On Mon, 2018-01-22 at 12:45 +, Tony Finch wrote:
>
> lame-servers is also a log category, and tends to be quite noisy
> about
> various problems :-)
Turns out I do already have lame server logging enabled. I.e.:
20-Jan-2018 12:01:37.053 lame server resolving 'backup-ns.yn.cninfo.net' (in
'
Here's a new most interesting data point.
All of these outages happen right after a DHCP client connect and sends
a DDNS update to BIND.
It would be an interesting experiment to isolate the zone that receives
DDNS updates for the DHCP clients onto a separate server to see if that
makes this probl
On Tue, 2018-01-23 at 13:38 +0100, Reindl Harald wrote:
>
> pretty sure it's possible and likely not much different than the
> unbound-sample below which asks a rbldnsd on port 1043 on the same
> machine
>
> stub-zone:
> name: "zone-name."
> stub-addr: 127.0.0.1@1053
That's the sort of path
On Tue, 2018-01-23 at 13:38 +0100, Reindl Harald wrote:
>
> pretty sure it's possible and likely not much different than the
> unbound-sample below which asks a rbldnsd on port 1043 on the same
> machine
>
> stub-zone:
> name: "zone-name."
> stub-addr: 127.0.0.1@1053
This all falls apart be
On Tue, 2018-01-23 at 09:53 -0700, Grant Taylor via bind-users wrote:
>
> Could you try disabling DDNS updates for a little while?
That's effectively what I have done.
I set up a second server configuration running new zone on a different
IP address and pointed the DHCP server at it so that the
On Wed, 2018-01-17 at 10:45 -0500, Brian J. Murrell wrote:
> I have a BIND (9.9.4)[1] server that runs well most of the time, but
> periodically it will start returning SERVFAIL for very high-level
> domains such as *.google.com, *.gstatic.com, *.github.com, etc. It
> seems to
I'm really not sure about what the name of this feature I am going to
describe would be. I would probably call it an "overlay view". But I
am sure there are better names.
Imagine I have a BIND 9 server for the following network topology:
Network 1
192.168.1.0/24 -
as to why this isn't resolving for me and how to correct would
be appreciated.
I checked for resolution using both nslookup and dig.
Thank you,
Brian
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
.
> -Original Message-
> From: Stephane Bortzmeyer [mailto:bortzme...@nic.fr]
> Sent: Thursday, May 05, 2016 11:55 AM
> To: Cuttler, Brian R. (HEALTH)
> Cc: bind-users@lists.isc.org
> Subject: Re: Forward record for WWW
>
> ATTENTION: This email came from an external source. Do n
05 13:30:49 EDT 2016
;; MSG SIZE rcvd: 369
[euclid] ~ 214>
> -Original Message-----
> From: Stephane Bortzmeyer [mailto:bortzme...@nic.fr]
> Sent: Thursday, May 05, 2016 12:12 PM
> To: Cuttler, Brian R. (HEALTH)
> Cc: Stephane Bortzmeyer ; bind-users@lists.isc.org
> S
s.
wadsworth.org. 300 IN A 199.184.16.22
; simply not being served, removed until I can figure out why
; 2012-12-10 per ivan
wadsworth.org. IN TXT "v=spf1 ptr:wadsworth.org ip4:199.184.28.0/22 ?all"
--removing dig output and other already posted information--
Thank you,
Brian
r and I've no idea what.
If anyone has any suggestions I'd love to hear them, but with your help the
issue I was having has been resolved by restarting the server, rather than
reloading the zones files.
Many thanks,
Brian
> -Original Message-
> From: Bischof, Ralph F. (MSFC
Stanley,
> Are you running DNSSEC?
Negative, we are not running dnssec.
Brian
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
ht
**
This communication, including attachments, is for the exclusive use of
addressee and may contain proprietary, confidential and/or privileged
information. If you are not the intended recipient
the A, TXT and PTR records is the way to go,
but hope for a quicker, less error prone method.
Thanks in advance,
Brian
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-
ed forward and reverse records, but text records are different, I just
don't know how different.
The forward table looks like this
hr16038 A 10.57.48.209
TXT "00f8e5793e94da14990f27763448c54a00"
Thank you,
Brian
> -Origin
Bob,
Thank you, the assurance that I'd understood the defaults and that nsupdate was
the correct tool was all that was missing.
I executed the update commands and they worked like a charm.
Thank you,
Brian
===
The forward table looks like this
hr16038
y zones or
should employ some other mechanism to help assure I'm hitting the
best-forwarders/most productive forwarder zone selection I can.
Thank you,
Brian
Brian Cuttler
Network and System Administrator, ITG - Information Technology Group
Wadsworth Center, NYS Department of Health
Biggs L
a postmortem should be done to find out why BIND had
to be restarted unless you already know.
Good hunting!
John
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
Cuttler, Brian R (HEALTH)
Sent: Monday, October 15, 2018 10:27 AM
To: bind-users@lists
I'm looking for methods to reduce the period of time we cache external
records (e.g., www.google.com). I think the option I need to implement
is max-cache-ttl.
Is this the correct method for limiting caching? Are there reasons that
I should or should not do it?
Thanks,
g for
way to ensure when we make changes that they are quickly propagated,
especially when we're making blackhole changes.
Brian
-Original Message-
From: bind-users-bounces+brian.atkins2=va@lists.isc.org
[mailto:bind-users-bounces+brian.atkins2=va@lists.isc.org] On Behalf
Of D
I asked a similar question 2 weeks ago and got a non-response (e.g., a
response with no real information).
>From what I've read, everyone seems to frown on over-riding cache times,
but I haven't seen any specifics as to why it's bad.
Brian
__
ence setting the max-cache-ttl.
I realize that there are other ways of to do this, but I am limited by
my funding.
Thanks,
Brian
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
After noodling it out with a co-administrator, that is the same
conclusion we came to.
Thank you for confirming it.
Brian
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
.example.com.
NS gss2.example.com.
Is there a more efficient method of doing this, eliminating the need to
do this for every sub-domain? Perhaps a forward statement in the conf
file?
Brian
___
bind-users mailing list
bind-users
the ability to GSLB.
Is that a correct statement?
Brian
-Original Message-
From: bind-users-bounces+brian.atkins2=va@lists.isc.org
[mailto:bind-users-bounces+brian.atkins2=va@lists.isc.org] On Behalf
Of Atkins, Brian (GD/VA-NSOC)
Sent: Wednesday, July 21, 2010 1:15 PM
To: bind
10.1.2.5
...
Or where a record is delegated to a secondary name server (GSLB):
$ORIGIN example.com.
www NS gss1.example.com.
NS gss2.example.com.
Below is my kludge of a script for reference. It works (somewhat) for
single line CNAME and A records, but e
7;t do anything with actual verification of the records.
Brian
-Original Message-
From: wllarso [mailto:wlla...@swcp.com]
Sent: Thursday, July 22, 2010 12:45 PM
To: Atkins, Brian (GD/VA-NSOC)
Cc: bind-users@lists.isc.org
Subject: Re: Script for verifying zone files
On Thu, 22 Jul 2010
cord types.
Comments and critiques are appreciated.
Brian
=
BEGIN
=
#!/bin/bash
## named-checkzone_files.sh: verify records between two zone files.
###
## CHANGE LOG
## Author Date
Query time: 34 msec
;; SERVER: 10.xxx.xxx.xxx #53(10.xxx.xxx.xxx)
;; WHEN: Mon Aug 2 14:14:16 2010
;; MSG SIZE rcvd: 45
Any ideas to point me in the right direction?
Thanks,
Brian
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
ed mimicking the bad server.
My suspicion is that the firewall/IPS gurus didn't check everything and
that there is something blocking the queries/transfers.
Brian
-Original Message-
From: bind-users-bounces+brian.atkins2=va@lists.isc.org
[mailto:bind-users-bounces+brian.atkins2=
thout issue as well as perform
a zone transfer (though I get an error, ";; communications error to
10.x.x.x#53: connection reset"). I'm assuming that this is due to the
fact that the response is greater than 512 bytes perhaps.
Brian
___
bin
I'm running 9.6 in our lab environment with DNSSEC enabled, not much
difficulty at all. To make it even easier, you might want to look at the
Webmin BIND module. It makes it even easier.
Also, I went to ISC's BIND deployment workshop and found
it very insightful.
Brian
-Origin
compile BIND myself on Solaris, and it’s so much nicer to just
install it from packages on Linux. 😊 )
Thanks,
Brian
--
Brian Sebby (he/him/his) | Lead Systems Engineer
Email: se...@anl.gov<mailto:se...@anl.gov> | Information Technology
Infrastructure
Phone: +1 630.25
packages rather than
building from source.
Brian
--
Brian Sebby (he/him/his) | Lead Systems Engineer
Email: se...@anl.gov<mailto:se...@anl.gov> | Information Technology
Infrastructure
Phone: +1 630.252.9935| Business Information Services
Cell: +1 630.92
at that?
We’re on RHEL 8 and 9 for our BIND servers and it looks like the EPEL 8 and 9
versions build successfully, but I want to make sure that I’m not missing
something. Thanks!
Brian
--
Brian Sebby (he/him/his) | Lead Systems Engineer
Email: se...@anl.gov<mailto:se...@anl.
ough it doesn’t have as many clients.
I don’t think the new max-records-per-type or max-types-per-name options are
involved as we don’t have any cases where we have that many records with the
same name.
Thanks,
Brian
--
Brian Sebby (he/him/his) | Lead Systems Engineer
E
that I’m not aware of.
Thanks,
Brian
--
Brian Sebby (he/him/his) | Lead Systems Engineer
Email: se...@anl.gov<mailto:se...@anl.gov> | Information Technology
Infrastructure
Phone: +1 630.252.9935| Business Information Services
Cell: +1 630.921.4305| A
No idea what OS or product.
This is a compile, as in build the binary, or a daemon run issue?
For myself I have an Ubuntu base and am running IND 9.18.x. Not locally
compiled.
I have found journalctl, systemctl, bind logs and /usr/bin/named-checkconf and
named-checkzone to be very useful.
Fr
hing the failed response for some period of time?
If so, disable caching for the problematic forwarder zone?
Some other issue? If so what might it be, how can I test for it and how do I
resolve/work-around it?
Thanks in advance,
Brian
Brian R Cuttler
System and Network Administrator
Wadsworth C
8400 IN A 170.247.170.2
c.root-servers.net. 518400 IN A 192.33.4.12
Thanks for your help and suggestions,
Brian
Brian Cuttler, System and Network Administration
Wadsworth Center, NYS Department of Health
Albany, NY 12201 POB 509
brian.cutt...@health.ny.gov<mailto:brian.cutt...@
ven me exactly what was needed.
Brian
From: Greg Choules
Sent: Wednesday, June 26, 2024 12:29 PM
To: Cuttler, Brian R (HEALTH)
Cc: bind-users
Subject: Re: rolling my own hints file
You don't often get email from
gregchoules+bindus...@googlemail.com<mailto:gregchoules+bindus...@googlem
A xx.yy.zz..8
. 518400IN NS @
Thank you.
Brian
From: bind-users On Behalf Of Cuttler, Brian
R (HEALTH) via bind-users
Sent: Wednesday, June 26, 2024 12:56 PM
To: Greg Choules ; David Farje
Cc: bind-users ; Hefner, Joseph (HEALTH)
Subject: RE: rolling my own hints file
ATTENTION
t interval.
If someone would help me find the right switch I'd love to update my config.
Currently running bind 9.9.4 on Centos 7 (I see an Ubuntu platform in my
future).
Thanks in advance,
Brian
___
Please visit https://lists.isc.org/mailma
w where to find it, but looks to me
like the button I want to press.
Is that where I should be looking?
Thanks,
Brian
-Original Message-
From: bind-users On Behalf Of John Thurston
Sent: Tuesday, March 30, 2021 5:00 PM
To: bind-users@lists.isc.org
Subject: Re: replication time for dynam
he incremental update from the DHCP server cause DNS to update the SN
and send a notify message?
Is there some other mechanism to update the secondary?
Thanks,
Brian
-Original Message-
From: Tony Finch On Behalf Of Tony Finch
Sent: Wednesday, March 31, 2021 11:43 AM
To: Cuttler, Brian R (HE
50.156.70#39230
(dai.wadsworth.org): transfer of 'dai.wadsworth.org/IN': IXFR ended
Thanks in advance,
Brian
Brian Cuttler
ITG - Information Technology Group, Network and System Administrator
Wadsworth Center, NYS Department of Health
Empire Stat
e made the secondary authoritative and as a
result was not notifying for dynamic changes.
Thank you very much,
Brian
-Original Message-
From: Mark Andrews
Sent: Tuesday, June 1, 2021 9:24 PM
To: Cuttler, Brian R (HEALTH)
Cc: bind-users@lists.isc.org
Subject: Re: configure notify
of my site wiki article if you'd like to see it.
Brian
-Original Message-
From: bind-users On Behalf Of Roberto Carna
Sent: Thursday, August 5, 2021 12:19 PM
To: ML BIND Users
Subject: Add DNS records automatically for static IP's
ATTENTION: This email came from an external
My pointer zones are more like
Zone "28.66.136.193.in-addr.arpa.", I've never had that leading "0-"
Is that typical? What does it do?
-Original Message-
From: bind-users On Behalf Of Grant Taylor
via bind-users
Sent: Friday, November 4, 2022 1:07 PM
To: bind-users@lists.isc.org
Subjec
bind-users On Behalf Of Cuttler, Brian
R (HEALTH) via bind-users
Sent: Friday, November 4, 2022 2:09 PM
To: Grant Taylor ; bind-users@lists.isc.org
Subject: RE: Reverse lookups not working when Internet connection failed.
ATTENTION: This email came from an external source. Do not open attachment
've missed something.
Thanks in advance,
Brian
Brian Cuttler, System and Network Administration
Wadsworth Center, NYS Department of Health
Albany, NY 12201 POB 509
brian.cutt...@health.ny.gov<mailto:brian.cutt...@health.ny.gov>
518 486-1697
--
Visit https://lists.isc.org/mailman/l
efix, anchors do not.
Ged - I just put up the server in the spring, will check and update if we are
somehow running an older version.
Thanks to all and happy holidays,
Brian
From: Greg Choules
Sent: Tuesday, December 24, 2024 10:00 AM
To: Cuttler, Brian R (HEALTH)
Cc: bind-users
Subject: Re: cna
Apologies, meant to write Stephane and not Stefane.
From: bind-users On Behalf Of Cuttler, Brian
R (HEALTH) via bind-users
Sent: Tuesday, December 24, 2024 10:23 AM
To: Greg Choules
Cc: bind-users
Subject: RE: cname for apex record
ATTENTION: This email came from an external source. Do not
dify the source code.
I'm looking for guidance on how to point the named domain name, the apex record
at the IP addresses provided by the cname name we are using for our webserver.
Thanks in advance,
Brian
Brian Cuttler, System and Network Administration
Wadsworth Center, NYS Department of
:54 AM
To: bind-users@lists.isc.org
Subject: RE: cname for apex record
ATTENTION: This email came from an external source. Do not open attachments or
click on links from unknown senders or unexpected emails.
Hello again,
On Tue, 24 Dec 2024, Cuttler, Brian R (HEALTH) wrote:
> ... I think its t
warding files for some NYS
specific zones.
I have yet to tackle my lame delegation issues, a matter of removing obsolete
references to another site.
That is a completely separate matter though, as the hints issues are on my
internal servers and my delegation is for my external/public server.
T
tanza from both servers, restarted
both primary and secondary and since I made those changes almost 6 hours ago
have not observed those messages.
Sorry, my bad.
Thank you for your continued support,
Brian
From: Greg Choules
Sent: Thursday, February 6, 2025 3:18 AM
To: Cuttler, Brian R (HEALTH)
Greg,
Yes, I did remove that stanza and restart the daemon, clean shutdown and
restart, not just a reload.
Get the messages about the extra NS "." And unable to find root files, restored
the stanza, same error.
Thanks,
Brian
From: Greg Choules
Sent: Thursday, February 6, 2025
health.ny.gov and ny.gov and its.ny.gov,
those will continue to word when I add a forwarders statement for the servers
that ny.gov servers for all more generic queries.
Many thanks,
Brian
From: Greg Choules
Sent: Monday, December 9, 2024 6:26 PM
To: Cuttler, Brian R (HEALTH)
Cc: bind-users
Subject: Re
Greg,
I have a test server I will enable the changes on before I roll them out to my
primary and secondary servers.
The test server is where we make all tests and updates to zone files.
As I configure the forwarders stanza, I will remove the zone for db.cache and
test it out.
Thanks,
Brian
Nick, Greg,
Thank you both, don't deal with that level of detail very often but I love
having a clue as to the underpinnings of things.
The root priming process is exactly the sort of thing you'd hope a service like
this did, and it does!
Thanks,
Brian
From: bind-users On Beha
Greg,
Yes, I do have that but it looks like this
(/etc/dns-root is a link to /etc/bind/zones carry over from an older platform)
These are the servers I want to use as the forwards for all queries that aren't
either local zones or more specific zones in the internal corp network.
brian@
his case I queried a .edu address.
Is there a way to prevent these errors, or was my query ill thought out or have
I simply misconfigured my server?
thanks,
Brian
Dig without trace
root@intest:/etc/bind# dig @intest ns1.albany.edu
18-Dec-2024 14:45:04.452 queries: info: client @0x7f
Greg,
From: Greg Choules
Sent: Wednesday, December 18, 2024 5:04 PM
To: Cuttler, Brian R (HEALTH)
Cc: bind-users
Subject: Re: forwarding non-domain queries
ATTENTION: This email came from an external source. Do not open attachments or
click on links from unknown senders or unexpected emails
Thanks Jan,
Per discussion not supported by all dns servers nor clients.
Ultimate solution is a non-DNS based fix to the websites anchors or a url
wr-write function to correct for the missing www. Prefix.
Thanks,
Brian
-Original Message-
From: bind-users On Behalf Of Jan Schaumann
101 - 166 of 166 matches
Mail list logo
