Re: servfail response message question

I took out the ipv6 info in the zone DB file for this to work. I added it back into the file and it worked and then three queries later it gave the servfail response. It doesn't like the record. Thank you, Ryan On Jun 25, 2013, at 8:42 PM, Mark Andrews wrote: > >

Re: dns_zones_check

sting. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/EI-Academic Svcs. - ADMC 450, Newark -BEGIN PGP SIGNATURE- Version: GnuPG v1.

Re: Moving DNS out of non-cooperative provider

the ttl's timeout, resolvers with the old nameservers cached > will still query them. Once the ttl's time out the new servers will > be queried. > > Hope this helps, Incidentally I use NameCheap as a registrar, and have noted that their help pages are pretty easy to understa

Re: Sunos 5.8 Error:EDNS not supported by your namesever

t; the >>>> EDNS0,</div><div><br></div><div&= >>>> gt;Where do I find this EDNS statem=3D > ent in >>>> Sunos</div><div><br><br><div >>>> class= =3D3D"gmail_quote">On Wed, Se

Re: Sunos 5.8 Error:EDNS not supported by your namesever

ugh... > > - Kevin ___ Please > visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users - -- - _

Re: Error Resolving / EDNS

3676]: command > channel listening on ::1#953 Sep 19 15:22:13 PROD55-DNS2 > named[3676]: the working directory is not writable - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med.

Re: Disable log message

While I can see maybe not being interested, caring enough to supress it has me curious. - Original Message - From: Alan Clegg [mailto:a...@clegg.com] Sent: Friday, October 19, 2012 06:13 PM To: bind-us...@isc.org Subject: Re: Disable log message On Oct 18, 2012, at 1:13 PM, Chris Th

Re: Disable log message

I think many of us were just curious why someone would even think to disable it. Would be great if you could indulge (maybe something we've not thought of). - Original Message - From: Jack Tavares [mailto:j.tava...@f5.com] Sent: Sunday, October 21, 2012 06:03 PM To: c...@cam.ac.uk ; bi

Re: User wanting to use a .local domain to host DNS

microsoft.com/kb/296250 > > Tony. I do this at home with bind on Linux, except I use .localdomain instead of .local. It doesn't seem to treat it any differently than anything else, and since this is just one DNS server servicing a NAT'd network, nothing strange really CAN happ

Re: User wanting to use a .local domain to host DNS

It is? I always see localhost.localdomain when it's spelled out completely. I've never seen anything .localhost (and then my guess is that if it is, it's not meant to be used except for one host by itself). - Original Message - From: John Miller [mailto:johnm...@brandeis.edu] Sent: We

Re: User wanting to use a .local domain to host DNS

tem. Not that I think that I'm doing this (and as I'd said, the only place I use this is at home on a NAT'd network where there is no public DNS at all), but what are some common ways to let this happen if you happen to know? - -- - _ _ _ _ ___

Re: User wanting to use a .local domain to host DNS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/15/2012 11:36 AM, btb wrote: > On 2012.11.15 10.14, Novosielski, Ryan wrote: >>> Failing to operate a private TLD correctly is causing internal >>> data leaking to the Internet, which could be a security risk >>> b

Find all authoritative domains for a nameserver?

ging for failed queries to the nameservers. I guess that would be one way to tell when someone has made us authoritative for a domain but not had us create a zone file, but is there a way to get a list somehow? Thanks. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan N

Re: Find all authoritative domains for a nameserver?

u will at > least get notified when they register new top-level domains. Yeah, and at lesat that is now the case, that just doesn't help with the misdeeds of the past. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| |

Re: Find all authoritative domains for a nameserver?

kfully, spambots seem to do this quite a lot, and manage to > find "new" domains at an alarming pace. Thanks, that's about what I'd expected to hear. Luckily what you've said is true (I get hundreds of queries for umdnj.org for example) and the problem isn't actually a s

Re: Can we load balance traf[f]ic for CNAME records?

Won't the DNS server randomly report the the defined IP addresses? - Original Message - From: Barry Margolin [mailto:bar...@alum.mit.edu] Sent: Friday, December 14, 2012 10:49 AM To: comp-protocols-dns-b...@isc.org Subject: Re: Can we load balance traf[f]ic for CNAME records? In articl

Re: Registrar that supports self-run domains and provides DNSSEC support

I personally like NameCheap. Cheap, and good documentation (that you can use even if you go with someone else). - Original Message - From: Robert Moskowitz [mailto:r...@htt-consult.com] Sent: Monday, February 18, 2013 03:32 PM To: bind-users@lists.isc.org Subject: Registrar that suppo

Re: Registrar that supports self-run domains and provides DNSSEC support

Could we knock off the politics please? I view the recent few posts as ignorant nonsense (complete with poor spelling AND Ayn Rand -- a twofer!), but I'm not inclined to take us further off topic by responding to it. From: Shawn Bakhtiar [mailto:shashan...@hotmail.com] Sent: Friday, February 2

Can two views be layered?

Hi all. Running BIND 9.6 I believe it is. Not important what version as if there is a version that can do this and I'm not running it, I can go there. Is it possible to have a view that is in essence a list of exceptions to the main zone? eg. the example.com domain exists, so does www.example.c

Re: Can two views be layered?

Thanks! Wonderful -- asked and answered. - Original Message - From: Joseph S D Yao [mailto:j...@tux.org] Sent: Friday, March 15, 2013 07:11 PM To: Novosielski, Ryan Cc: 'bind-users@lists.isc.org' Subject: Re: Can two views be layered? On Fri, Mar 15, 2013 at 06:56:

Re: Suspecious DNS traffic

e not the addressee (or the employee or agent > responsible to deliver it to the addressee), or if this message has > been addressed to you in error, you are hereby notified that you > may not copy, forward, disclose or use any part of this message or > any att

Re: Suspecious DNS traffic

ainst using > the local system for some kinds of reflection DoS attacks. > > Many stateful firewalls can also record the source and destination > IP addresses and port numbers of outgoing UDP packets and allow > subsequent incoming UDP packets with source and destination > reve

Re: Having trouble setting up BIND 9.9.2-P2 on Win XP PRO SP3, won't start

I have no idea how things work on Windows, but I doubt "directory" is optional. - Original Message - From: Joanne Homier [mailto:joanne.hom...@gmail.com] Sent: Tuesday, March 26, 2013 11:30 PM To: bind-users@lists.isc.org Subject: Having trouble setting up BIND 9.9.2-P2 on Win XP PRO S

Re: Can two views be layered?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/15/2013 07:11 PM, Joseph S D Yao wrote: > On Fri, Mar 15, 2013 at 06:56:57PM -0400, Novosielski, Ryan wrote: >> Hi all. Running BIND 9.6 I believe it is. Not important what >> version as if there is a version that can do t

Re: Can two views be layered?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/06/2013 01:05 AM, Joseph S D Yao wrote: > On Fri, Apr 05, 2013 at 04:24:24PM -0400, Novosielski, Ryan wrote: > ... >> One followup question to this: are there any limits to how the >> SOA section is handled in this case? Can

Re: Simple question about zone and CNAME

on we're going to test is telling the AD servers that umdnj.edu are them, but telling everyone else on the planet that it's www. We think this will do it, but haven't tested yet. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer

Re: Simple question about zone and CNAME

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/06/2013 03:11 AM, Doug Barton wrote: > On 04/05/2013 11:53 PM, Novosielski, Ryan wrote: > > | It is funny you should mention that... my questions about using > views | to create a situation where one single record is different >

Re: Simple question about zone and CNAME

e webserver they're adding the A record for happens to also be the AD server. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/EI-Academic Svcs. - ADMC

Re: Simple question about zone and CNAME

case, the domain itself has barely any activity (and no client activity) and we can just lie to the AD servers and use them as the bare domain name. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |__/ | \| _| |novos...@u

Re: architecture question

rg/mailman/listinfo/bind-users >> >> > ___ Please visit > https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-u

Re: Mailing list "reply-to" setting

up. There are reply-to-list options in most decent mail clients that can handle this. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/EI-Academic Svcs. - A

Re: any requests

Not in my experience -- in fact, I often do an ANY query to refresh the cache. From: Chris Buxton [mailto:cli...@buxtonfamily.us] Sent: Monday, June 03, 2013 08:47 PM To: Leonard Mills Cc: bind-users@lists.isc.org Subject: Re: any requests If you have mail relays acting this way, you'd better

Re: any requests

ched entry on a BIND-hosted domain. - Original Message - From: Barry Margolin [mailto:bar...@alum.mit.edu] Sent: Tuesday, June 04, 2013 01:01 AM To: comp-protocols-dns-b...@isc.org Subject: Re: any requests In article , "Novosielski, Ryan" wrote: > Not in my experience -

Re: any requests

um.mit.edu] Sent: Tuesday, June 04, 2013 01:37 AM To: comp-protocols-dns-b...@isc.org Subject: Re: any requests In article , "Novosielski, Ryan" wrote: > If it were not already in the cache, I would not need to refresh the cache. > Are you absolutely certain? If so, it is possible

Re: This list's prefix

have them and the e-mail sent via the list (if the list has them turned on) will whether you like it or not. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/

servfail response message question

10.10.1.50 www.example.com <-me querying the Ubuntu for www.example.com ; <<>> DiG 9.8.3-P1 <<>> @10.10.1.50 www.example.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached Do you have any ide

Re: servfail response message question

. Leaving the ipv6 RR in the zone db file caused the servfail. I don't know why. Thanks, Ryan From: Barry Margolin To: comp-protocols-dns-b...@isc.org Sent: Wednesday, June 26, 2013 10:24 AM Subject: Re: servfail response message question In article ,

Re: servfail response message question

2013 3:25 AM Subject: Re: servfail response message question On 26.06.13 13:20, RYAN CHERVENKA wrote: >The Ubuntu server is delegating a sub-domain to the LB. The LB is > authoritative for the domain and is responding to client requests for the domain or the subdomain? > correctly. 

Re: Reverse address entries

s.isc.org/mailman/listinfo/bind-users > - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/EI-Academic Svcs. - ADMC 450, Newark -BEGIN PGP SIGN

Re: Reverse address entries

ouldn't consider a 20 second delay an acceptable compromise though. - -- *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences* || \\UTGERS |-----*O*- ||_// Biomedical | Ryan Novosielski - Sr. Systems Programmer || \\ and Health | novos..

Re: BIND Service Hung

-- *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences* || \\UTGERS |-*O*- ||_// Biomedical | Ryan Novosielski - Sr. Systems Programmer || \\ and Health | novos...@rutgers.edu - 973/972.0922 (2x0922) || \\ Sciences | OIT/EI-Academic Svcs. -

Re: Reverse address entries

causing mail delivery problems. - -- *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences* || \\UTGERS |-*O*- ||_// Biomedical | Ryan Novosielski - Sr. Systems Programmer || \\ and Health | novos...@rutgers.edu - 973/972.0922 (2x0922) ||

Re: Reverse address entries

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/03/2013 11:33 PM, Doug Barton wrote: > On 07/03/2013 07:52 PM, Novosielski, Ryan wrote: | On 07/03/2013 > 04:39 AM, Matus UHLAR - fantomas wrote: |> On 02.07.13 08:53, > Daniel McDonald wrote: |>> I've had trouble with

Re: Reverse address entries

was a bit more peculiar -- rr.net does not appear to have FORWARD DNS for at least some of its dynamic address space. So you can get a PTR, and then address validation fails on the forward address. I guess perhaps if you had no PTR it would never go that far. - -- *Note: UMDNJ is

Re: RFC requirements for relative CNAME targets?

Are you asking if the target of a CNAME need be an FQDN if $ORIGIN is defined? If so, no, I use short names (no trailing dot) all the time. From: John Miller [mailto:johnm...@brandeis.edu] Sent: Thursday, July 18, 2013 05:49 PM To: Bind Users Mailing List Subject: Re: RFC requirements for relat

IPv4 not working reverse on > /24 cidr

we own the entire/24 The config is loaded. Rndc reload reports all is well. But a lookup fails. Help? BIND 9.9.3-P1 on Linux == included file in named.conf zone "128/27.1.10.10.IN-ADDR.ARPA" { type master; file "/usr/named/rev/10.10.1.128.rev"; }; -- Ry

Re: IPv4 not working reverse on > /24 cidr

Ryan Pavely Net Access Corporation http://www.nac.net/ On 7/22/2013 11:00 AM, Barry Margolin wrote: In article , Ryan Pavely wrote: Ok. What am I doing wrong? As far as I know this has worked for years and sometime, weeks, months, years, ago it stopped. This is for doing >

Re: IPv4 not working reverse on > /24 cidr

.1.XX-YY.rev file. Seems redundant. Ryan Pavely Net Access Corporation http://www.nac.net/ On 7/22/2013 12:17 PM, Barry Margolin wrote: In article , Ryan Pavely wrote: So that would suggest any time any block > a /24 is hosted you must actually host the parent zone, pointing to the

Re: DNSSEC troubleshooting on a recursive server.

rting named, nothing. It was getting it's answers from god knows where. I've been meaning to tear it apart and post here. So not much help, but I just recently had a similar issue. Ryan Pavely Net Access Corporation http://www.nac.net/ On 8/6/2013 7:09 PM, Grant Keller wro

Re: Reverse Records on a leash?

No -- and it's not BIND, it's the DNS spec. Reverse entries are in the .in-addr.arpa domian, not your domain name. - Original Message - From: Eduardo Bonsi [mailto:beart...@pacbell.net] Sent: Saturday, August 10, 2013 01:26 PM To: bind-users@lists.isc.org Subject: Re: Reverse Records o

Re: Update from 9.2.1 to 9.8.2 rc1

h Sciences* || \\UTGERS |-*O*- ||_// Biomedical | Ryan Novosielski - Sr. Systems Programmer || \\ and Health | novos...@rutgers.edu - 973/972.0922 (2x0922) || \\ Sciences | OIT/EI-Academic Svcs. - ADMC 450, Newark `' -BEGIN PGP SIGNATURE- V

Re: How to setup a backup NameServer?

dy been mentioned here). There are a lot of ugly things ISP's do to DNS; I loathe all of them. I suspect many customers do to. - -- *Note: UMDNJ is now Rutgers-Biomedical and Health Sciences* || \\UTGERS |-*O*- ||_// Biomedical

Re: Private IP address in A record

https://lists.isc.org/mailman/listinfo/bind-users > ___ Please visit > https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list bind-users@lists.isc.org > https://lists.isc.org/mailman/lis

Re: Can someone please translate entries from query.log file?

Looks like finding who is authoritative foothillfiretraining.org and then doing a reverse lookup on an address. From: Samad Agha [mailto:samad.agha2...@gmail.com] Sent: Tuesday, July 15, 2014 04:33 PM To: DNS BIND ; bind-users@lists.isc.org Subject: Can someone please translate entries from qu

Re: Two domains reporting errors

ciences* || \\UTGERS |-*O*- ||_// Biomedical | Ryan Novosielski - Senior Technologist || \\ and Health | novos...@rutgers.edu<mailto:novos...@rutgers.edu>- 973/972.0922 (2x0922) || \\ Sciences | OIRT/High Perf & Res Comp - MSB C630, Newark `'

Re: Digging to the final IP

*Note: UMDNJ is now Rutgers-Biomedical and Health Sciences* || \\UTGERS |-*O*- ||_// Biomedical | Ryan Novosielski - Senior Technologist || \\ and Health | novos...@rutgers.edu<mailto:novos...@rutgers.edu>- 973/972.0922 (2x0922) || \\ Sc

RE: Request to provide procedure for bind upgrade

ences* || \\UTGERS |-*O*- ||_// Biomedical | Ryan Novosielski - Senior Technologist || \\ and Health | novos...@rutgers.edu - 973/972.0922 (2x0922) || \\ Sciences | OIRT/High Perf & Res Comp - MSB C63

Syntax for ECS ACL Entry

at are not prefixed with "ecs" are matched only against the source address."* * I am running bind9 version 9.16.15. Regards, Ryan McGuire p. 260.202.0500 m. 978.501.3620 f. 260.202.0420 w. www.libretechconsulting.com <https://libretechc

Re: Syntax for ECS ACL Entry

. -Ryan On 9/2/21 10:06 AM, Ryan McGuire wrote: I'm setting ECS in dnsdist in hopes of using it in an ACL to choose a view. The views are working well, and the ECS is read by bind9 (see log below), but I can't seem to find a syntax for adding an ecs entry into an acl. Here is what

Re: Syntax for ECS ACL Entry

on't believe it's planned. This seems like such a common scenario, I'm surprised the support that was there was removed but not replaced by anything. I suppose it is open-source software and I'm free to port it into 9.16, but this isn't a big enough problem for me person

Re: Syntax for ECS ACL Entry

u again for the replies. -Ryan On 9/2/21 2:42 PM, Evan Hunt wrote: On Thu, Sep 02, 2021 at 02:26:59PM -0400, Ryan McGuire wrote: Thank you, in my searching I failed to come across that. Do you know if it's been replaced by something more "practical to deploy"? I found some discuss

BIND9 SERVFAIL on some .gov addresses

ually works from my laptop against the server (but dig by itself returns no MX records). Thank you in advance for suggestions. This one is causing some nasty problems. - -- - ---- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| |

Re: BIND9 SERVFAIL on some .gov addresses

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/10/2011 03:23 PM, Chuck Swiger wrote: > On Feb 10, 2011, at 11:26 AM, Ryan Novosielski wrote: >> dig: isc_socket_create: address family not supported >> >> I've read that I shouldn't let this error message lead me

Re: BIND9 SERVFAIL on some .gov addresses

servers which will > answer and claim no MX records exist: OK, thanks -- I did not carefully check other locations for that one. Good to know that's not just me. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |_

Re: BIND9 SERVFAIL on some .gov addresses

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/10/2011 04:19 PM, Chuck Swiger wrote: > On Feb 10, 2011, at 12:39 PM, Ryan Novosielski wrote: >> health.nyc.gov query-errors: >> >> 10-Feb-2011 15:32:30.682 query-errors: debug 1: client >> 130.219.34.129#55935:

[SOLVED] Re: BIND9 SERVFAIL on some .gov addresses

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/11/2011 01:21 PM, Ryan Novosielski wrote: > On 02/10/2011 04:19 PM, Chuck Swiger wrote: >> On Feb 10, 2011, at 12:39 PM, Ryan Novosielski wrote: >>> health.nyc.gov query-errors: >>> >>> 10-Feb-2011 15:32:

Re: multi-master with mysql backend

gt; not, you've got bigger problems. >>> >>> If you're not talking about a huge amount of data here (and from what >>> you've described in previous posts, you're not) then you are fairly >>> dramatically over-architecting your solution here. Per

Re: Please Help

t; > > Xiao > > 2/16/2011 > > > > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosiel

Re: Please Help

> > -Original Message- > From: bind-users-bounces+xhuang=graphnet@lists.isc.org > [mailto:bind-users-bounces+xhuang=graphnet@lists.isc.org] On Behalf Of > Ryan Novosielski > Sent: Wednesday, February 16, 2011 5:47 PM > To: bind-users@lists.isc.org > Subject:

Re: [SOLVED] Re: BIND9 SERVFAIL on some .gov addresses

YrrV6GNslN5qicuHIehriQIMPdXs3/e2ZhB3h944kpymqL ag3tCg== >> >> ;; ADDITIONAL SECTION: >> vwall1a.nyc.gov.86400INA161.185.1.3 >> vwall2a.nyc.gov.86400INA161.185.1.12 >> vwall3a.nyc.gov.86400INA167.153.130.12 >> vwall4a.nyc.g

Re: [SOLVED] Re: BIND9 SERVFAIL on some .gov addresses

with a * the subtle difference between versions of that firewall firmware. I can't find that table anywhere -- was HTML, not in a PDF. On 02/23/2011 11:39 AM, Ryan Novosielski wrote: > Take a look at this. It is somewhat confusing, but it is helpful and > should tell you right

Re: [SOLVED] Re: BIND9 SERVFAIL on some .gov addresses

that: a: firewalls with ALGs are the devil b: this goes double for PIX / ASA and c: doubled again for putting them in front of servers, especially DNS servers W On Feb 23, 2011, at 1:13 PM, Ryan Novosielski wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 A couple more gems: https

Re: dots in hostnames problem

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 There are a lot of unfortunate practices one can find in DNS names. I'd personally recommend not doing anything that conflicts with the RFC. At my place of business, we slave a zone from a group that has underscores in the hostnames which is also not a

Re: Change Query Type on nslookup

'dig' is a better tool in every way, I think. dig  host.example.com I believe is the syntax there. -- Sent from my Palm Pre On Apr 7, 2011 1:02, mee thun wrote: Good Morning.. I am new member in this mailing list. I need help to change the query type in the nslookup

Re: Split DNS Configuration in BIND

k: > > http://www.howtoforge.com/two_in_one_dns_bind9_views > http://www.cyberciti.biz/faq/linux-unix-bind9-named-configure-views/ ...the end result of which (just to check my own knowledge) is the same as a split DNS, just without needing a second set of server

Re: please remove me from this mail list

ailing list >> bind-users@lists.isc.org >> https://lists.isc.org/mailman/listinfo/bind-users > > > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-use

Re: better performance with 32 bit ! why?

t. If bind is not going to be using over 4GB of RAM by itself, my understanding is that running 64-bit will merely add overhead. I realize that is a pretty big generalization, so feel free to correct me if you know better. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novo

Re: better performance with 32 bit ! why?

gt; > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users - -- - -

Re: DNS Sinkhole in BIND

I do this. There may now be a smarter way, but I have a small number so this is manageable for me: configure zones for each of the evil zones. Your server will appear authoritative and you can direct clients wherever you like. I direct some of mine to a virtualhost handing out 503 errors. -- Se

Re: DNS Sinkhole in BIND

- and this makes bind slow to start, and > use more RAM. Do you know what version that arrived in? 9.8.0? - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922) \_

Re: Not able to resolve a domain

n spoofing attacks. > > In fact, the BIND 9 documentation contains a sample blackhole ACL > which, until recently, specifically recommended filtering addresses > in that block. The advice is outdated but I think someone is still > following it. - -- - ---- _ _ _ _ ___ _ _ _ |Y#| | | |

Re: load-balancing in DNS using two A records

one server and sometimes another. Generally with SSH you care what you're connecting to and will also have individual records for each host to use for that purpose. - -- - _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Sr. Systems Programmer |$&| |__| | | |_

Re: DNSSEC made simple, is this possible?

__ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users - -- - _ _ _ _ ___ _ _ _ |Y

Re: URL Redirection via DNS

This is not what DNS does. It matches an IP with a domain name. Changing the URL needs to be done from within the web-page. On Fri, Apr 24, 2009 at 07:38, Binmakhashen, Latif < latif.binmakhas...@omnicare.com> wrote: > Jeff > > > > Thank you for wording your reply more professionally. That’s e

Re: How bind works

A server would first have to analyse the request to figure out to which named instance to route the request. That would most likely eat up any time you'd save. 2009/5/29 Eduardo Júnior > > Hi, > > > I read about Bind which it works as follow (in general words): > > query -> named -> named.conf

change NXDOMAIN to a A type response

Hi All some isp change NXDOMAIN to a A type response, I know this is can not be realized by bind software by default source code, so is there anyone know how do they realize this function? change the source code or use proxy software upon DNS bind? Thanks _

Remove/add [A] records based upon server availability

Is there a method in BIND to add/remove A records based upon server availability? i.e. host www has A records 1.1.1.1, 2.2.2.2, 3.3.3.3 If 3.3.3.3 is 'down' (via a ping test, for example) we remove it from the [A] record until such time that it is back 'up' and the host is added back to the

Added new master zone, copy .hosts does not replicate properly

We run 2 BIND in master/master configuration in two geographically separate datacenters. This is done because a master/slave configuration has certain limitations if the master goes down (slave can not be easily modified). The setup we have works great -- we make changes to "A" or "MX" reco

Re: BIND/Control Panel/FreeBSD

the only Linux boxes in our entire enterprise. Now I am not going to suggest steering clear as my last 'production' 'bsd' 'nameserver' was well over 10 years ago. I'm confident things have improved. Just keep my experience in mind. Ryan Pavely Cologi

Re: real BIND start time

I don't know the official answer, but I can tell you the PS method reports to me November, which is the last time named was started; whereas the pid file date shows noon today, a few hours ago. Ryan Pavely Cologix http://www.cologix.com/ On 1/5/2017 3:54 PM, Jonathan Reed wrote

error reading private key file, ddns_update update failed not found

Good Afternoon, I have a newly configured bind9 server with two dynamic zones that I cannot seem to get working. I've ensured I have a key-directory configured and I've confirmed that the keys exist and are readable by bind but I'm unable to resolve the issue. The zones themselves work fine, but d

Re: error reading private key file, ddns_update update failed not found

the past like I was run into this scenario. There is no end to the outdated and inaccurate blogs and tutorials for bind that can cause this to happen. Regards, -Ryan On Sat, 2018-03-31 at 18:25 -0400, rmcgu...@libretechconsulting.com wrote: > Hi Kim, > Thank you for your email. I'll give

slave not updating or creating ofd zone files

Hello all i have what is to me a very strange bind 9 master slave transfer issue. When i update a zone file on the master the file updates correctly the notifies are sent and every thing seems to work perfectly except it transfers 0 bytes to the slave. Checking the slave confirms that indeed t

Re: slave not updating or creating ofd zone files

Hello all i have what is to me a very strange bind 9 master slave transfer issue. When i update a zone file on the master the file updates correctly the notifies are sent and every thing seems to work perfectly except it transfers 0 bytes to the slave. Checking the slave confirms that i

Re: slave not updating or creating ofd zone files

xfr= zone @master > Sten Carlsen wrote: > > It has sometimes been seen that the files that are updated are not the > files actually loaded, this could be such a case? > > On 29/03/12 10:58, RYAN M. vAN GINNEKEN wrote: > > > > Hello all i have what is to me

Re: slave not updating or creating ofd zone files

/12 20:39, Computer King wrote: OK but how do I correct the issue Sent from my Nexus 1 Sten Carlsen wrote: It has sometimes been seen that the files that are updated are not the files actually loaded, this could be such a case? On 29/03/12 10:58, RYAN M. vAN GINNEKEN wrote: Hello all i have wha