Hi,
I have NS record points a record [A/] which is falls into wildcard .
But when I query for NS record against bind, we are not getting these
records as glue records.
ex:
*.a.example.com A 1.1.1.1
example.com. NS abc.a.example.com.
Querying example.com with any or ns.
don't we get glue recor
Hi ,
Can I disable cache without disabling recursion?
Thanks & Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mail
Hi ,
I have 9.7 bind installed and configured recursive. When i query against
forwader i am not getting AD flag but remaining answer is correct for
signed query. Could you please guide me how to get AD flag. Already i have
enabled dnssec-validation and dnssec-enabled.
Thanks & Regards,
Ramesh
___
Fri, Aug 2, 2013 at 11:11 AM, David Newman wrote:
> On 8/1/13 10:19 PM, rams wrote:
>
> > I have 9.7 bind installed and configured recursive. When i query
> > against forwader i am not getting AD flag but remaining answer is
> > correct for signed query. Could you please gui
Hi I have configured my bind as forwader but when I query it is not
forwarding and looking into local only.
recursion yes;
zone "com." {
type forward;
forwarders {ip; };
};
;; QUESTION SECTION:
;soap-e2e-signzone.com. IN A
;; AUTHORITY SECTION:
.
Hi.
I have zone file as follows
$ORIGIN rameshtest-caa.com.
$TTL 86400 ; 1 day
@ IN SOA ns1.rameshtest-caa.com.
root.rameshtest-caa.com. (
2009040114 ; serial
3600 ; refresh (1 hour)
Thank You Mukund .
I figured that it is implemented in 9.10
Regards,
Ramesh
On Fri, May 15, 2015 at 12:54 PM, Mukund Sivaraman wrote:
> On Fri, May 15, 2015 at 12:39:21PM +0530, rams wrote:
> > I am using bind 9.6. Did I miss/mistake anything here? Could you
> > please guide me
Thank You Mark.
Now I am using 9.9 and It is working fine.
Regards,
Ramesh
On Fri, May 15, 2015 at 12:59 PM, Mark Andrews wrote:
>
> In message owv0s7...@mail.gmail.com>, rams writes:
> > Hi.
> > I have zone file as follows
> >
> > $ORIGIN rameshtest-caa
Hi
I have own resolver as authoritative and configured to chase the domain in
recursive bind as configured in my resolver.
ex:
example.com CNAME bind.com
I have bind.com A record in bind.
When I queried example.com against my auth resolver, for couple of queries
giving A record from bind and som
Is there any rfc that a tld zone should have atleast two ns records when we
create the tld zone
Thanks & regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users
Hi,
Greetings
Is anyone can help me to verify the NSEC3 record in response is correct or
not.
Do we have any tool or command to check closet encloser NSEC3 record or
Correct NSEC3 record returned in response.
Thanks & Regards,
Ramesh
___
Please visi
Greetings...!
Is any one explain how to break trusted chain in dnssec with example how to
create zone or data with trusted chain break.
Thanks & Regards,
ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this
Hi
On the CAA record iodef filed, do we force this to be unique or can it
match a CNAME?
Thanks,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
Hi,
Can anyone share the steps and commands for key rollover for inline signing
zones in bind by manual/auto.
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of
Hi,
Do we need to set any option in named.conf for auto RRSIG generation in
bind?
Can anyone help me on this.
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of
Hi,
What is the latest bind version for Centos 7?
Where we can download it?
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support su
Hi,
Can anyone help me how to generate ZSK key with one year validity?
When I am trying , it is default 30 days validity but i want to make ZSK
key validity 1 year. Is it possible in bind?
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/li
Hi,
auto-dnssec option is mandatory for inline signing along with
"inline-signing yes" option? Kindly confirm.
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of
Hi
We are using bind 9.11.28.1 on centos7.8. We have large number of zones on
disk. When we stop/start , we are not getting successful message and seeing
below error. But in log we see named is running and doing axfr/ixfr. Do we
need to add any configuration paameter to avoid below error.
Starting
oading configuration succeeded
Apr 09 05:19:39 named[1354]: zone
5.0.0.0.0.0.0.0.8.1.6.0.1.0.a.2.ip6.arpa/IN: ref...led
Hint: Some lines were ellipsized, use -l to show in full.
[dev][root@xtld2.usiad42 log]#
On Fri, Apr 9, 2021 at 11:16 AM Stuart@registry.godaddy
wrote:
>
>
>
Hi,
I am using bind 9.16.21 on ubuntu. When I am running dnsperf against that,
always load is going one CPU core, because of this issue, I am seeing less
QPS. Has anyone faced the same issue? Could you please someone look into
this and help me with this?
Regards,
Ramesh
___
Hi,
I am using bind 9.16.21 on ubuntu. When I am running dnsperf against that,
always load is going one CPU core, because of this issue, I am seeing less
QPS. Has anyone faced the same issue? Could you please someone look into
this and help me with this?
Regards,
Ramesh
___
Hi,
I am using bind 9.16.21 on ubuntu. When I am running dnsperf against that,
always load is going one CPU core, because of this issue, I am seeing less
QPS. Has anyone faced the same issue? Could you please someone look into
this and help me with this?
Regards,
Ramesh
___
Hi,
Greetings ...
Could someone please share all supported DNS RRs and examples of each RR.
Regards,
Ramesh
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https:/
Hi,
We are getting the following error when we query for the 25M zone with axfr
.
]# dig @localhost 25million.com axfr |tail
a8157794.25million.com. 86400 IN A 1.1.1.1
a8157795.25million.com. 86400 IN A 1.1.1.1
a8157796.25million.com. 86400 IN A 1.1.1.1
a8157
operation canceled
On Wed, Apr 20, 2022 at 11:17 AM Crist Clark
wrote:
> Probably.
>
> Maybe check for any log messages from BIND. Do packet capture to see
> exactly what's happening to the TCP.
>
> On Tue, Apr 19, 2022 at 10:12 PM rams wrote:
>
>> Hi,
>
side your normal working hours.
>
> On 20. 4. 2022, at 8:04, rams wrote:
>
>
> Seeing only these two line in log:
> Apr 20 05:54:20 perf-bind named[74314]: client @0x7fb844005288
> 127.0.0.1#13522 (25million.com): transfer of '25million.com/IN': AXFR
> started (ser
Hi,
I have set up data as follows in bind.
Zone: rameshops5526old.com
maint.rameshops5526old.com. 300 IN CNAME
maint.global.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS dns5.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS dns2.rameshops5526old.c
Hi ,
Please tell me the correct answer for the below set up:
*Zone: rameshops5526old.com
*
maint.rameshops5526old.com. 300 IN CNAME
maint.global.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS dns5.rameshops5526old.com.
rameshops5526old.com. 21600 IN NS dns
Hi
When we have data as follows queried domain "maint.rameshops5526old.com."
against bind and my own resolver. Bind and my resolver response are same but
only mismatching with flags. bind is returning AA flag but my resolver is
not returning AA flag. in this case wihcih is correct bind or my reso
Hi ,
When I created delegated NS record. Bind 9.7.1 p3 is giving SERVFAIL , when
i queried for NS delegated record with NS.
Could you please clarify me or is it bug in 9.7?
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
h
Hi,
I have configured records as follows in bind. When we start the bind 9.7,
bind is not starting.
But bind is started successfully when commented below ns domains which are
marked as RED. Could you please clarify me.
*Note: Bind 9.6 is started successfully with the same below zone. *
Error:
zon
An observation in nsupdate:
Suppose we have two A records as ,
*addforixfr.bind9712.com. 3456 IN A 10.32.21.30*
*addforixfr.bind9712.com. 3456 IN A 10.32.21.20*
When we update TTL value as below for one of the records , the TTL value
changes for both the record
Hi,
What is the bind response when queried MX record. The MX record is having
prefernce value is greater than maximum of preference value [ex: 65536].
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mai
Hi,
I have a record in BIND as follows:
mxdomain.com. 86400 IN MX 65536 gmail.com.
When I query "mxdomain.com." with type MX. What is the bind response. Is
there any RFC mentioned about this .
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-
Hi,
I have one SOA record as follows in zone.
qa.com. 86400 IN SOA ramesh.com. qa.com. (
2009111903 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
2592000; expire (4 weeks 2 days)
I have trouble resolving the host name dnssecnsec3qatestdomain.com. which is
NSEC3 signed. This is the parent and child zone. If I run dig ( dnssec
query) with the +cd option I which is a proper response:
[r...@stulcqanusbind1 ~]# dig dnssecnsec3qatestdomain.com. any +dnssec *+cd
*
; <<>> Di
y resolver is returning multiple CNAMEs for same hostname. But I believe
CNAME should not return same hostname with multiple values.
Ex: Configured GEOIP records as follows:
ramesh.com CNAME a.ramesh.com.
ramesh.com CNAME az.ramesh.com. Arizone configured
ramesh.com CNAME va.ramesh.com. ---
Hi,
I have zone as follows in bind.
$ORIGIN joshfeb1.com.
@ IN SOA rboddeti.yahoo.com. rboddeti.gmail.com. (
2011013101 ; serial
10800 ; refresh
3600 ; retry
2592000 ; ex
@zones]#
Is it correct. Actually www.joshfeb1.com is not exist and it should look
into *.joshfeb1.com right. Could you please clarify why it is not returning
answer.
Thanks & Regards,
Ramesh
On Tue, Feb 1, 2011 at 9:41 AM, Mark Andrews wrote:
>
> In message ,
> rams w
> rite
Hi,
I have zone as follows in bind.
$ORIGIN joshfeb1.com.
@ IN SOA rboddeti.yahoo.com. rboddeti.gmail.com. (
2011013101 ; serial
10800 ; refresh
3600 ; retry
2592000 ; expire
Hi,
Could you please tell me how to set up for recursive server for NS
delegation records.
It would be great if you give named.conf
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind
I have configuered recursion yes in named.conf and i queried for NS
delegated records against bind. Actually that domain is not exist in my
system. Here how bind will work.
On Wed, Feb 23, 2011 at 6:20 PM, rams wrote:
> I have configuered recursion yes in named.conf and i queried for
Hi,
When i do a dynamic update using nsupdate, i am unable to add record into
signed zone.
steps followed:
[root@stulcqacustbind2 muktha]# nsupdate
> server
> update add net.rameshnu.sun. 86400 IN A 1.2.3.4
> send
update failed: SERVFAIL
>
Bind log:
25-Apr-2011 12:43:22.166 update: info: client i
Hi,
How to declare multiple signed key paths in key-directory. When i declare as
follows, named not starting.
key-directory {"/var/named/zones";"/root/ramesh/Largezone";}
Please clarify me.
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-use
Hi ,
Can we resign a signed zone with out key files? Please clarify me.
Thanks,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc
Hi ,
I have signed zone and already i have resigned two times. Now again i am
resigning zone but after resign zone , RRSIG values are not changed. the
same old values displaying. Any wrong in me. Could you please guide me how
to change RRSIG values.
___
Hi,
could you please explain me, how to create DS and DLV records into my zone.
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
HI ,
How to sign a zone for getting NSEC3, NSEC3PARAM RR's in a signed zone.
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hi Peter,
In the out put of your dig result , you can see the following section. This
section is counted as RR and count will be updated in additional section.
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
Thanks,
ramesh
On Sun, May 9, 2010 at 11:02 PM, wrote:
> Send bind-us
Hi,
I have delegation of NS records in my zone and i signed zone using RSASHA1
algorithm. It is signed successfully. When I checked the the zone i am not
seeing RRSIG for delegated NS records. When I query for delegated NS record
with dnssec, it is returning NS records, NSEC and RRSIG for NSEC and
Hi,
How to add a record into signed zone using nsupdate. Is there any additional
arguments need to be passed for getting RRSIG of addition record or
automatically bind will take care?
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.
Hi ,
As you said I tried with nsupdate but unable to add a record into signed
zone. It is giving SERVFAIL. Do we need to send any special value?
Thanks,
Ramesh
On Thu, May 13, 2010 at 9:05 AM, Mark Andrews wrote:
>
> In message ,
> rams
> writes:
> >
> > Hi,
>
Hi,
I have mx records with chaining as follows.
mx.chain.td3497.com.86400INMX34 mx1.chain.td3497.com.
mx1.chain.td3497.com.86400INMX34 mx2.chain.td3497.com.
mx2.chain.td3497.com.86400INMX34 mx3.chain.td3497.com.
mx3.chain.td3497.com.86400IN
Hi,
How do we resign the signed zone? What is the command to do the RESIGNING ?
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hi ,
I have the following zone file:
$ORIGIN td3497.com.
@ IN SOA udns1.ultradns.net. ppk.yahoo.com. (
2010052610 ; serial
10800 ; refresh
3600 ; retry
2592000 ; expire
86400 ; minimum
)
cname.chain.td3497.com. 86400 IN CNAME mx.chain.td3497.com.
mx.chain.td3497.com. 86400 IN MX 34 mx1.c
Is there any update on the following issue.
On Mon, May 31, 2010 at 2:16 PM, rams wrote:
> Hi ,
>
> I have the following zone file:
>
> $ORIGIN td3497.com.
>
> @ IN SOA udns1.ultradns.net. ppk.yahoo.com. (
>
> 2010052610 ; serial
>
> 10800 ; refresh
>
Hi ,
I have the following zone file:
$ORIGIN td3497.com.
@ IN SOA udns1.ultradns.net. ppk.yahoo.com. (
2010052610 ; serial
10800 ; refresh
3600 ; retry
2592000 ; expire
86400 ; minimum
)
cname.chain.td3497.com. 86400 IN CNAME mx.chain.td3497.com.
mx.chain.td3497.com. 86400 IN MX 34 mx1.chain.td349
Hi,
During AXFR of a zone, the zone.dbfile is not created till the AXFR
completes. Till AXFR completes, the file name will be some value as
456eefwfc. Is it correct behavior?
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
h
Hi,
How to resign a zone?
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
.org registrars allowing DS records (itservices88)
> 2. Re: .org registrars allowing DS records (Kevin Oberman)
> 3. Re: .org registrars allowing DS records (Doug Barton)
> 4. Re: .org registrars allowing DS records (Mark Andrews)
> 5. Re: .org registrars all
Hi ,
What is the cname chains limit ?
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hi ,
I have data as follows
a.rameshops5446.com. 86400 IN A 1.2.3.1
a.rameshops5446.com. 86400 IN MX 10 a.rameshops5446.com.
I queried domain "a.rameshops5446.com" with type ANY against bind9.6 .
Actual Result:
Bind is returning above two records in answer section and also returning A
record in
Hi ,
I have delegated NS records and those records pointed to A records in signed
zone. When I queired for my delgated domain against bind 9.6-p3.
Bind is returning NS records and RRSIG for NS in authority section
correctly. Glue records are returned correctly in additional section but
RRSIG valu
Hi,
Greetings. When we have "something.*." with cname record, if we
query domain as "something.abc." , bind is not returning answer and
if i query with same name "something.*.", getting answer in bind.
When we have widlcard in middle labels, are we not treating as wildcard
record? Kindly share info
Hi,
Greetings!!!
I have master and slave servers. When we have updates in master, slave is
getting updating after 20 or 30 minutes.
When I look into tcpdump pcakets, Slave is trying with master unicast ip to
get updates. We don't have port opened slave to master with unicast ip and
we have port ope
Hi,
Greetings !!!
I am getting the following error when we do updates to bind even we have
configured allow-update ANY, named folder is having all permissions and
also owner ship.
updating zone 'xtldprimary.com/IN': update failed: not authoritative for
update zone (NOTAUTH)
Kindly some one help
Hi,
we have two scenarios as follows. Is there any chance to copy DS records
through AXFR or any another method to copy child DS records into parent
zone.
Scenario 1:
Customer has domain2.com on Bind1 signed with DS records for domain2.com at
place with registrar. Customer delegates a zone (sub.do
Hi,
Greetings!!!
Do we have email notification feature in Bind when zone update fails.
Thanks & Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.
Hi,
Greetings.
I want to test bulk updates master to slave in Bind. Is there any way to
pause to send updates to slave from master?
Thanks & Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
Greetings!!!
We are getting two RRSIGs and 3 DNSKEY [ 1-256 and 2-257] when we do KSK
rollover. Is it correct we are returning two RRSIGs for DNSKEY?
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
Greetings!!
When we change any resource record like A or , then SOA serial number
gets incremented. But If we update only SOA record ,Is serial number of SOA
remain same as before or serial number of SOA will increment?.
Do we have any RFC for this?
Regards,
Ramesh
__
Hi,
Greetings
Currently in bind we are doing auto full sign when RRSIG expires . Is there
any chance to generate only RRSIGS instead of full sign.
the reason I am asking is when we have large zone and when it happens auto
RRSIG expire and full sign, the complete zone is going to full sign and
Hi
Greetings!!
We have 1Million signed zone records in bind. My zone is going to
auto-resign after 3 days. If we change RRSIG expire date to greater than
two months from now then if restart bind, Can we avoid auto-resign in this
week? is there any impact on resolution or is my zone is valid? wh
Hi,
Greetings
Is there any QPS improvement bind 9.10.6 vs 9.10.6.1? because we are seeing
47K QPS on 9.10.6 and 95K QPS on 10.9.6.1 on the same zone.
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
Greetings,
Is anyone knows unbound 1.9 release date?
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinf
Greetings!!
Does Bind has a database option to read zones [if zones are in database]
instead of zone files? if yes , how to setup? can someone help me.
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
fr
Hi,
I have setup sshfp records as follows in bind zone file:
test1.ramesh-sshfp.com. 86400 IN SSHFP 1 1 aa
test2.ramesh-sshfp.com. 86400 IN SSHFP 1 1 00
Successfully started bind but when queried for domain test1 and test2 ,
returning malformed error and no answer. If fingerprint value wron
ist .
Regards,
Ramesh
On Thu, 31 Jan 2019, 7:14 pm rams Hi,
> I have setup sshfp records as follows in bind zone file:
>
> test1.ramesh-sshfp.com. 86400 IN SSHFP 1 1 aa
> test2.ramesh-sshfp.com. 86400 IN SSHFP 1 1 00
>
> Successfully started bind but when queried for d
Greetings.!
how does recursive resolver get the information for a zone example.com in
below setup when
example.com has DS records in .com
.com is tld zone
example.com is sld zone
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/listi
Hi,
Greetings !
How to configure "minimal-responses" option at zone level?
At global level it is working fine. but looking help for zone level to
configure. Can someone help me on this
Regards,
Ramesh
___
Please visit https://lists.isc.org/mailman/li
81 matches
Mail list logo
