in a
> firewall if need be.
Same here: every PC, TV, set-top box, printer, router, and phone gets
its own address; more than one when it's both wired and wireless. It's
essential because my principal router doesn't have a DNS server built
in (much to the surprise of some), so t
On 10/25/24 07:35, Greg Wooledge wrote:
On Fri, Oct 25, 2024 at 09:33:24 +0100, Joe wrote:
I was assuming someone setting up a server of some kind would not be
running a DHCP client, which of course can be done with a reservation,
but it's another potential point of failure that a fixed address
On Fri, Oct 25, 2024 at 09:33:24 +0100, Joe wrote:
> I was assuming someone setting up a server of some kind would not be
> running a DHCP client, which of course can be done with a reservation,
> but it's another potential point of failure that a fixed address
> configuration doesn't have.
I've s
;
> > I think (on Ubuntu it did anyway) that systemd-resolved.service
> > provides a DNS caching service. The trouble is that it does it wrong
> > (in many people's opinion), if the 'first' DNS server fails to give an
> > answer it tries the 'second'
On Thu, 24 Oct 2024 16:31:18 -0400
Greg Wooledge wrote:
> On Thu, Oct 24, 2024 at 21:24:17 +0100, Joe wrote:
> > In an installation not using a DHCP client, you would be expected to
> > make your own DNS and gateway arrangements along with the IP
> > address.
>
> O
a DHCP client, you would be expected to
> > > make your own DNS and gateway arrangements along with the IP address.
> >
> > OK. I'm guessing that's not relevant here, though.
> >
> > > If
> > > you're not running Network Manager nor a r
Greg Wooledge wrote:
> On Thu, Oct 24, 2024 at 21:24:17 +0100, Joe wrote:
> > In an installation not using a DHCP client, you would be expected to
> > make your own DNS and gateway arrangements along with the IP address.
>
> OK. I'm guessing that's not r
ey're not quite the same thing, but
> the result works OK)
>
> Thus dnsmasq provides a local caching DNS service and it passes DNS
> queries that it can't answer on to my main LAN DNS server. It uses
> the file /run/NetworkManager/no-stub-resolv.conf to tell it where
&g
On Thu, Oct 24, 2024 at 04:31:18PM -0400, Greg Wooledge wrote:
> On Thu, Oct 24, 2024 at 21:24:17 +0100, Joe wrote:
> > In an installation not using a DHCP client, you would be expected to
> > make your own DNS and gateway arrangements along with the IP address.
>
> OK. I&
more. I've
already run a backup from one of my smaller systems and it ran fine.
On xubuntu I have made a habit of removing systemd-resolved.service
and installing dnsmasq. (I know they're not quite the same thing, but
the result works OK)
Thus dnsmasq provides a local caching DNS serv
Greg Wooledge wrote:
> On Thu, Oct 24, 2024 at 20:16:30 +0100, Chris Green wrote:
> > It works fine though. The /etc/resolv.conf is:-
> >
> > domain zbmc.eu
> > search zbmc.eu
> > nameserver 192.168.1.1
> >
> > which simply means all DN
On Thu, Oct 24, 2024 at 21:24:17 +0100, Joe wrote:
> In an installation not using a DHCP client, you would be expected to
> make your own DNS and gateway arrangements along with the IP address.
OK. I'm guessing that's not relevant here, though.
> If
> you're not ru
On Thu, Oct 24, 2024 at 20:16:30 +0100, Chris Green wrote:
> It works fine though. The /etc/resolv.conf is:-
>
> domain zbmc.eu
> search zbmc.eu
> nameserver 192.168.1.1
>
> which simply means all DNS gets passed to my LAN's DNS server. Is that
&g
> https://zytrax.com/books/dns/
> is what I referenced when configuring bind on debian about 4 years ago.
>
That's a nice reading.
> The isc docs were ... not so helpful? Their technical information is
> great. ..if you can understand it. They don't do a whole lot o
On Sat, Aug 3, 2024 at 12:46 AM George at Clug wrote:
>
> Does anyone have any recommendations on detailed books on Bind9 for
> authoritative servers which would also include DNSSEC?
https://www.oreilly.com/library/view/dns-and-bind/0596100574/
Years ago, well.. actually, decades ago
On Saturday, 03-08-2024 at 16:35 Walt E wrote:
> BIND is a system as old as internet.
> You could read the book ‘DNS and BIND’ by oreily.
>
> https://www.ubuy.com.gh/product/14R0U15K-dns-and-bind-5th-edition
Yes, thanks, that is a great book, I was trying to think of its na
BIND is a system as old as internet.
You could read the book ‘DNS and BIND’ by oreily.
https://www.ubuy.com.gh/product/14R0U15K-dns-and-bind-5th-edition
Thanks
On 2024-08-03 11:27, George at Clug wrote:
I pruned my inbox a bit too much.
Thanks to who ever it was who recommended it ! I
On 3/8/24 13:01, George at Clug wrote:
Does anyone have any recommendations on detailed books on Bind9 for
authoritative servers which would also include DNSSEC?
I'm not sure about books but there are many tutorials.
The first issue though is that bind directory layout varies between
dist
e recommended a Bind9 email list, which I forgot to capture, so
> please repost that link, if you read this.
That would have been:
https://lists.isc.org/mailman/listinfo/bind-users
>
>
> I did find this web site that seems to give a good overview:
> https://www.neatcode.org/dns/
>
>
>
>
> George.
>
which would also include DNSSEC?
If anyone has knowledge in this area, I could do a few posts.
Someone recommended a Bind9 email list, which I forgot to capture, so
please repost that link, if you read this.
I did find this web site that seems to give a good overview:
https://www.neatcode.org/dns
On Sun, 21 Jul 2024, Adam Weremczuk wrote:
This is in a way a continuation of my recently "purely local DNS" thread.
To recap: my objective is to send emails to a single domain with both DNS and
any other email traffic being disabled.
A simple working solution that I've found
Thanks for pointing that out.
I've noticed that installing sendmail package was removing postfix and
vice versa.
That made me think these two were mutually exclusive.
After reinstalling postfix, logwatch suddenly started sending emails so
everything is now working as expected.
---
Adam
O
tion should be
>
> Please forgive me, as that is what I am about to do.
>
> I have had, what seems to me to be similar issue, my solution was to
> set up an authoritative BIND9 server on the email/web server in
> question, and have the server first use its own BIND9 server's DN
t;
> to make logwatch use postfix (already working without DNS) instead of
> sendmail?
Blimey. You are COMPLETELY confused, aren't you.
If postfix (the package named "postfix") is installed, and if sendmail
(the package named "sendmail") is NOT installed, then you
Adam Weremczuk writes:
> Let me rephrase my question, which should be easier to answer.
>
> What exactly shall I substitute:
>
> mailer = "/usr/sbin/sendmail -t"
>
> with in /usr/share/logwatch/default.conf/logwatch.conf
>
> to make logwatch use postfix (al
the email/web server in question, and have the
server first use its own BIND9 server's DNS service first.
Admittedly I did not care if my authoritative BIND9 server went out the the
Internet for any queries for which it was not authoritative.
It did allow me to run the server isolated e
Adam Weremczuk writes:
> Let me rephrase my question, which should be easier to answer.
>
> What exactly shall I substitute:
>
> mailer = "/usr/sbin/sendmail -t"
>
Eee. Nothing?
--8<---cut here---start->8---
dpkg -L postfix|grep send
/usr/sbin/sendmail
/usr
Let me rephrase my question, which should be easier to answer.
What exactly shall I substitute:
mailer = "/usr/sbin/sendmail -t"
with in /usr/share/logwatch/default.conf/logwatch.conf
to make logwatch use postfix (already working without DNS) instead of
sendmail?
On 21/07/2024 0
Sendmail is too old to be supported.
You may use postfix and exim instead. They are main stream MTA software
today.
On 2024-07-21 14:58, Adam Weremczuk wrote:
This is in a way a continuation of my recently "purely local DNS"
thread.
To recap: my objective is to send emails t
This is in a way a continuation of my recently "purely local DNS" thread.
To recap: my objective is to send emails to a single domain with both
DNS and any other email traffic being disabled.
A simple working solution that I've found for Postfix is:
/etc/hosts
1.2.3.4ex
onf(5) man page
says:
As of Postfix 2.11, this parameter is deprecated; use
smtp_dns_support_level instead.
(Debian 12 has postfix-3.7.11; well past postfix-2.11.)
I don't know if `smtp_dns_support_level` is needed at all
with `smtp_host_lookup = native`. I've never run
/2024 01:33, Max Nikulin wrote:
I assume that you are not trying to achieve "smart host" configuration
for sending mail.
Perhaps you can run a dedicated dnsmasq instance with no upstream DNS
servers. Option that might help: --dns-rr, --mx-host, --mx-target.
On 15/07/2024 20:00, Adam Weremczuk wrote:
- ability to fetch a single MX record for a single domain
I assume that you are not trying to achieve "smart host" configuration
for sending mail.
Perhaps you can run a dedicated dnsmasq instance with no upstream DNS
servers. Option
again)
>
> Any SMTP client which does not fall back to the A record when no MX records
> exists is fundamentally broken.
I think a confusion here is that the /etc/hosts file is not DNS. Not
all applications on a system will ask the NSS for host lookups; some
do go straight to DNS (as direc
native`. I've never run an MTA
where I wanted DNS lookups disabled, so I don't have any
direct experience.
If it is needed, you'd surely be better off avoiding the
long-deprecated `disable_dns_lookups` parameter which will
just set you up for failure with some future update.
--
Todd
signature.asc
Description: PGP signature
I'm using Postfix and this all that was needed:
/etc/hosts
1.2.3.4 example.com
/etc/postfix/main.cf
disable_dns_lookups = yes
smtp_host_lookup = native
nctioning DNS is going to
require configuration of your MTA.
So, the next question is *which* MTA you're using. I'm most familiar
with qmail. I'm guessing you're not using qmail (just based on the odds),
but in qmail, this would be done by creating an smtproutes file in the
co
I get:
0A032940922 657 Mon Jul 15 14:40:01 user1@mymachine
(Host or domain name not found. Name service error for name=example.com
type=MX: Host not found, try again)
Any SMTP client which does not fall back to the A record when no MX
records exists is fundamentally broken.
--
Je
ure for my Debian 12 VM:
- no public or LAN DNS whatsoever
- ability to fetch a single MX record for a single domain
I don't think I can add MX to /etc/hosts which only works for A
records.
I'm after a similarly simple, "one liner" solution.
---
Adam
--
Jeff Pang
jeffp...@aol.com
to configure for my Debian 12 VM:
- no public or LAN DNS whatsoever
- ability to fetch a single MX record for a single domain
I don't think I can add MX to /etc/hosts which only works for A records.
I'm after a similarly simple, "one liner" solution.
I'm *so* confus
d work for sending mail.
Regards
On 2024-07-15 21:00, Adam Weremczuk wrote:
What I need to configure for my Debian 12 VM:
- no public or LAN DNS whatsoever
- ability to fetch a single MX record for a single domain
I don't think I can add MX to /etc/hosts which only works for A record
On Mon, Jul 15, 2024 at 14:00:03 +0100, Adam Weremczuk wrote:
> What I need to configure for my Debian 12 VM:
> - no public or LAN DNS whatsoever
> - ability to fetch a single MX record for a single domain
>
> I don't think I can add MX to /etc/hosts which only works for A rec
public or LAN DNS whatsoever
- ability to fetch a single MX record for a single domain
I don't think I can add MX to /etc/hosts which only works for A
records.
I'm after a similarly simple, "one liner" solution.
---
Adam
--
Jeff Pang
jeffp...@aol.com
What I need to configure for my Debian 12 VM:
- no public or LAN DNS whatsoever
- ability to fetch a single MX record for a single domain
I don't think I can add MX to /etc/hosts which only works for A records.
I'm after a similarly simple, "one liner" solution.
---
Adam
; > But, the same query wouldn't success in another VPS as follows.
> >
> > $ dig 235.84.36.104.zen.spamhaus.org
> > ;; QUESTION SECTION:
> > ;235.84.36.104.zen.spamhaus.org.IN A
> >
> > ;; Query time: 1 msec
> > ;; SERVER: 127.0.0.5
Am 12.06.2024 um 10:51:45 Uhr schrieb Jeff Peng:
> Do you know what's the reason behind this?
Spamhaus restricts queries from public resolvers.
https://www.spamhaus.org/resource-hub/email-security/if-you-query-the-legacy-dnsbls-via-digitalocean-move-to-spamhaus-technologys-free-data-query-service
pamhaus.org.IN A
;; Query time: 1 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Jun 12 10:45:41 HKT 2024
;; MSG SIZE rcvd: 59
The returned result is "NXDOMAIN".
Both nodes use systemd-resolve as DNS subresolver.
Do you know what's the reason behind this?
Thanks.
Muhammad Yousuf Khan wrote:
> Need your experience advice, We have a BIND9 DNS server that operates both
> privately and publicly for the domain example xyz.com. I use the private
> DNS for certain secure nodes on our local network. I want all VPN users to
> be able to resolve these
On 12/03/2024 12:48, Muhammad Yousuf Khan wrote:
Dear All,
Need your experience advice, We have a BIND9 DNS server that operates
both privately and publicly for the domain example xyz.com
<http://xyz.com/>. I use the private DNS for certain secure nodes on our
local network. I want a
Dear All,
Need your experience advice, We have a BIND9 DNS server that operates both
privately and publicly for the domain example xyz.com. I use the private
DNS for certain secure nodes on our local network. I want all VPN users to
be able to resolve these secure nodes using our local DNS
On 31/10/23 16:27, Max Nikulin wrote:
On 30/10/2023 14:03, Richard Hector wrote:
On 24/10/23 06:01, Max Nikulin wrote:
getent -s dns hosts zircon
Ah, thanks. But I don't feel too bad about not finding that ...
'service' is not defined in that file, 'dns' doesn&#x
nameservers.
# The nameservers listed below may not be recognized.
nameserver 2001:4860:4860::
nameserver 2001:4860:4860::8844
nameserver 2600:380:bc53:b864::b3
I did not want the DNS name servers to be populated but I can live with it.
Do you mean that you prefer to avoid 192.168.104.233
2600:380
recognized.
nameserver 2001:4860:4860::
nameserver 2001:4860:4860::8844
nameserver 2600:380:bc53:b864::b3
I did not want the DNS name servers to be populated but I can live with it.
thank again for your help
Tim
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https
On 30/10/2023 20:04, Timothy M Butterworth wrote:
sudo less /etc/NetworkManager/system-connections/Pixel5.nmconnection
[...]
[ipv6]
addr-gen-mode=stable-privacy
dns=2001:4860:4860::,2001:4860:4860::8844;
dns-search=home.arpa;
ignore-auto-dns=true #I tried with this on, commented out and
On 30/10/2023 14:03, Richard Hector wrote:
On 24/10/23 06:01, Max Nikulin wrote:
getent -s dns hosts zircon
Ah, thanks. But I don't feel too bad about not finding that ...
'service' is not defined in that file, 'dns' doesn't occur, and
searching for '
On 31/10/2023 04:02, Pocket wrote:
On 10/30/23 15:50, Timothy M Butterworth wrote:
I know it is using dhclient because I typod the domain name supersede
domain-name "home.apra"; and it populated .apra in resolv.conf.
Sorry, it is not clear for me what did you do and what result you got.
The
thing I am
missing is the population of IPv6 DNS addresses.
sudo less /etc/dhcp/dhclient.conf
supersede domain-name "home.arpa";
supersede dhcp6.domain-search "home.arpa";
supersede dhcp6.name-servers 2001:4860:4860::,
2001:4860:4860::8844;
supersede
On Mon, Oct 30, 2023 at 1:18 PM Pocket wrote:
>
> On 10/30/23 09:04, Timothy M Butterworth wrote:
>
> Hello All,
>
> I have been following the recent emails regarding resolv.conf. I almost
> have my system running perfectly. The only thing I am missing is the
> populati
correct in thinking that this setting enables the
internal DHCP client.
# iwd-config-path=
plugins=ifupdown,keyfile
configure-and-quit=no
[global-dns]
searches=home.arpa
[ifupdown]
managed=false
[logging]
# backend=journal
# audit=true
[device]
# wifi.backend=wpa_supplicant
[device-31-mac-ad
On 10/30/23 09:04, Timothy M Butterworth wrote:
Hello All,
I have been following the recent emails regarding resolv.conf. I
almost have my system running perfectly. The only thing I am missing
is the population of IPv6 DNS addresses.
sudo less /etc/dhcp/dhclient.conf
supersede domain-name
Am 30.10.2023 um 22:08:46 Uhr schrieb Max Nikulin:
> On 30/10/2023 20:04, Timothy M Butterworth wrote:
> > sudo less /etc/resolv.conf
> > domain home.arpa
> > search home.arpa
> > nameserver 8.8.8.8
> > nameserver 8.8.4.4
>
> I do not see "# Generated by NetworkManager" here.
That is because N
On 30/10/2023 20:04, Timothy M Butterworth wrote:
sudo less /etc/resolv.conf
domain home.arpa
search home.arpa
nameserver 8.8.8.8
nameserver 8.8.4.4
I do not see "# Generated by NetworkManager" here.
nmcli connection
nmcli device
NetworkManager --print-config
ls -l /etc/resolv.
Hello All,
I have been following the recent emails regarding resolv.conf. I almost
have my system running perfectly. The only thing I am missing is the
population of IPv6 DNS addresses.
sudo less /etc/dhcp/dhclient.conf
supersede domain-name "home.arpa";
supersede dhcp6.domain-search
On 24/10/23 06:01, Max Nikulin wrote:
On 22/10/2023 18:39, Richard Hector wrote:
But not strictly a DNS lookup tool:
richard@zircon:~$ getent hosts zircon
127.0.1.1 zircon.lan.walnut.gen.nz zircon
That's from my /etc/hosts file, and overrides DNS. I didn't see an
option in t
On 22/10/2023 18:39, Richard Hector wrote:
But not strictly a DNS lookup tool:
richard@zircon:~$ getent hosts zircon
127.0.1.1 zircon.lan.walnut.gen.nz zircon
That's from my /etc/hosts file, and overrides DNS. I didn't see an
option in the manpage to ignore /etc/hosts.
get
On 23/10/2023 20:52, David Wright wrote:
AFAICT, if you don't have busybox installed, then I think it's likely
that you removed it yourself.
Or it is a LXC container installed using the "download" template. It
uses systemd-networkd and systemd-resolved. I have never tried qemu with
kernel and
On Sun 22 Oct 2023 at 11:07:05 (+0700), Max Nikulin wrote:
> On 21/10/2023 22:58, David Wright wrote:
> > On Sat 21 Oct 2023 at 17:35:21 (+0200), Reiner Buehl wrote:
> > > is there a DNS lookup command that is installed by default on any
> > > Debian Bullseye or Bookworm
On 22/10/23 04:56, Greg Wooledge wrote:
On Sat, Oct 21, 2023 at 05:35:21PM +0200, Reiner Buehl wrote:
is there a DNS lookup command that is installed by default on any Debian
getent hosts NAME
getent ahostsv4 NAME
That said, you get much finer control from dedicated tools.
That is a
On 21/10/2023 22:58, David Wright wrote:
On Sat 21 Oct 2023 at 17:35:21 (+0200), Reiner Buehl wrote:
is there a DNS lookup command that is installed by default on any
Debian Bullseye or Bookworm install?
nslookup is in busybox.
busybox is an optional package, so it may be absent. "g
Perfect! Then I just need to add an alias to my profile and can use nslookup :-)
On 21.10.23 17:58, David Wright wrote:
On Sat 21 Oct 2023 at 17:35:21 (+0200), Reiner Buehl wrote:
> is there a DNS lookup command that is installed by default on any
> Debian Bullseye or Bookworm i
Hello,
it's not really answer to your question, but for simple things like
IP-Addresses you can use getent ahosts, getent hosts or ping directly.
Best Regards,
Juri Grabowski
On Sat 21 Oct 2023 at 17:35:21 (+0200), Reiner Buehl wrote:
> is there a DNS lookup command that is installed by default on any
> Debian Bullseye or Bookworm install? Something that doesn't require as
> much dependencies as bind9-utils (which provides dig and nslookup) or
> bind
On Sat, Oct 21, 2023 at 05:35:21PM +0200, Reiner Buehl wrote:
> is there a DNS lookup command that is installed by default on any Debian
getent hosts NAME
getent ahostsv4 NAME
That said, you get much finer control from dedicated tools.
Hi all,
is there a DNS lookup command that is installed by default on any Debian
Bullseye or Bookworm install? Something that doesn't require as much
dependencies as bind9-utils (which provides dig and nslookup) or bind9-host?
Best regards,
Reiner
Sorry for the double post but I did not see the first answer any where.
Thank you. It was a lot easier than I thought it would be. Again Thank
you.
On 6/5/23 3:45 AM, Brad Rogers wrote:
On Mon, 05 Jun 2023 08:49:11 +0200
Michel Verdier wrote:
Hello Michel,
I already answered to your pro
On Mon, 05 Jun 2023 08:49:11 +0200
Michel Verdier wrote:
Hello Michel,
>I already answered to your problem :
I suspect OP is of the belief that we will respond to them directly and,
as a consequence, they are not reading the list.
--
Regards _ "Valid sig separator is {dash}{dash}{spac
Le 5 juin 2023 Maureen L. Thomas a écrit :
> Forwarded Message
> Subject: problem with local DNS
>
> I am using a Lonova all in one computer with the latest debian on it.
> Bullseye is working fine except for the warning I get as follows: your
> current
Forwarded Message
Subject:problem with local DNS
Date: Fri, 2 Jun 2023 18:53:47 -0400
From: Maureen L Thomas
To: debian-user@lists.debian.org
I am using a Lonova all in one computer with the latest debian on it.
Bullseye is working fine except for the
Le 3 juin 2023 Maureen L. Thomas a écrit :
> I am using a Lonova all in one computer with the latest debian on it.
> Bullseye is working fine except for the warning I get as follows: your
> current proxy settings do not allow local DNS req
> (network.proxy.socks_remote)dns).
I
I am using a Lonova all in one computer with the latest debian on it.
Bullseye is working fine except for the warning I get as follows: your
current proxy settings do not allow local DNS req
(network.proxy.socks_remote)dns).
I have the nordvpn installed and I wonder if that is part of the
+qJvgYbl5SJwXePu0f1XgCxoAg
P5/6ZnnXpo4gidVtxfUB68Ed5T6yxo23o0eI5gE= )
I get external dns answer with a nice dnssec. Can you do :
dig @172.16.208.10 tio.nl A +dnssec +multiline
to see if your internal dns answer the same rrsig
Hi,
@Tim,
If I use the dnssec-validation no; option then indeed it all works. Just tested
it again to make sure.
And as a final solution to this problem I might accept it, but I would rather
not.
@Michel,
> I reread all our mails and I miss to ask you this one (as answers via
> extern
Le 1 juin 2023 Bonno Bloksma a écrit :
> I can do that, but ... that is only for inbound traffic TO my dns server on
> this network.
> That part is working without any problem. Changing that will not change
> anything for the clients on this network.
You are right. I simply
On Thu, 1 Jun 2023, Bonno Bloksma wrote:
My bind instance can reach the company dns server buy claims the response is
false/insecure
Does that maybe mean that my bind gets a "normal" response from the company dns
whereas the external dns at toplevel .nl. (being the parent zone)
inbound traffic as far as I know, that has nothing to do
with what ip number bind itself uses to get info from other (company) dns
servers.
> But you don't have real ipv6 on tun0. fe80:: is only assigned when there is
> no adress assigned for an interface.
Correct, the VPN tunnel is
Le 1 juin 2023 Bonno Bloksma a écrit :
> linbobo:~# ss -nap | grep named
> tcp LISTEN 0 10 [2a02:a45f:96c2:1:1e69:7aff:fe0c:65e3]:53 [::]:*
> users:(("named",pid=554,fd=78))
> tcp LISTEN 0 10 [fe80::1e69:7aff:fe0c:65e3]%eno1:53 [::]:*
> users:(("named",pid=554,fd=71))
> tcp LISTEN 0 10 [fe80::33bc
Hi,
> resolv.conf must have only one search entry. And you don't want to resolv
> with google directly. So you should have :
Ok, I have the google dns commented. Alhough Now I remember why I had the
google dns in there. ;-)
For my machine to create the VPN it needs to know the i
internal bind is not up and running yet some services
> might need a resolver so I have 8.8.8.8 in there as well as a second dns
> entry.
Ensure this in services ordering (systemd or initd). It's better and
safer. And I think it's better to get an error than a false result from
bind.
lv.conf
domain bobo.xs4all.nl
search bobo.xs4all.nl
search tio.nl
search staf.tio.nl
search student.tio.nl
nameserver 127.0.0.1
nameserver 8.8.8.8
When booting if the internal bind is not up and running yet some services might
need a resolver so I have 8.8.8.8 in there as well
Le 8 mai 2023 Bonno Bloksma a écrit :
> I also do not understand this difference when querying the internal dns
> server directly.
> Why does the +trace +cd not show an answer but when I leave them out I get a
> correct answer. Is that because +trace forces it to start at the r
Hi,
>> linbobo:/etc/bind# cat named.conf.local
>
> You have only zone blocks in this file, right ?
Yes,
> And you don't use views ?
I have no idea what they would do, but no. The word view is not in that file.
> Why does it first go to the public dns and then run
Le 5 mai 2023 Bonno Bloksma a écrit :
> linbobo:/etc/bind# cat named.conf.local
You have only zone blocks in this file, right ?
And you don't use views ?
> Why does it first go to the public dns and then run into the dnssec problem?
> There is a direct definition for the tio
0:702:0:1c00:eff:fe00:ce#53(ns1.argewebhosting.eu) in 12 ms
-----
And Argeweb is the provider for my public dns, so it seems it is indeed trying
my public dns with dnssec and then failing my private dns from the company
inside dns.
dig @172.16.208.10 einsccmdp
quot;staf.tio.nl" IN {
> type forward;
> forward only;
> forwarders {172.16.128.40; 172.16.208.10;};
> };
>
> zone "student.tio.nl" IN {
> type forward;
> forward only;
> forwarders {172.16.128.40; 172.16.20
Hi,
Lots of info and log quotes. I hope you can find the "normal" text.
>> We use a different dns server(s) and zonefile for the external dns
>> environment from what we use internally. Company dns is Windows server 2016
>> incase that is relevant.
>
> It&
Le 28 avril 2023 Bonno Bloksma a écrit :
> We use a different dns server(s) and zonefile for the external dns
> environment from what we use internally. Company dns is Windows server 2016
> incase that is relevant.
It's better to use dig (package bind9-dnsutils) to first elimina
Hello,
I have a Debian machine at my home network performing several functions. Two of
those are dns server for my network at home and a VPN server to the company
network.
To facilitate my use of the VPN to the company network I am also forwarding all
dns requests tot the company domain to the
Hi,
On Sat, Mar 11, 2023 at 05:56:00PM +0800, cor...@free.fr wrote:
> Now I have three debian nodes in different DCs.
> Can I deploy a distributed DNS service for fault tolerance?
I assume you mean to run an authoritative DNS service, that provides
answers to queries against the DNS zone
cor...@free.fr wrote:
> Now I have three debian nodes in different DCs.
> Can I deploy a distributed DNS service for fault tolerance?
You need to say what you want more specifically.
Do you want to provide the same services (web servers, usually)
on all three nodes with the ability to re
On 11/3/23 17:56, cor...@free.fr wrote:
Now I have three debian nodes in different DCs.
Can I deploy a distributed DNS service for fault tolerance?
Assuming you don't mean a Windows DC, you can use bind (bind9) in an
architecture that has a master for a DNS zone and multiple s
1 - 100 of 2464 matches
Mail list logo
