ina.naguib.ca/blog/2012/10/22/the-little-ssh-that-sometimes-couldnt.html
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ns2.msft.net.
outlook.com.172800 IN NS ns4.msft.net.
outlook.com.172800 IN NS ns1.msft.net.
outlook.com.172800 IN NS ns3.msft.net.
--
Robert Edmonds
___
Please visit https://lists.i
mmunity.
+1
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ting
output for messages having a 'query_zone' field set to the root label,
which is a little less awkward and more future-proof than enumerating
all of the root server addresses.
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/l
in DNS tree order, or could it be
convinced to follow the LRU order?
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
vice Switch (NSS). Static linking of glibc is
not supported on Red Hat Enterprise Linux, but the potential
breakage is nevertheless a reason to minimize changes in this area.
[...]
--
Robert Edmonds
___
Please visit https://lists.isc.o
fy(0, "READY=1");'
once the daemon is ready to accept requests.
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Tony Finch wrote:
> Phil Mayers wrote:
> >
> > What is considered the source of the ownername for, say, "com."?
>
> It should be the root zone master file.
Why not the com zone master file?
--
Robert Edmonds
___
Ple
e, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
How does ISC then both a) Merge this contribution into the BIND
mainline, and b) Sell a "pay for exception" version of BIND containing
this contribution?
--
Rob
9.11.0 alpha releases). We do have some pending
> patches that were submitted before this change that have not been integrated.
> I don’t think any of those are significant, but perhaps we should not
> integrate them unless/until we confirm that they are ok with the new license
> an
s or making static PTR-entries? How does other
> companies handle this issue?
A very popular option is to only create or delegate IPv6 PTR entries for
hosts with static address assignments, and to return NXDOMAIN for
address space used for dynamic address assignm
n
templates in your nameserver. Knot DNS's "minimal viable product"
implementation is ~300 SLOC and uses a hardcoded template.
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from th
re).
But I don't see how you get from those marginal benefits to: DNS should
have had regex-driven template engines (!) in authoritative nameservers
from the beginning.
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/list
ations that use NAPTR. For DNS servers, NAPTR is
> just a record it handles the way it does any other normal record, like
> A or HINFO.
Or the URI RR, which requires authoritative nameservers to know
absolutely nothing about the encoding of URIs.
--
Robert Edmonds
_
is here:
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=9a36fb86f5019f25705d25ea729d03fcf8ecaa95
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users m
is maintained by Farsight Security
(https://www.farsightsecurity.com/) and the source code is available on
GitHub:
https://github.com/farsightsec/fstrm
--
Robert Edmonds
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
bility to perform privileged binds at
runtime. Or you could eliminate CAP_SYS_CHROOT and use other systemd
functionality to make parts of the filesystem inaccessible, etc.) This
pattern might be a bit hard to retrofit into BIND at this point, though,
other than by adding more knobs.
--
Robert Edmond
unctions from from
libresolv in version GLIBC_2.9.
[...]
See the resolver(3) manpage, which is probably in the manpages-dev
package on Ubuntu 14.
This is unrelated to libbind9, which is a different API.
--
Robert Edmonds
___
Please visit https://list
Ronald F. Guilmette wrote:
> In message <20180320193041.d2bwvgkgyvqem...@mycre.ws>,
> Robert Edmonds wrote:
>
> >For glibc versions that are less than about ten years old, these should
> >be available in libresolv, which is part of glibc.
>
> Thanks Robert!
bly have been named
libbind9-dev. It's unrelated to the original "libbind"
(https://www.isc.org/downloads/libbind/).
However, note that there's also a proposal to get rid of the public
BIND9 libraries and turn these into private APIs:
https://gitlab.isc.org/isc-projects/bi
also shipped a copy of
the old BIND4/8 "libbind" resolver (configure --enable-libbind). At
which point it was split out into a separate tarball distribution
(https://ftp.isc.org/isc/libbind/) and given the arbitrary version
number 6.0.
--
Robert Edmonds
Ronald F. Guilmette wrote:
> In message <20180320205558.23ld7b2orcfky...@mycre.ws>,
> Robert Edmonds wrote:
>
> >Rick Dicaire wrote:
> >> For libbind9, https://packages.ubuntu.com/trusty/libbind9-90
> >
> >You would also need the ".so" symlin
ing something that hooks into the
> network IO layer.
>
> If you want to record other kinds of messages (UPDATE, NOTIFY, etc.) it
> would probably be best to extend the dnstap `Type` enum, and add
> corresponding dns_dt_send() calls to BIND's code. But you should check
> with R
t of the
> standard BIND dnstap support? If not, I will gladly contribute my change to
> the ISC.
>
> Regards,
> Greg
I can't think of any reason not to have support for dnstap logging of
UPDATEs on the server side in BIND. It just wasn't a focus for the
original dnstap desi
> # 8.8.4.4 port 853 tls google-tls;
>
> };
>
>
>
> forward only;
>
>
>
> allow-transfer { none; };
>
>
>
> dnssec-validation auto;
>
>
>
> listen-on port 443 tls router1-tls http default { trus
25 matches
Mail list logo
