Re: KSK signing all records; NSEC3 algorithm status?

In message <20140528012734.ga55...@redoubt.spodhuis.org>, Phil Pennock writes: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > The registrar for my zone "xn--qck5b9a5eml3bze.jp" required a DNSSEC > KSK update; good practice on their part. For most zones you never need to roll DNSSEC keys

KSK signing all records; NSEC3 algorithm status?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 The registrar for my zone "xn--qck5b9a5eml3bze.jp" required a DNSSEC KSK update; good practice on their part. My first rollover, though. I've ended up with all records being signed by the new KSK, apparently through an algorithm mismatch, and I'm no

Re: Book recomendations?

On Tue, May 27, 2014 at 7:31 PM, Baird, Josh wrote: > Cricket's "DNS & BIND" seems rather dated at this point with the last edition > over 8 years old. Basics are still the same though -- there are some new things like RPZ, RRL, some new RR types, etc -- but a good solid grasp of the fundamental

RE: Book recomendations?

Cricket's "DNS & BIND" seems rather dated at this point with the last edition over 8 years old. Josh -Original Message- From: Warren Kumari [mailto:war...@kumari.net] Sent: Tuesday, May 27, 2014 7:24 PM To: Baird, Josh Cc: bind-users@lists.isc.org Subject: Re: Book recomendations? On T

Re: Book recomendations?

On Tue, May 27, 2014 at 6:51 PM, Baird, Josh wrote: > Hi, > > Can someone recommend a modern/new-ish book on DNS (specifically BIND)? I > know there have been several O'Reily books throughout the years, but haven't > kept up on anything in the past few years. I'm looking for architecture > de

Re: Book recomendations?

Sort of comes with a book https://kb.isc.org/article/AA-00845/0/BIND-9.9-Administrator-Reference-Manual-ARM.html which is quite good. For newbs in the field I say two or more of everything and at least one hidden master. Use views internally and IPv6 better be on your roadmap. On Tue, May 27,

Book recomendations?

Hi, Can someone recommend a modern/new-ish book on DNS (specifically BIND)? I know there have been several O'Reily books throughout the years, but haven't kept up on anything in the past few years. I'm looking for architecture design, best practices in designing enterprise and service provide

Re: Bad performance from BIND 9.10 on RHEL 6.5

Amir, No, I haven't found any tunings work on BIND 9.10. I filed a bug (ISC-Bugs #35961) against ISC for them to investigate. By the way, are you running RHEL as well? Until the performance issue with 9.10 gets fixed, we will stick with 9.9.x. On Tuesday, May 27, 2014 9:10 AM, "a...@localhost.m

Re: Bad performance from BIND 9.10 on RHEL 6.5

Shawn, Same with us here. We tested using bind 9.9.5 the recursive queries can reach 10,000 qps and when using 9.10-P1/9.10 .. we only can burst at 3,000 QPS.. Have you find any solution to share with us? Thanks amir On Saturday, May 3, 2014 4:42:30 AM UTC+8, Shawn Zhou wrote: > I was hopin