Hello,
When I delegate a subdomain in a zone example.com, the config in
named.conf is like:
test.example.com. 3600 IN NS ns1.another.com.
test.example.com. 3600 IN NS ns2.another.com.
Then I dig to the auth-server of the example zone:
dig test.example.com ns @ns1.example.com
I found some
In message , terr
y writes:
> Hello,
>
> When I delegate a subdomain in a zone example.com, the config in
> named.conf is like:
>
> test.example.com. 3600 IN NS ns1.another.com.
> test.example.com. 3600 IN NS ns2.another.com.
>
> Then I dig to the auth-server of the example zone:
>
> dig
2011/3/4 Mark Andrews :
>
> In message ,
> terr
> y writes:
>> Hello,
>>
>> When I delegate a subdomain in a zone example.com, the config in
>> named.conf is like:
>>
>> test.example.com. 3600 IN NS ns1.another.com.
>> test.example.com. 3600 IN NS ns2.another.com.
>>
>> Then I dig to the aut
Then the load balancer should return default records or 0.0.0.0/:: to
indicate the name is good but doesn't currently have a address.
I like that solution, actually. Even if the client doesn't recognize
it
as a "special" address, hopefully if it tries to connect to it, the
packet won't make it
Dnia 2011-03-04 23:07 terry napisał(a):
>> Look at RA and RD. If the server recurses, you will get a answer.
>> If the server does not recurse, you will get a referral. Then there
>> are the really old broken servers which get this wrong.
>>
>
>Hi Mark,
>
>Please see this for details:
>
>$ di
Hi,
Can a zone file a slave in one view and the same zone file
be served by another view?
I'm going to split our authoritative servers into internal
and external views. My question concerns zones that we
secondary for other organizations, slaved to masters at
their sites.
I know I could config
Haven't done it but don't see why not. Since every entry in named.conf
specifies the zone file you can definitely have multiple zones all
pointing to the same zone file. (We do that for many ancillary zones
that we want to point to our primary domain so have an aliases file that
uses the @ desig
On 3/4/2011 11:46 AM, John Wobus wrote:
> I'm going to split our authoritative servers into internal
> and external views.
Is there anything I can do to try to talk you out of doing this?
AlanC
signature.asc
Description: OpenPGP digital signature
_
On Fri, 2011-03-04 at 11:46 -0500, John Wobus wrote:
> Hi,
>
> Can a zone file a slave in one view and the same zone file
> be served by another view?
It is a bad idea, although I know (from experience) it will work for
static zones. One problem is you need to remember to reload the zone in
both
On Mar 4, 2011, at 8:46 AM, John Wobus wrote:
> Hi,
>
> Can a zone file a slave in one view and the same zone file
> be served by another view?
You can do this for static master zones, but it's not a good idea for slaves.
Depending on the use case for your internal view, you may be able to sol
On 04.03.11 11:46, John Wobus wrote:
> Can a zone file a slave in one view and the same zone file
> be served by another view?
in fact, yes. but it apparently won't work as you'd expect.
> I'm going to split our authoritative servers into internal
> and external views. My question concerns zones
In message , John Wobus write
s:
> >> Then the load balancer should return default records or 0.0.0.0/:: to
> >> indicate the name is good but doesn't currently have a address.
> > I like that solution, actually. Even if the client doesn't recognize
> > it
> > as a "special" address, hopefully i
Thanks, I was able to setup a forward zone in the caching servers for
supernet.com and forward to the ns{2,3}.earthlink.net servers.
I will check periodically for their fixing of the zone and then remove
the forward zone in the caching servers.
Is there a simple tool to quickly identify this kind
In message <79391b3d-6106-420b-9056-717a5e5fa...@cornell.edu>, John Wobus write
s:
> Hi,
>
> Can a zone file a slave in one view and the same zone file
> be served by another view?
>
> I'm going to split our authoritative servers into internal
> and external views. My question concerns zones th
On Fri, Mar 04, 2011 at 11:46:05AM -0500, John Wobus wrote:
...
> Can a zone file a slave in one view and the same zone file
> be served by another view?
...
I assume you mean something like this:
view "here" {
match-clients { "here"; };
zone "example.us" {
type s
On Sat, Mar 05, 2011 at 09:36:56AM +1100, Mark Andrews wrote:
...
> masters { 127.0.0.1 key external.key; };
...
Hmmm! You can do that, can't you? I tend to try to keep one key to one
IP address in a view - people get confused even so.
As I said, this still does two zone trans
>
> But in this case, you're asking the authotrative server. Authorative server
> answers in answer section, as it knows the answer. Authorative section is
> for 'I don't know, ask ...'
> The rule above goes for servers which are not authorative for a given zone.
> Torinthiel
>
2011/3/5 Chris Buxton :
>
> On Mar 4, 2011, at 8:46 AM, John Wobus wrote:
>
>> Hi,
>>
>> Can a zone file a slave in one view and the same zone file
>> be served by another view?
>
> You can do this for static master zones, but it's not a good idea for slaves.
>
> Depending on the use case for your
How sure are we that 9.7.3 fixes CVE-2011-0414?
Because we are seeing behaviour that looks like CVE-2011-0414
on our 9.7.3 server...
Thanks,
John
---
John Hascall, j...@iastate.edu
Team Lead, NIADS (Network Infrastructur
On Mar 4, 2011, at 5:42 PM, terry wrote:
> 2011/3/5 Chris Buxton :
>>
>> On Mar 4, 2011, at 8:46 AM, John Wobus wrote:
>>
>>> Hi,
>>>
>>> Can a zone file a slave in one view and the same zone file
>>> be served by another view?
>>
>> You can do this for static master zones, but it's not a good
> How sure are we that 9.7.3 fixes CVE-2011-0414?
Pretty darn sure.
> Because we are seeing behaviour that looks like CVE-2011-0414
> on our 9.7.3 server...
Please send details to bind9-b...@isc.org.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
In message , terr
y writes:
> >
> > But in this case, you're asking the authotrative server. Authorative server
> > answers in answer section, as it knows the answer. Authorative section is
> > for 'I don't know, ask ...'
> > The rule above goes for servers which are not authorative for a given zo
2011/3/5 Mark Andrews :
>> So why does ns33.domaincontrol.com answer with ANSWER SECTION rather
>> than AUTHORITY SECTION?
>
> If you ask with rd=0 (+norec), which is what nameservers do, you
> get the referral. Presumably ns33.domaincontrol.com is running
> BIND 8 which didn't fully comply the R
Tested bind 9.4, 9.6, 9.7 and 9.8, 9.8 is only version giving this problem.
The issue is when initiating a, bind only slave, to slave off of a,
dlz/mysql+bind master, debug logs show:
"refresh: non-authoritative answer from master"
I had set debugging on slave and master all night long on all
On Mar 4, 2011, at 11:34 PM, Joseph S D Yao wrote:
> On Fri, Mar 04, 2011 at 06:55:07PM -0800, Chris Buxton wrote:
> ...
>>
>> With a static-stub zone (new in BIND 9.8), your server would not prime its
>> cache with the bad NS rrset from the authoritative server. It would simply
>> start all q
25 matches
Mail list logo
