Re: V 9.18.1 not listen on port 853 after rndc reload

Dear All, many thanks pointing me into the right direction. // Hans — > On 21.03.2022, at 17:58, Ondřej Surý wrote: > > This is already being tracked as > https://gitlab.isc.org/isc-projects/bind9/-/issues/3122 > > Ondrej > -- > Ondřej Surý (He/Him) > ond...@isc.org > > My working

Re: Using nsupdate in scripts

On 3/14/2022 3:11 PM, Philip Prindeville wrote: I was hoping that there's a trivial way to parse the named.conf file and figure out what it listens on for updates using a Bind utility, but I guess not... The utility 'rndc status' will return the full path of the configuration file: rndc

Re: V 9.18.1 not listen on port 853 after rndc reload

This is already being tracked as https://gitlab.isc.org/isc-projects/bind9/-/issues/3122 Ondrej -- Ondřej Surý (He/Him) ond...@isc.org My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. > On 21. 3. 2022, at 17:12,

Re: V 9.18.1 not listen on port 853 after rndc reload

Hi Borja, Many thanks for this hint. I tried to allow with setcap 'CAP_NET_BIND_SERVICE=+eip' /usr/local/sbin/named but it didn’t help. On other hand there is no issue on port 53 and 953. Why should it be just on port 853 ? Kind regards Hans On 21.03.2022, at 15:26, Borja Marcos mailto:bo

Re: V 9.18.1 not listen on port 853 after rndc reload

> now BIND 9.18 is supporting DoT directly I tried to go away from a solution > with stunnel4 and therefore I compiled 9.18.1 and modified named.conf > So far everything is working fine. All the tests with dig , openssl and lsof > is showing it’s working. > The problem: when I run a „rndc reload

Re: V 9.18.1 not listen on port 853 after rndc reload

> On 21 Mar 2022, at 14:51, MAYER Hans wrote: > > > Looking at the log I see: > network: error: creating TLS socket: permission denied > > Why doesn’t named have the permissions after a „rndc reload“ but it has the > permissions after a start ? And why on one server but not on another ? >

V 9.18.1 not listen on port 853 after rndc reload

Dear All, now BIND 9.18 is supporting DoT directly I tried to go away from a solution with stunnel4 and therefore I compiled 9.18.1 and modified named.conf So far everything is working fine. All the tests with dig , openssl and lsof is showing it’s working. The problem: when I run a „rndc re

Survey on DNS resolver operations and DNSSEC

Hi everyone, The DNS Security Extensions (DNSSEC) add integrity and authenticity to the Domain Name System (DNS). Now, more than 17 years after their standardization, we would like to hear from DNS recursive resolver operators about their experience with DNSSEC. For this reason, we have set up a s