On Fri, 9 Jul 2010, Dave Knight wrote:
Let's say you have 2 nameservers
ns-europe.example.com ( which is physically located in North America )
ns-americas.example.com ( which is physically located in Europe )
and both of those are authoritative for this zone
geoip.exam
Hey! A firewall setting was wrong! Imagine that!
Thanks, all. :-)
On 07/09/10 14:18, Peter Laws wrote:
On 07/09/10 02:23, Matus UHLAR - fantomas wrote:
On 08.07.10 14:42, Peter Laws wrote:
BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
From the host itself, a slave for all my zones, I can reso
Sending again, this time from an account actually subscribed to the list, doh :)
> From: Dave Knight
> Date: July 9, 2010 4:39:38 PM EDT
> To: Tomasz Chmielewski
> Cc: "bind-users@lists.isc.org"
> Subject: Re: GeoIP and maintaining high availability
>
> On 2010-07-09, at 4:30 PM, Dave Knight
Am 09.07.2010 22:30, Dave Knight wrote:
Hi Tomasz,
On 2010-07-09, at 10:26 AM, Tomasz Chmielewski wrote:
Hi,
I'm about to set up bind with GeoIP patches.
What I'm not sure, is how do you guys handle high availability?
Suppose I have zones for Americas and Europe, and a destination server in
Hi Tomasz,
On 2010-07-09, at 10:26 AM, Tomasz Chmielewski wrote:
> Hi,
>
> I'm about to set up bind with GeoIP patches.
>
> What I'm not sure, is how do you guys handle high availability?
>
> Suppose I have zones for Americas and Europe, and a destination server in
> Europe dies - how do you
On 07/09/10 02:23, Matus UHLAR - fantomas wrote:
On 08.07.10 14:42, Peter Laws wrote:
BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
From the host itself, a slave for all my zones, I can resolve all my
zones. I cannot, however, resolve anything else.
For example, if I dig google.com I get a timeout
On Fri, Jul 09, 2010 at 03:08:20PM +0530, rams wrote:
> What is the cname chains limit ?
BIND will chase CNAME targets up to 16 times, then stop. It's a
loop-prevention method: if you have a.example.com pointing to
b.example.com which points back to a.example.com, BIND will try
16 times to find
Am 09.07.2010 17:28, Mark Watts wrote:
The textbook answer is to use anycast, which is how ISC (among others)
provide redundancy for their F-root nameserver.
Sure, but I'm afraid I won't have anycast available for this project.
Failing that, you'd probably turn to simply having more than on
On Fri, Jul 09, 2010 at 08:33:10AM +0200, Niklas Jakobsson wrote:
> I assume this has to do with the transfer-format option set to
> 'many-answers' (this is the default of bind), so what decides how many
> records goes into one DNS packet? Since it is a tcp-stream I assumed
> there would be only on
On Fri, 2010-07-09 at 16:26 +0200, Tomasz Chmielewski wrote:
> Hi,
>
> I'm about to set up bind with GeoIP patches.
>
> What I'm not sure, is how do you guys handle high availability?
>
> Suppose I have zones for Americas and Europe, and a destination server
> in Europe dies - how do you handle
On Thursday 08 July 2010 8:41:19 am Dimitri
Yioulos wrote:
> Hello to all.
>
> I have recently set up a slave DNS server
> (bind-9.3.6) on a CentOS 5.x Linux box. The
> master is our Windows server and, really, it
> directly serves our AD infrastructure, and
> forwards external queries to our ISP
On Thu, 2010-07-08 at 23:02 -0400, Barry Margolin wrote:
>
> Are you sure both views are actually getting the notifies? You need the
> master to send two notifies, each one satisfying the match-XXX criteria
> of one of the views.
>
> If only one notify is sent, only the view that it matches wil
Hi,
I'm about to set up bind with GeoIP patches.
What I'm not sure, is how do you guys handle high availability?
Suppose I have zones for Americas and Europe, and a destination server
in Europe dies - how do you handle it so that new (i.e. web) requests
hit American servers only?
Set TTL to
Looking at the Mcafee AccessProtectionLog I noticed that behaviour only 26
times starting from 06/06/2009.
Too few tries for a malware/virus, isn't it?
Could it be a port used fortuitously by named in his random port use?
Ciao.
Stefano.
-Messaggio originale-
Da: bind-users-bounces+stefa
Am Fri, 9 Jul 2010 15:09:24 +0200
schrieb "Chiesa Stefano" :
> A couple of details:
>
> * bind is working fine and on the server the Task Manager shows just
> one named.exe process ("show processes from all users" checked)
> * I don't' think McAfee is triggering on MX lookups because he's
> block
Since you now know that BIND doesn't send email and its possible to name a
virus whatever the virus writer wishes, it might be prudent to compare the
file with a known good version from here (check signatures):
ftp://ftp.isc.org/isc/bind9/
While off topic for this forum, you should also try netsta
A couple of details:
* bind is working fine and on the server the Task Manager shows just one
named.exe process ("show processes from all users" checked)
* I don't' think McAfee is triggering on MX lookups because he's blocking
connection on port 25 (look at the end of log line: 187.58.17.194:
On 09/07/10 12:18, tomasz dereszynski wrote:
check below link
apparently viruses (some) hide themselves behind that name/process.
http://www.file.net/process/named.exe.html
mind you, it might be something else ...
Maybe McAfee is triggering on MX lookups?
___
On 09.07.10 15:08, rams wrote:
> What is the cname chains limit ?
the logical limit is 1. The technical limit usually depends on how big
packet can your (stub) resolver accept.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
On 7/9/2010 7:25 AM, Alan Clegg wrote:
> For those of you that don't follow bind-users closely, this is a bit of
> troubling news. I'm not surprised that a "bad guy" would masquerade his
> malware as BIND, but to actually see it documented is sad.
[this was supposed to go to an internal list and
For those of you that don't follow bind-users closely, this is a bit of
troubling news. I'm not surprised that a "bad guy" would masquerade his
malware as BIND, but to actually see it documented is sad.
AlanC
Original Message
Subject: Re: Does bind send email?
Date: Fri, 9 Jul
> On 7/9/2010 4:57 AM, Chiesa Stefano wrote:
>
>> "27/05/2010 17.06.32 1094 C:\bind\bin\named.exe Protezione
>> antivirus standard:Impedisci a worm distribuiti tramite mass-mailing di
>> inviare messaggi 93.49.247.253:25"
>>
>> (translated from italian: Prevent mass mailing worms from sendin
On 7/9/2010 4:57 AM, Chiesa Stefano wrote:
> "27/05/2010 17.06.32 1094 C:\bind\bin\named.exe Protezione
> antivirus standard:Impedisci a worm distribuiti tramite mass-mailing di
> inviare messaggi 93.49.247.253:25"
>
> (translated from italian: Prevent mass mailing worms from sending mail
Am Fri, 9 Jul 2010 15:08:20 +0530
schrieb rams :
> Hi ,
>
> What is the cname chains limit ?
>
> Thanks & Regards,
> Ramesh
I've managed to get 17 cnames into a chain returned by dig. named-checkzone
wouldn't mind additional cnames though. In my example zone I've put 100 cnames
into a chain
On 07/09/10 07:36, khanh rua wrote:
Can u tell me how to do this ?
If you enable query log, you might be able to see if it's actually
serving queries at that time.
I mean "it hang" is named process is still running but it cannot
respond any lookup query. CPU is almost at low rate 5-6 % or lo
Hi ,
What is the cname chains limit ?
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hello all.
I've noticed that in the McAfee Antivirus AccessProtectionLog several
lines like this one:
"27/05/2010 17.06.32 1094 C:\bind\bin\named.exe Protezione
antivirus standard:Impedisci a worm distribuiti tramite mass-mailing di
inviare messaggi93.49.247.253:25"
(translated from
On 08.07.10 14:42, Peter Laws wrote:
> BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
>
> From the host itself, a slave for all my zones, I can resolve all my
> zones. I cannot, however, resolve anything else.
>
> For example, if I dig google.com I get a timeout.
>
> Further, if I do a blank dig, I don
> On Thu, 2010-07-08 at 07:34 -0400, Alan Clegg wrote:
> > You need to specify different "file" locations for each of the slaved
> > zones (even if the data is the same) in each view.
On 08.07.10 15:01, John Horne wrote:
> Does that apply for master zones which are common (i.e. the same data)
> to
29 matches
Mail list logo