Hi Ray,
I'd recommend not using type 'any' in your tests - the results won't
always be what you expect. ANY is a diagnostic query type - and what a
recursive nameserver does when it receives it will depend on what it has
already in cache - sometimes it will answer with what it has already,
and so
I assume that you are asking about providing authoritative DNS for
example.com.
Should you deploy DNSSEC? Yes, if you want your query responses to be
validated by DNSSEC resolvers.
Does this have anything to do with the DNSSEC signing of the root
domain? No, not really. Unless your TLD'
Hello,
Since the global root DNS servers have deployed dnssec, as a
hostmaster for the common domain like example.com, should we also
deploy dnssec with named? Thanks.
Regards.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/m
Hey Ezra,
Thanks for the reply.
ulimit -Hn and ulimit -Sn report 8192.
Wasn't sure if limits.conf would help or not.
Dale
On Apr 30, 2010, at 4:18 PM, Ezra Taylor wrote:
Dale:
The limits.conf file is not going to solve your
problem. Read the man page for initscript and initt
Dale:
The limits.conf file is not going to solve your problem. Read
the man page for initscript and inittab.
On Thu, Apr 29, 2010 at 5:53 PM, Dale Kiefling wrote:
> We have a Bind 9.7.0-P1 instance that is throwing the following errors:
> 21-Apr-2010 16:59:00.173 general: error: so
Have been doing some testing[1] of our firewalls and DNS servers for
the upcoming signing of the last root server and ran into something I'm
not completely sure about.
The tests in the ISC post[1] from earlier this year run fine when
pointed directly at the L server (IOW, our firewalls do handle t
On Wed, Apr 28, 2010 at 11:59:11AM -0400,
Kevin Darcy wrote
a message of 21 lines which said:
> I know of no such feature. What do you mean by "spoofed" anyway? How
> would you expect named to detect "spoofing", and is that its job?
It seems (not tested by me) that Nominum CNS does that: when
7 matches
Mail list logo