ning me.
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscript
Hi,
Is DNS Bind SRV record can detect the Server's availability? If yes, how?
Thank you,
Wil
--
This e-mail message (including attachments, if any) is intended for the use
of the individual or the entity to whom it is addressed and may contain
information that is privileged, propri
Hi Tale, Happy new year!
Your understanding is correct, i just thought that SRV can detect whose
server is alive so it can choose and provide an answer with the available
Server.
Thank you!
On Tue, 5 Jan 2021, 23:53 tale wrote:
> On Tue, Jan 5, 2021 at 4:30 AM Wilfred Sarmiento via b
/docs/trunk/users-guide/vcl-backends.html#connection-pooling
Sorry to clutter the group here, but trying to assist w redirect of this
question to a non-DNS direction since numerous BIND folks here saying not
technically on-topic.
Tyler
> On Jan 18, 2021, at 1:49 AM, Marek Kozlowski
>
It sounds to me like dnssec-verify is sending the output in question to STDERR
instead of STDOUT.
On Sat, 06 Feb 2021 19:02:28 +
Matthew Richardson wrote:
> I have been using Perl to do a reasonable amount of scripting, running bind
> utilities and processing the results into var
of a recursive resolver? As far as I
remember, BIND used as a recursive resolver will "cache" this
knowledge, but I'm not entirely certain for how long, since it
can't use the method from an NXDOMAIN reply which includes the
SOA record (and uses the re-purposed "minimum" fi
l you could try tracing the addresses of the nameservers for which
> > there where errors reported. It could be as simple as a routing issue
> > between you and these servers.
> >
> > > On 10 Feb 2021, at 13:25, sami's strat wrote:
> > >
> > > couldn't get addres
I rather prefer tshark to tcpdump: it's essentially the command line version of
wireshark, and thus has wireshark's protocol "dissecting" abilities.
On Wed, 10 Feb 2021 22:20:08 +0000
"John W. Blue via bind-users" wrote:
> Three words: tcpdump and wireshark
arious reasons a recursor might choose to return a
SERVFAIL response. It uses an EDNS option to communicate the
additional information.
As for its implementation status in general or in BIND in
particular I'll admit that I don't know off-hand.
Regards,
- Håvard
his particular point.
Regards,
- Håvard
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ f
>> So ... I can't get the glibc behaviour to mesh with the standard
>> on this particular point.
>
> It's set in RFC 6840:
I stand corrected, thanks.
- Håvard
___
Please visit https://lists.isc.org/mailman/listinfo/bind-use
If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
uSE 15.2 though. (OpenSuSE 15.2 -- the
"stable" release that wants you to update something every day.)
On Fri, 12 Feb 2021 00:35:53 +0000
"John W. Blue via bind-users" wrote:
> Most people like yourself that do not care about OS purity often are not
> obligated (grant
Would it be possible to use a virtual interface from within bind/named that
gets mapped by some privileged facility to a hardware interface? (This is the
sort of thing that VMs have to do all the time.) For example, could a brctl
bridge help?
Or maybe CAP_NET_BIND_SERVICE would allow the
Our DMARC Policy has been "p=quarantine" since 30 Jun 2019, so I guess it won't
affect us. (It was "p=none" before that -- we only started using DKIM in Apr
2017.)
On Tue, 16 Feb 2021 20:54:30 + (UTC)
Dan Mahoney wrote:
> Greetings bind-users netizens.
>
&
escription: S/MIME Cryptographic Signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/co
On 2/16/21 11:54 PM, Dario García Díaz-Miguel via bind-users wrote:
Hi everybody,
Hi,
Since I'm a little bit desperate with this issue, and after asking
this on reddit (r/sysadmin) and serverfault with low or none responses,
I think it would be worth half an hour or so to test stunnel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
https://www.five-ten-sg.com/mapper/bind contains links to the source
rpms, and build instructions.
-BEGIN PGP SIGNATURE-
iHMEAREKADMWIQSuFMepaSkjWnTxQ5QvqPuaKVMWwQUCYC6iThUcY2FybEBmaXZl
https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ames in zone files.
>
> Mark
OK that makes sense. Thanks. It's been so long since I configured these
servers - and
they have worked so flawlessly - I forgot everything I knew about bind config
files ;)
___
Please visit https://lists.isc.
|| die
smime.p7s
Description: S/MIME Cryptographic Signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https:/
s for things that need to be
allowed.
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of
Can anyone help me get BIND 9.16.13 to work with Apple’s new M1s?
Compiler: gcc
Configured with: --prefix=/Applications/Xcode.app/Contents/Developer/usr
--with-gxx-include-dir=/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/c++/4.2.1
(s) not found for architecture arm64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
configure:16164: $? = 1
configure: failed program was:
| /* confdefs.h */
| #define PACKAGE_NAME "BIND"
Looks like I need to download and install libuv.
Thanks again.
James.
&
. Is it possible to implement both 4 and 5 ?
I would assume that #4 can be done.
I would expect that #5 can be done.
2. Any alternative architecture (I can use up to 5 hosts) ?
I /think/ that BIND has some options to use something else, a
(traditional) DB and / or LDAP for zone informati
____
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
---END PGP SIGNATURE-
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more infor
0hhstYcI1wpsBcA
nRdv220ju0R0IIEgbLzfbXs8CjHX
=+zDb
-END PGP SIGNATURE-
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
ledge is to share it generously.
>
> Tony.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
dns_dnssec_findmatchingkeys: error reading key file Kfive-ten-
sg.com.+008+39376.private: permission denied
Those key files are 0600 root:root. Bind should never need to read them
since we are not doing in-line signing or key rotation within bind
__
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
erall response time.
Kind Regards
Thomas Preissler
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at ht
sit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
following policy and zone config:
dnssec-policy "test" {
keys { csk lifetime P30D algorithm ECDSAP256SHA256; };
};
zone "domainmail.ch" {
type master;
file "/etc/bind/zone/domainmail.ch";
dnssec-policy "test";
};
Here are the i
On Fri, 2021-04-09 at 19:05 +, John W. Blue via bind-users wrote:
> So the issue here is that the DS record that sit in .ch has an ID of 22048
> but the domainmail.ch servers are telling the world that the correct ID is
> 17870.
>
> Thus the DNSSEC breakage.
Of course, howe
NS query returned: "Server failed to complete the DNS request".
>"
>
>You should check the requirements. You'd need to answer for three
>consecutive days, be consistent in all NS IP addresses, etc.
>
>Hugo
>
>On 15:11 09/04, Jim Popovitch via bind-users wr
On April 9, 2021 8:21:33 PM UTC, "John W. Blue via bind-users"
wrote:
>Sorry .. clicked send too soon.
>
>Found this via google:
>
>https://docs.gandi.net/en/domain_names/advanced_users/dnssec.html
>
>"You can not add DS keys as we compute it for you with the
t very clear.
> Eventually I hope to improve this once our resolvers support RFC8914
> extended dns errors which we could pass on to the frontend.
+1 Thanks!!
> On 4/9/21 9:11 PM, Jim Popovitch via bind-users wrote:
> > > > What I can't figure out is how/when does .ch que
LXRlbi1zZy5jb20ACgkQL6j7milTFsFhLACgicNwiEmrZonfJpM70v1NfHL1BVQA
n2VuDBTqHCPKtGhZlRpMHPkUkN0H
=kr0W
-END PGP SIGNATURE-
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development
On Monday, 12 April 2021 01:18:11 CDT @lbutlr via bind-users wrote:
> Doe anyone know the syntax for using purge-keys in 9.16.13? I've search and
> all I can find is notes that it was added. I've tried a couple of things, but
> I am shooting in the dark. I cannot redefine the
ie
smime.p7s
Description: S/MIME Cryptographic Signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.is
[ Classification Level: GENERAL BUSINESS ]
It's not a "BIND" solution, per se, but if you have a
sufficiently-sophisticated IPS (Intrusion Prevention System) you could have
it simply drop all queries of a particular QNAME, or any particular
combination of QNAME, QTYPE, QCLAS
: query
(cache) 'sl/ANY/IN' denied
Besides not wanting to be an unwilling DDoS amplifier, these bother me because
they're filling up my BIND/named log files.
I've tried using IPtables hashlimit to throttle the requests, but have had
little success. I've even tried blocki
Hi,
I am using bind's geoip feature, created one ACL to allow country IN. I am not
getting logs of a failed query if the client IP is other than than country IN.
Rest all is working fine, getting logs of successful queries. Below find the
config details:
BIND 9.16.13 (Stable Re
s.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Interesting observation. I just did lookups on 4 recent (< 24 hrs ago)
'sl/ANY/IN' queries logged by our BIND and got:
2 Comcast cable IPs (hsd1.tx.comcast.net and hsd1.ma.comcast.net)
1 OVH Hosting IP (Montreal)
1 Afranet IP (Tehran!)
The whois info for the OVH IP contains the lin
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bin
e
reserved IPs and quickly transfer them from server to server using the
OVH API. This is great for database resiliency/failover, etc.
-Jim P.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds
l IN ANY +E(0)
> 13-Apr-2021 07:04:32.746 GMT 92.204.191.45#2927 (sl): query: sl IN ANY +E(0)
> 13-Apr-2021 07:04:32.935 GMT 92.204.191.45#2927 (sl): query: sl IN ANY +E(0)
> 13-Apr-2021 07:04:33.993 GMT 92.204.191.45#2927 (sl): query: sl IN ANY +E(0)
> 13-Apr-2021 07:04:34.047 GMT 92.2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wed, 2021-04-14 at 12:58 -0400, Paul Kosinski via bind-users wrote:
> Interesting, although we host different domains, in and from different
> geographic areas, we got the same queries as yours on the same day,
> with some at about the
On Wednesday, 14 April 2021 15:00:38 CDT Bob Harold wrote:
> Does anyone have an automated KSK roll process, that checks for the DS
> record at the parent, that they can share?
>
> As far as I can tell, the automated signing in BIND will roll the KSK if I
> set the timing in the p
eline runner to my remote BIND staging server and update
> the zone files on there with my newly updated zone file.
> I initially thought about using ssh from the runner to the remote BIND
> server but this may not be the most secure way of connecting.
> So my question is: Is it possib
appear to be confused about what the various tools do, so here's a
> summary:
>
> 1. ssh is used to log into a remote server, get a shell, and run
> operating system commands.
>
> 2. rndc is for controlling a running BIND server. It can be used to
> check the status of
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https
configure the
> directory for the .jnl files independently of the zone files.
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www
Hi
Its possible to delegate tld domain example.com to 1.1.1.1 name server and
.example.com to 2.2.2.2 name server ?
Wysłane z Yahoo Mail do iPhone
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
On 4/26/21 2:45 PM, bamberg2000 via bind-users wrote:
Hi!
Hi,
BIND 9.11.5, I forward the request ("forward zone" or global "forward
first") to another server and I get NXDOMAIN. Is it possible to process
NXDOMAIN other than "redirect zone"? I just want to
BIND-Users on topic content first:
#1 bind for a local caching DNS query server
I absolutely agree.
and change resolve.conf to 127.0.0.1 for the best RBL performance.
How much effective performance difference does the loopback interface
(lo) vs the local LAN interface (eth0) make
On 4/27/21 10:24 AM, Kevin A. McGrail wrote:
Agreed on the OT and good subject change.
:-)
For me, I wouldn't bind DNS to the eth0, just another attack surface
hence I would use local loopback.
I think the main reason to bind to eth0 / LAN is for when there are
multiple (mail) se
Hi,
I need some help setting up a recursive nameserver for my internal
network using BIND 9. The recursive name server is not resolving any
domains.
I am running the BIND 9 package from the ppa:isc/bind repo.
BIND Version Number: 9.16.15
OS: Ubuntu 18.04 LTS
This is the named.conf.options
ving mechanism in bind9 where the server
> chooses different records to resolve for each request, but is there a way
> to assign weights so that the server resolves with different probabilities?
>
> All I could find about the topic was this old mail from the archive:
> https://lists
This has kept me spinning in a few hours since yesterday. So I gave a
try at configure and compile of bind-9.11.31 on ye Fujitsu/Oracle SPARC
Solaris 10 boxen and I see :
.
.
.
/opt/developerstudio12.6/bin/cc -mt
-I/opt/bw/build/bind-9.11.31_sunos5.10_sparcv9.003 -I../..
-I/opt/bw/build/bind
ompile completes.
I will dig a bit and see where things went wrong after 9.11.26.
--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsub
-servers.net. A 192.33.14.30, a.gtld-servers.net. A
> 192.5.6.30, m.gtld-servers.net. 2001:501:b1f9::30(490) (ttl 63, id
> 11754, len 518)
> - - -
> ---
> PGP-Key: CDE74120 ☀ computing @ chaos claudius
>
> ___
> Please visit
://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo
On 5/6/21 10:50, Tony Finch wrote:
> Dennis Clarke via bind-users wrote:
>>
>> Hey there. I looked in the README and I dont see an INSTALL file at all
>> so I have to assume that the testing docs exist somewhere.
>
> Have a look at
>
> https://gitlab.isc.org/i
d running `make check` is enough.
>
I do NOT trust a build result where I had to go hacking into all the
Makefiles just to get it to build. You install without doing testing?
Dennis
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
I very carefully created an airgap test system for this process and did
setup all the required network interfaces. However all tests fail
terribly due to some weird python requirement ?
airgap$ ./runall.sh -n
+ SYSTEMTESTTOP=.
+ . ./conf.sh
++ TOP=/opt/bw/build/bind
8
bge2:14: flags=2000801 mtu 1500 index 4
inet6 fd92:7065:b8e:ff::2/128
bge2:15: flags=2000801 mtu 1500 index 4
inet6 fe80::203:baff:fe13:3c25/10
dude@nix$
dude@nix$ ./runall.sh -n
+ SYSTEMTESTTOP=.
+ . ./conf.sh
++ TOP=/opt/bw/build/bind-9.11.31_sunos5.10_sparcv9.005
++ DEFAULT_
l[#]] [-n # [-x]] [-s size] [cmd [args ...]]
R:allow-query:PASS
So I guess there are hard coded gnuisms in there?
Dennis
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this
the bad xargs and find options for now. How can I run those
tests as separate items manually ?
--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
___
Please visit https://lists.isc.org/mailman/listinfo/bind-use
On 5/7/21 16:00, Ondřej Surý wrote:
> No, the tests run fine on BSDs, there are no gnuisms.
>
> Solaris just isn’t on our supported platform list
Oh thats right .. you guys dropped it.
Still a whack of legacy boxes out there running but I guess
not ISC Bind in the very very very ne
On 5/8/21 14:13, Evan Hunt wrote:
> On Thu, May 06, 2021 at 11:57:58AM -0400, Dennis Clarke via bind-users wrote:
>> I do NOT trust a build result where I had to go hacking into all the
>> Makefiles just to get it to build. You install without doing testing?
>
> I think Ondr
03 83 86 27 39
OpenPGP_0x90B78A89BCC49C10.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of t
On 09/05/2021 12:32, Xavier Humbert via bind-users wrote:
Hi,
My DNS system if perfectly working :
[xavier@numenor ~]$ dig dns.google.com
; <<>> DiG 9.16.15 <<>> dns.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status
On 09/05/2021 13:44, Xavier Humbert via bind-users wrote:
On 09/05/2021 12:32, Xavier Humbert via bind-users wrote:
Hi,
My DNS system if perfectly working :
[xavier@numenor ~]$ dig dns.google.com
; <<>> DiG 9.16.15 <<>> dns.google.com
;; global options: +cmd
;;
On 5/10/21 01:55, @lbutlr wrote:
> On 06 May 2021, at 09:57, Dennis Clarke via bind-users
> wrote:
>> I do NOT trust a build result where I had to go hacking into all the
>> Makefiles just to get it to build. You install without doing testing?
>
> That's a very s
Actually, it's in keeping with the *original* definition of hacking!
On Sun, 9 May 2021 23:55:13 -0600
@lbutlr wrote:
> On 06 May 2021, at 09:57, Dennis Clarke via bind-users
> wrote:
> > I do NOT trust a build result where I had to go hacking into all the
> > Make
an Egli
From my Test Server
OpenPGP_0x11B7451DF2015959.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
On 5/10/21 5:11 AM, Ondřej Surý wrote:
On 10. 5. 2021, at 10:29, Richard T.A. Neal wrote:
At this time I don't therefore believe that running BIND via WSL or WSL2 on
Windows Server is a viable reliable solution.
Thanks for the analysis.
The alternative is as I outlined in the first
nny
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
ht
ent with inline-signing using
dnssec-keygen. The new dnssec-policy feature can do automatic key
management for you.
Tony.
So, I updated the settings. Now I have keyfiles generated by bind, as
well as a binary .zone.signed in addition to the plain text .zone which
has no DNSSEC information at a
Upgrade to WHAT? You said it was fixed in 9.11.25, but isn't that a lot
OLDER than 9.16.15, which is what I'm running?
jupiter ~ # named -v
BIND 9.16.15 (Stable Release)
jupiter ~ # dig -v
DiG 9.16.15
On 5/16/2021 12:06 AM, Mark Andrews wrote:
On 16 May 2021, at 10:17, Dan Egl
3600 IN NS
uz5w6sb91zt99b73bznfkvtd0j1snxby06gg4hr0p8uum27n0hf6cd.free.ns.buddyns.com.
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do
not feel obligated to reply outside your normal working hours.
On 16. 5. 2021, at 8:45, Dan Egli via bind-users
wrote:
Upgrade to WHAT? You said it
ing compounded by some dumb firewall are they?
Some long TTL?
Just shootin' the fish, I don't know nearly as much about this stuff
at the guys already helping you.
--
73,
Ged.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-u
Hello again,
On Sun, 16 May 2021, I wrote:
... If you can't agree their numbers then
you're some information ...
Having screen troubles. The word 'missing' is missing.
--
73,
Ged.
___
Please visit https://lists.isc.org/m
bugs and
improving the software.
I feel strongly that I should chime in with my experiences of trying
to use Git/Web interfaces to report issues. Not, I hasten to add,
issues with BIND - I don't recall ever trying to use ISC's GitLab and
I'd have no particular issues with creating
Running bind 9.16.15 on FreeBSD 11.4-STABLE.
Master is out on a cloud server at Digital Ocean. Slave is on-premise.
All on-prem LANs point to the slave instance.
Running split horizon to keep nosey parkers out of our local DNS assignments.
Recently - and for no obvious reason - the on-prem
On 5/20/21 8:43 AM, Anand Buddhdev wrote:
> On 20/05/2021 15:30, Tim Daneliuk via bind-users wrote:
>
> Hi Tim,
>
>> Recently - and for no obvious reason - the on-prem instance stops resolving
>> properly. The fix is to stop it, clear out the slave files, and restart.
&g
Nevertheless I think there is a bug. IIR the previous default was 100% (switch
to AXFR if IXFR would be grater than AXFR) and we also saw plenty of AXFR
although the IXFR difference was very small and far away from 100%
regards
Klaus
> -Ursprüngliche Nachricht-
> Von: bind-use
If you can have BIND log directly to a file, couldn't you use a FIFO
(prwxrwxrwx) or Unix domain socket (srwxrwxrwx) and avoid the disk I/O by
sending the log data directly to the forwarder? (E.g., Pulse Audio listens on a
socket for audio data from an application, and sends it in real-ti
On 5/23/21 9:27 AM, Ondřej Surý wrote:
Nope, that’s how you enter email to SOA with dot in user part as
the first dot gets converted to @.
#TodayIlearned
I agree with Ondřej. I think it's the missing $ in front of ORIGIN.
Remember the $ lines are directives to BIND and not zone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
https://www.five-ten-sg.com/mapper/bind contains links to the source
rpm, and build instructions. This .src.rpm contains a .tar.gz file with
the ARM documentation, so the rpm rebuild process does not need sphinx-
build and associated dependencies
Hi there,
On Wed, 26 May 2021, He/Him wrote:
we merged a change that substantially reduces a contention between threads
and improves the recursive performance ...
We are currently running 9.11.26, and 9.11 has always built with no issues.
Debian 9.13 (Stretch).
$ aunpack bind-9.16.17
se visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.i
On 5/30/21 9:24 AM, Richard T.A. Neal wrote:
I spent a little time this weekend setting-up BIND 9.17.13 on Ubuntu
21.04 and configuring the system as a recursive resolver offering DNS
over HTTPS using a LetsEncrypt certificate.
Nice work.
Is there any interest in me writing this up as a web
On 30/05/2021 17:24, Richard T.A. Neal wrote:
DNS over HTTPS support appears to be steadily increasing and it looks
like the next version of Windows 10, Windows 10 21H2, will including
support for DoH at the operating system level.
�
I spent a little time this weekend setting-up BIND
Inside the zone statement of the primary add:
also-notify { ipofsecondary };
This will make transfer in microseconds.
Let me know if it works for you.
Dan
On Jun 1, 2021, at 7:24 PM, Mark Andrews wrote:
On 2 Jun 2021, at 01:18, Cuttler, Brian R (HEALTH) via bind-users
wrote:
My dns
ch is
why the effort was made.
FWIW.
Danny
On 6/3/21 4:03 AM, Richard T.A. Neal wrote:
Thanks Vicky and Ondrej for providing clarity. I'll be sad to see it when this
happens but as I said in my original post I don't underestimate the sheer
amount of effort required to maintain BI
On 6/3/21 2:17 PM, Reindl Harald wrote:
Am 03.06.21 um 20:12 schrieb Danny Mayer via bind-users:
I don't speak for ISC but it's important to understand that support
of an operating system costs money and unless a company or
organization is willing to step up with money it
801 - 900 of 2153 matches
Mail list logo
