> On 13 Apr 2023, at 19:23, David Carvalho via bind-users
> wrote:
>
> Hello and thank you for the reply.
> My domain is "di.ubi.pt". The parent domain "ubi.pt" recently configured
> DNSSEC (BIND 9.11) so it was time again for me to try to set it up for my
> domain.
>
> A few months ago I upd
Another thing I forgot to mention, is the need to express these parameters in
the options clause in named.conf:
options {
// RPZ zone
// Source: https://deteque.com/m3aawg-bind-training/named.conf
response-policy {
zone "rpz.local";
};
};
My apolog
Create a catalog zone and use that to distribute the zone configuration to all
your recursive
servers.
As for using a zone that is not delegated to you. Microsoft own
appserviceenvironment.net
and are telling you to use it this way. This is no different to the IETF
saying you can have
your ow
On Friday, 14 April 2023 00:28:24 CEST John Thurston wrote:
> Due to a requirement to use something Microsoft crafted, we are being
> asked to assert (internally) authority over 3rd-level names under
> appserviceenvironment.net
>
> I've pushed back on this, because I don't think it's nice to publi
Due to a requirement to use something Microsoft crafted, we are being
asked to assert (internally) authority over 3rd-level names under
appserviceenvironment.net
I've pushed back on this, because I don't think it's nice to publish
"authoritative" answers in domains we have not been delegated.
Hello and thank you for the reply.
Problem 1 - I'll have to investigate further.
As for problem 2 ... it's weird.
I was working on another thing and now I was checking permissions by your
suggestion, when I noticed the files have new timestamp from a while ago.
I compared the contents of the updat
On Thu, Apr 13, 2023 at 11:38:15AM +0100, David Carvalho wrote:
> Problem number 1: Dnssec seems to be running on "di.ubi.pt", but
> dnssec-validation still needs to be set to no; Will this cause troubles?
> Dns2 is set to auto and runs fine.
>From here, di.ubt.pt appears to be properly signed and
Hello and thank you for the reply.
I can confirm my current dns servers have already EPEL repo enabled and
jemalloc package is available.
I'll setup my test machine accordingly to be able to install BIND 9.18. Will it
also provide named-chroot (is it really necessary?)
Thanks!
David
-Origin
On 13/04/2023 17:17, David Carvalho via bind-users wrote:
Hi David,
Hello and thanks for the reply.
I enabled this repo in Oracle Linux 8 with: dnf copr enable isc/bind
Then I tried to install (dnf install isc-bind) but I got:
Error:
Problem: package isc-bind-1:2-3.el8.x86_64 requires isc-b
Hello and thanks for the reply.
I enabled this repo in Oracle Linux 8 with: dnf copr enable isc/bind
Then I tried to install (dnf install isc-bind) but I got:
Error:
Problem: package isc-bind-1:2-3.el8.x86_64 requires isc-bind-bind, but none of
the providers can be installed
- package isc-bin
> On 13. 4. 2023, at 15:25, David Carvalho via bind-users
> wrote:
>
> I'm using 9.16.23
Just don't.
ISC provides packages for major linux distributions
(https://www.isc.org/download/),
so there's really no reason to shoot yourself into foot to use a random BIND 9
snapshot provided by your di
Hello.
Both content and timestamps. I've been told previously here that there is a bug
prior to version 9.16.30. I'm using 9.16.23, no update available yet.
No, not removing 😉
Regards
David
-Original Message-
From: bind-users On Behalf Of Jan-Piet Mens
Sent: 13 April 2023 11:12
To: bind
Hello again.
Problem number 1: Dnssec seems to be running on "di.ubi.pt", but
dnssec-validation still needs to be set to no; Will this cause troubles?
Dns2 is set to auto and runs fine.
Problem number 2: How can I avoid the key regeneration (using version
9.16.23) every named restart?
Kind regar
1. Everytime I restart the service, it seems all these files are recreated.
How did you observe this? Just by file timestamps or actual content? And just
to be sure to ask the obvious: you are not manually removing these files are
you? :)
-JP
--
Visit https://lists.isc.org/mailman/listi
Hello and thank you for the reply.
My domain is "di.ubi.pt". The parent domain "ubi.pt" recently configured
DNSSEC (BIND 9.11) so it was time again for me to try to set it up for my
domain.
A few months ago I updated both dns servers to Oracle Linux 8, running BIND
9.16.23 to prepare for this.
The
On Fri, 2023-04-07 at 17:27 +0100, Jason Vas Dias wrote:
>
> *.google-analytics.com A 0.0.0.0
> *.clarity.ms A 0.0.0.0
> *.adtelligent.com A 0.0.0.0
>
> (there are over 15,000 entries in it).
>
> This serves to speed up my internet accesses about 10 times,
> normally, and acts great as an
16 matches
Mail list logo
