That is unrelated message and docker is being used for different purpose.
On Thu, Apr 19, 2018 at 2:45 AM, Warren Kumari wrote:
> On Wed, Apr 18, 2018 at 4:45 PM, Reindl Harald
> wrote:
> > what baout posting the content of
> > "/usr/lib/systemd/system/named.service" (at best in the initial mai
On Wed, Apr 18, 2018 at 4:45 PM, Reindl Harald wrote:
> what baout posting the content of
> "/usr/lib/systemd/system/named.service" (at best in the initial mail)
Yup -- also, this complains about docker (libcontainerd: failed to
receive event from containerd) -- are you running it under docker,
Sorry, but the "that's what they're there for" argument is often misapplied to
justify reckless, irresponsible or just plain unauthorized use of resources,
and I think this is an example of that.
The AS112 project (https://www.as112.net/), who collectively run those
"blackhole" servers, set the
They were created as sacrificial servers to protect the arpa servers. If you
use RFC 1918 addresses you are supposed to run your own servers. Read RFC 1918
about not leaking stuff.
--
Mark Andrews
> On 19 Apr 2018, at 01:30, Roberto Carna wrote:
>
> Dear people, I know the best way is to ma
On 04/18/2018 12:56 PM, Blason R wrote:
Will the performance be same, considering the number of zones I have or
will have??
Multiple zones (read: classic non-RPZ method) will require more
resources than a single zone (read: RPZ method).
I typically view needing fewer resources as being faste
Will the performance be same, considering the number of zones I have or
will have??
On Thu, Apr 19, 2018 at 12:16 AM, Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 04/18/2018 11:52 AM, Blason R wrote:
>
>> Pertaining to my other thread since I am building sinkhole server whi
On 04/18/2018 11:52 AM, Blason R wrote:
Pertaining to my other thread since I am building sinkhole server which
will eventually have around 0.5 million zones or may be 1 Million which
one would you think will perform better?
RPZ or include statements? I have 8 Core Processor and 32 GB of RAM
Hi,
Pertaining to my other thread since I am building sinkhole server which
will eventually have around 0.5 million zones or may be 1 Million which one
would you think will perform better?
RPZ or include statements? I have 8 Core Processor and 32 GB of RAM
Please advise!!
___
it almost takes minute or so
and here are the logs
[r...@dnsfw.isn.in /cf/cleandns/spool]# systemctl status -l -n 20
named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor
preset: disabled)
Active: failed (R
Dear people, I know the best way is to make in-addr.arpa local zones in my BIND.
But also I think the BLACKHOLE SERVERS can be used, because they were
created for this reason.: respond to RFC 1918 networks queries.
So why the BLACKHOLE servers don't respond anymore ? Just one time I
could get a r
On Wed, Apr 18, 2018 at 04:09:55PM +0100, Admin Hardy wrote:
> So sorry about the rndc-key's secret. I think my BIND server is
> internal only (no forwarding for 53 in my internet facing router)
Your controls are only on 127.0.0.1:953, so port 53 is not involved,
and 127.0.0.1 cannot be routed
Thank you everyone so much.
So sorry, I was somehow (stupidly) misreading the log.
I have now disabled the other service that I didn't twig was also
binding to port 53 and have added a rule for named.exe to the firewall
So sorry about the rndc-key's secret. I think my BIND server is
intern
Sorry, after query succesfully the DNS Blackholes, I repeat the
command and the same servers couldn't be reached anymore:
DNS:~# host -t NS 10.IN-ADDR.ARPA 192.175.48.6
;; connection timed out; no servers could be reached
DNS:~# host -t NS 10.IN-ADDR.ARPA 192.175.48.42
;; connection timed out; no
On Wed, Apr 18, 2018 at 11:44:27AM -0300, Roberto Carna wrote:
> Dear, I have impelmented a BIND9 server. It works OK, but some days
> ago an application failed because it needed to resolve the reverse of
> some IP addresses from range 10.x.x.x, and they waited for a long time
> and failed, because
On 18.04.18 11:44, Roberto Carna wrote:
Dear, I have impelmented a BIND9 server. It works OK, but some days
ago an application failed because it needed to resolve the reverse of
some IP addresses from range 10.x.x.x, and they waited for a long time
and failed, because they need a NXDOMAIN fast re
From: "/dev/rob0"
> Your OS denies named the permission to create the UDP socket on which
> to listen for queries.
>
> That means, of course, that you're not able to receive queries. It's
> Windows doing this, so you need Windows help. I'm unable to provide
> that. Good luck.
One thing th
Dear, I have impelmented a BIND9 server. It works OK, but some days
ago an application failed because it needed to resolve the reverse of
some IP addresses from range 10.x.x.x, and they waited for a long time
and failed, because they need a NXDOMAIN fast response.
I don't want to make a local zone
On Wed, Apr 18, 2018 at 5:13 AM, Daniel Stirnimann
wrote:
> On 18.04.18 10:57, Blason R wrote:
>> Well it just loads fine when I run from command line i.e. named -u named
>> -n 4 -c /etc/named.conf
>
... and how long does it take to start up when doing so (in case it is
simply taking too long and
On Wed, Apr 18, 2018 at 02:51:32PM +0100, Admin Hardy wrote:
> I am requesting resolution for "rota.rotatesting.com" (see below)
>
> the full http request happens to be
> "http://rota.rotatesting.com:8081/mywebapp/";
>
> The client software (browser) cannot resolve the name
> I downloaded dedicat
On 18-Apr-18 09:51, Admin Hardy wrote:
>
> I would be so grateful of your help in this issue.
>
> I am running BIND 9 on Windows 7
> Service "ISC BIND" shows as started up
>
Warren's right. And change your rndc-key's secret ASAP.
Timothe Litt
ACM Distinguished Engineer
--
I'm *really* not a Windows person, but all of the "could not listen on
UDP socket: permission denied" log messages strongly imply that BIND
is not able to bind() to the socket -- can you try start this with
something like Administrator privileges?
W
On Wed, Apr 18, 2018 at 9:51 AM, Admin Hardy w
I would be so grateful of your help in this issue.
I am running BIND 9 on Windows 7
Service "ISC BIND" shows as started up
As a temporary measure I have disabled firewall on host and client to
rule out any issue there.
I have set the DNS IP Address on the client ipv4 to just the address of
On 18.04.18 10:57, Blason R wrote:
> Well it just loads fine when I run from command line i.e. named -u named
> -n 4 -c /etc/named.conf
Just a guess. If you use and have SELinux in enforcing mode (see
getenforce), this could be a reason. Your user process runs unconfined
that's why it works from t
Hi is a common problem! when you start as user or root
service take shell permission not service permission
check if exist group and user named if directory and file access mask is right
and if owner is right
as last check bind log not systemd for any error
now I don't remember but should eve
Well it just loads fine when I run from command line i.e. named -u named -n
4 -c /etc/named.conf
On Wed, Apr 18, 2018 at 2:25 PM, Reindl Harald
wrote:
> named.service start operation timed out
> 362086 zones
>
> well, it may take too long to load them
>
> TimeoutStartSec defaults to DefaultTimeo
Hi Team,
Not sure what is gone wrong but my DNS is not starting up. and I am getting
below error. I have around 362086 zones with 4 core CPU and 8 GB RAM.
This is a sinkhole DNS server
Apr 18 13:09:02 dnsfw named[1644]: command channel listening on
127.0.0.1#953
Apr 18 13:09:02 dnsfw named[1644
26 matches
Mail list logo