(Hello, I am new to the list. And this may possibly be my only post here..)
I am looking for a way on Linux to do domain name based multihome routing.
Essentially every time a domain name lookup request occurs:
* Rather than immediately returning the results to the requesting program,
instead Na
To close the loop a bit on this...
On 05/22/18 03:22, Tony Finch wrote:
> Michael Sinatra wrote:
>>
>> My only concern is that serial numbers might get out of sync between the
>> two signers at some point.
>
> You can avoid this problem with `serial-update-method unixtime`.
>
> HOWEVER! I think
Somebody who has irresponsibly (and apparently wantonly, given his
refusal to fix it) delegated his domain(s) to your DNS server is
essentially causing a (modest bandwidth) distributed denial of service
attack on your server. I don't think that the "responsible" thing to do
is to sit there and suff
On Sun, Jun 24, 2018, at 15:48, Mukund Sivaraman wrote:
> On Sun, Jun 24, 2018 at 04:30:08PM -0400, Alex wrote:
> > Hi,
> > We had a former customer who parked about 300 domains with his
> > registry on our server but is no longer a customer and hasn't moved
> > his domains. There aren't any hosts
In article ,
Paul Kosinski wrote:
> How does *not* responding to a UDP query take longer for the *server*
> than responding to UDP a query? Both responding and (deliberately) not
> responding require identifying the query, but not responding bypasses
> the time the server would need to construct
In article ,
"Browne, Stuart" wrote:
> If you're filtering on an upstream device that can do that level of analysis
> without hurting your network, then maybe, but once again, you're
> double-processing every legitimate query; you're only moving the cost to a
> different device.
An upstream
Am 25.06.2018 um 05:39 schrieb Paul Kosinski:
> Is it possible to get BIND not to respond at all, thereby causing
> a timeout on the query? That would perhaps reduce load more than
> NXDOMAIN or deleting the sone(s) would.
On Mon, 25 Jun 2018 15:32:44 +0200
Reindl Harald wrote:
timeouts are e
How does *not* responding to a UDP query take longer for the *server*
than responding to UDP a query? Both responding and (deliberately) not
responding require identifying the query, but not responding bypasses
the time the server would need to construct the response, plus time
spent in the network
jo...@hasig.de wrote:
> Am 24.06.2018 um 23:41 schrieb Barry Margolin:
> > jo...@hasig.de wrote:
> > >
> > > why dont you just delete the zones?
> >
> > That won't stop the queries from coming to the server.
>
> yes, but it minimizes the use of resources because the only answer is
> nxdomain.
If
Dns Admin wrote:
> Re: Bind 9.9.13rc1
>
> I note that the "--enable-dnstap" options has been removed.
> Is dnstap now enabled by default?
BIND 9.9 never had dnstap support - it's in 9.11 and later.
Are you looking for 9.13.1 instead?
Tony.
--
f.anthony.n.finchhttp://dotat.at/
West Forti
10 matches
Mail list logo
