On Sat, 30 Oct 2004 12:47, "Donovan Baarda" <[EMAIL PROTECTED]> wrote:
> Seriously, does nscd really not correctly handle dns caching/expiry
> properly? I thought the dns caching stuff was well thought out and
> defined... not implementing it properly would be dumb.
It's what I've been told. I ha
also sprach Donovan Baarda <[EMAIL PROTECTED]> [2004.10.30.0447 +0200]:
> I prefer to run a caching dns server on one machine, and nscd on
> all the clients. In my case I'm using libnss-ldap on the clients
> so I kinda need to run it anyway.
I thought so too, but with proper indexing on the server
G'day,
From: "Russell Coker" <[EMAIL PROTECTED]>
> On Fri, 29 Oct 2004 09:56, "Donovan Baarda" <[EMAIL PROTECTED]>
wrote:
> > I actually run pdnsd. I find it leaner and simpler than named. However,
is
> > "run named on all hosts" really better than "run nscd on all hosts"?
>
> That's debatable. S
also sprach Wouter Verhelst <[EMAIL PROTECTED]> [2004.10.29.1508 +0200]:
> It assumes that all DNS servers use the same configuration format,
> or that all DNS servers in a given zone run the same software,
> which simply is an incorrect assumption.
It has suited me just fine. I am thankful that d
On Fri, Oct 29, 2004 at 11:18:45PM +1000, Russell Coker wrote:
> If there was a choice between running only nscd or only named then nscd might
> be a reasonable option. But given that every serious network will need a
> caching DNS proxy (for which task it's unfortunate that there is nothing
>
On Fri, 29 Oct 2004 09:56, "Donovan Baarda" <[EMAIL PROTECTED]> wrote:
> I actually run pdnsd. I find it leaner and simpler than named. However, is
> "run named on all hosts" really better than "run nscd on all hosts"?
That's debatable. Some people will say that DNS servers are too much of a
sec
On Fri, Oct 29, 2004 at 12:04:51PM +0200, martin f krafft wrote:
> also sprach Wouter Verhelst <[EMAIL PROTECTED]> [2004.10.29.1112 +0200]:
> > How is djbdns good? In that it doesn't correctly implement the
> > RFCs on some crucial parts of the DNS protocol?
> >
> > (hint: search for 'AXFR' or 'IX
also sprach Wouter Verhelst <[EMAIL PROTECTED]> [2004.10.29.1112 +0200]:
> How is djbdns good? In that it doesn't correctly implement the
> RFCs on some crucial parts of the DNS protocol?
>
> (hint: search for 'AXFR' or 'IXFR', and see what mr. Bernstein has
> to say about that. No, rsync is /not/
On Thu, Oct 28, 2004 at 06:10:33PM +0200, martin f krafft wrote:
> also sprach Russell Coker <[EMAIL PROTECTED]> [2004.10.28.1520 +0200]:
> > Run named on localhost.
>
> What an extraordinarily bad advice, IMHO. BIND is too much a piece
> of crap.
>
> I really suggest djbdns. I know, it's nonfree
also sprach Darrel O'Pry <[EMAIL PROTECTED]> [2004.10.29.0133 +0200]:
> I've even been able to offload dns management for my colo clients
> through VegaDNS.
Unfortunately, it's PHP and thus not an option for anyone with a tad
bit of a security concern.
--
Please do not send copies of list mail
G'day,
From: "Russell Coker" <[EMAIL PROTECTED]>
> On Wed, 27 Oct 2004 18:07, Donovan Baarda <[EMAIL PROTECTED]>
wrote:
> > Sorry to subvert a thread like this, but has anyone else decided that
> > nscd is pretty much essential for all systems, regardless of nss, or
> > local nameservers?
>
> No.
ay, October 28, 2004 12:11 PM
> To: [EMAIL PROTECTED]
> Subject: Re: nscd: Was Re: long delays with LDAP nss/pam
>
> also sprach Russell Coker <[EMAIL PROTECTED]> [2004.10.28.1520 +0200]:
> > Run named on localhost.
>
> What an extraordinarily bad advice, IMHO. BIND
also sprach Russell Coker <[EMAIL PROTECTED]> [2004.10.28.1520 +0200]:
> Run named on localhost.
What an extraordinarily bad advice, IMHO. BIND is too much a piece
of crap.
I really suggest djbdns. I know, it's nonfree. But it's damn good.
--
Please do not send copies of list mail to me; I read
On Wed, 27 Oct 2004 18:07, Donovan Baarda <[EMAIL PROTECTED]> wrote:
> Sorry to subvert a thread like this, but has anyone else decided that
> nscd is pretty much essential for all systems, regardless of nss, or
> local nameservers?
No.
> It seems without it there is _no_ dns caching of any kind
also sprach Theodore Knab <[EMAIL PROTECTED]> [2004.10.27.2100 +0200]:
> Be careful with indexing and slapindex.
Thanks for the heads-up!
I will make sure that slapindex gets enough intelligence so that it
will refuse to index a running database.
--
Please do not send copies of list mail to me;
Be careful with indexing and slapindex.
Slapindex is supposed to be run when the slapd daemon is down, or the db is in
read-only mode.
>From the 'slapindex' man page:
LIMITATIONS
Your slapd(8) should not be running (at least, not in
read-write mode) when you do this to ensure
also sprach charlie derr <[EMAIL PROTECTED]> [2004.10.27.1519 +0200]:
> index default eq
[...]
> index objectClass eq
^^
that's the default anyway.
Thanks for your tips. It's starting to make sense.
> and (depending on your version of openldap) don't forget to stop the
> dire
On Wed, 27 Oct 2004, martin f krafft wrote:
> also sprach Donovan Baarda <[EMAIL PROTECTED]> [2004.10.27.1007 +0200]:
> > Is there any reason why nscd should not be installed on a system?
>
> It's often a pain to use if you make frequent changes? It's got
> a weird caching policy that I can't seem
martin f krafft wrote:
also sprach Donovan Baarda <[EMAIL PROTECTED]> [2004.10.27.0955 +0200]:
nscd stopped running?
No, I think I verified that in all cases.
Either that or your LDAP Indexes need tweaking.
Does anyone have a good set I could use as a basis. I am completely
new to LDAP...
my a
also sprach Donovan Baarda <[EMAIL PROTECTED]> [2004.10.27.1007 +0200]:
> Is there any reason why nscd should not be installed on a system?
It's often a pain to use if you make frequent changes? It's got
a weird caching policy that I can't seem to control the way
I interpret it?
--
Please do not
On Wed, 2004-10-27 at 17:55, Donovan Baarda wrote:
[...]
> nscd stopped running?
Sorry to subvert a thread like this, but has anyone else decided that
nscd is pretty much essential for all systems, regardless of nss, or
local nameservers?
It seems without it there is _no_ dns caching of any kind
also sprach Donovan Baarda <[EMAIL PROTECTED]> [2004.10.27.0955 +0200]:
> nscd stopped running?
No, I think I verified that in all cases.
> Either that or your LDAP Indexes need tweaking.
Does anyone have a good set I could use as a basis. I am completely
new to LDAP...
--
Please do not send
On Wed, 2004-10-27 at 17:43, martin f krafft wrote:
[...]
> Has anyone experienced the above before? What could be the reason?
> How can I fix this?
[...]
nscd stopped running?
Either that or your LDAP Indexes need tweaking.
--
Donovan Baarda <[EMAIL PROTECTED]>
http://minkirri.apana.org.au/~a
We run a big cluster, managed by FAI, using LDAP and NFS to provide
users with homogenous environments across all nodes. All machines
run sarge, and slapd is tunnelled via SSL for security purposes.
Read-only access to the passwd/group directory is anonymous. All
nodes are running nscd.
While this
24 matches
Mail list logo
