondřej
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal
s in the DNS messages, it needs to
be reported as a bug to the respective vendor.
They will be deprecated as of BIND 9.20 and removed in BIND 9.22.
Cheers,
--
Ondřej Surý (He/Him)
ond...@isc.org
My working hours and your working hours may be different. Please do not feel
obligated to reply out
This is usually a symptom of child NS being broken. It works with empty cache
because of the NS records in parent work, but then child NS take over and boom!
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside
, you have the
number that can be used, but here’s the blogpost for reference:
https://www.isc.org/blogs/2024-bind-security-release/
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel
obligated to reply outside your normal wo
1 - 100 of 592 matches
Mail list logo
