On 1/31/14 10:35 AM, Tony Finch wrote:
> David Newman wrote:
>>
>> What action, if any, is needed?
>
> Does rndc sign make it wake up?
Alas, no. There are a bunch of successful IXFR messages to slave servers
but the dates in that NSEC3PARAM RRSIG did not change.
> Is there anything in the log
David Newman wrote:
>
> What action, if any, is needed?
Does rndc sign make it wake up? Is there anything in the logs
reporting problems, e.g. inability to read the key files?
Tony.
--
f.anthony.n.finchhttp://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at f
On 1/31/14 3:10 AM, Tony Finch wrote:
>> 2. For five domains, the log contains signature-has-expired warnings.
>>
>> In all five cases, these are for NSEC3PARAM records.
>>
>> Is any action needed on my part, for example manually doing NSEC3
>> signing of these zones?
>
> See if named has already
On Fri, Jan 31, 2014 at 12:41 PM, Vernon Schryver wrote:
> > You have records which absolutely
> > need to be public: SPF, MXs--mail won't work otherwise.
>
> I hope I misunderstood the intended meaning or context of those words,
> because their literal, co
> You have records which absolutely
> need to be public: SPF, MXs--mail won't work otherwise.
I hope I misunderstood the intended meaning or context of those words,
because their literal, context free meaning that SPF and MX records
are required by SMTP is w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://www.five-ten-sg.com/mapper/bind contains links to the source
rpms, and build instructions.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)
iEYEARECAAYFAlLr2hEACgkQL6j7milTFsFxlwCePqzqoHimatBgopMsYjiPSrye
CKIAnRtYCpleIKFvwZQWg
Carl, Sten,
Thanks! That's exactly what I was looking for.
Steve
On Jan 31, 2014 12:10 PM, "Sten Carlsen" wrote:
> I can add that this is what I do to solve the same problem.
>
> I have one difference that you may consider:
> I am a stealth master for my external zone, so all changes to IPs will
I can add that this is what I do to solve the same problem.
I have one difference that you may consider:
I am a stealth master for my external zone, so all changes to IPs will
be controlled from my side and slaved on the public facing servers.
On 31/01/14 17:44, Rich Goodson wrote:
> Steve,
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 2014-01-31 at 11:10 -0500, Steve Presser wrote:
> I'm trying to figure out how to do some sort of pass through
> arrangement, where the internal BIND server will first attempt to do
> the lookup with local records. If it has no local record, it
Steve,
If you must use the same domain for internal names as external, here is one way
to do that.
On the recursive resolving name server that you use inside your network, also
make that server authoritative for the domain name in question. You’ll need to
do double-entry for every externally
On Fri, Jan 31, 2014 at 11:10 AM, Steve Presser wrote:
> Hey all,
> Please forgive me if any of my terminology is off - I have not spent as
> much time in the documentation as I'd like.
> I have an odd situation that I would like to know if it is possible and
> would much appreciate a pointer to
Hey all,
Please forgive me if any of my terminology is off - I have not spent as
much time in the documentation as I'd like.
I have an odd situation that I would like to know if it is possible and
would much appreciate a pointer to any relevant documentation or write-ups.
I manage a domain name w
David Newman wrote:
>
> 2. For five domains, the log contains signature-has-expired warnings.
>
> In all five cases, these are for NSEC3PARAM records.
>
> Is any action needed on my part, for example manually doing NSEC3
> signing of these zones?
See if named has already re-signed them - check th
(*shamefaced*) Your message popped up as 'new' which is why I answered
before noticing it had been answered already. :(
-JP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
> carter bind # named-checkzone espersunited.com db.espersunited.com
> dns_master_load: db.espersunited.com:37: www.espersunited.com: CNAME and
> other data
> zone espersunited.com/IN: loading from master file db.espersunited.com
> failed: CNAME and other data
> zone espersunited.com/IN: not loaded
15 matches
Mail list logo
