r
the same ns1/ns2, instead of advising each user to add ns3..nsX to their
parent zones.
Thanks,
Alexander Gurvitz,
net-me.net
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-
Linh,
>From my personal experience - BIND have lots of such bugs.
Upgrade to the latest version (minor one - 9.8.4-P1, not 9.9.2) and see if
the error reappears.
If yes, report it to bind9-b...@isc.org (if the bug is not reproducible
anyway even on 9.8.3-P1, I'd report it too).
Alexander
> I don't think it's wise to respawn named without knowing why it crashed.
> This could lead to repeated crashed and system overload.
1. I have a system whose only reason to exist is running bind, once bind
stops I don't mind the whole system overload, crash or go to hell.
2. When I've seen that m
On Thu, Nov 29, 2012 at 7:25 PM, Matus UHLAR - fantomas
wrote:
> famous assertion failures? What system do you run the BIND on? Shouldn't
> you
> better upgrade to version that has no famous assertion failures?
Well, of course it's extremely exaggerated, sorry if I offended someone.
But crashes
Carsten,
The script in my original question (it's in the P.S. at the bottom of my
first mail) seem to work for me. It does not cover all the extra logic of
the ubuntu default init.d/bind9, but I personally don't need that (ubuntu
script may update resolv.conf, and also checks if there's a network
daemon forks - if it forks once,
"expect fork" should be specified, and if a daemon forks twice,
it should be "expect daemon". Then upstart will wait for that forkings and
will monitor the final PID).
Thanks in advance,
Alexander Gurvitz,
net-me.net
P.S My /etc/init/bind.co
e metadata and should remove the key
and all the signatures at that time.
You don't need nsupdate nor update-policy for that.
Regards,
Alexander Gurvitz,
net-me.net
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>
> 3282. [bug] Restrict the TTL of NS RRset to no more than that
>
>of the old NS RRset when replacing it.
>[RT #27792] [RT #27884]
>
Just to clarify - does this rule applies also while replacing parent NS
records
with (more credible) ch
Mark,
> 3282. [bug] Restrict the TTL of NS RRset to no more than that
>of the old NS RRset when replacing it.
>[RT #27792] [RT #27884]
"TTL of the old NS RRset" here means the current "remaining" TTL,
or the original TTL value as recei
>
>
> That paragraph from 4.1.4 is just plain wrong and following it will
> lead to cached data that can't be validated once retrieved.
>
> Lets say that all data in the zone has a TTL of 3600.
>
> At T - 3500 you have retrieved the DNSKEY while validating a MX RRset.
> At T - 100 you lookup a A re
com have TTL of 3600.
Thus each hour ns.isp.com queries ns.OLDprovider.net,
with each query gets new NS record, and... refreshes the NS TTL ?
Will ns.isp.com EVER query ns.NEWprovider.net ?
I'd be happy to know how BIND behaves, but also
how other servers may behave in this case.
Regards,
Al
with BIND, am I getting it right ?
Thanks in advance,
Alexander Gurvitz,
net-me.net
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailma
ND reports
there.
Alexander Gurvitz,
net-me.net
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Hi.
TTL returned by YOUR zone authoritative server will (at least should) be
preferred by caches.
Matt Larson from verisign explained on these:
http://www.merit.edu/mail.archives/nanog/2004-07/msg00255.html
Regards,
Alexander Gurvitz,
net-me.net
You should NOT get A records. Wildcard works only for hostnames
that have NO records of ANY type.
>From wikipedia:
To quote RFC 1912, "A common mistake is thinking that a wildcard
MX for a zone will apply to all hosts in the zone. A wildcard MX will
apply only to names in the zone which aren't l
On Fri, May 11, 2012 at 12:57 AM, Mark Andrews wrote:
>
>
> > What random device used for ?
> > ... I don't get why signing a zone requires any randomness.
>
> It doesn't for RSA. However DSA does require randomness.
>
> > Does BIND really needs that entropy, and how much ?
>
> Yes, if you are u
Hello,
Multiple zones with a single key - is possible with BIND ?
Regards,
Alexander Gurvitz,
net-me.net
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
On Thu, May 10, 2012 at 11:04 PM, Axel Rau wrote:
>
>> Did you delete it manually (at 2012-05-07T14:55:02.569706) ?
> Yes; i.e. my script.
>> If so, maybe it's still in the zone because BIND doesn't know the timing
>> metadata anymore ?
> I thought that would be in the journal or internal reposito
s
are low at entropy, and BIND default random-device is /dev/random,
and it (the device) blocks when there's no entropy available.
Does BIND really needs that entropy, and how much ?
Regards,
Alexander Gurvitz,
net-me.net
___
Please visit http
19 matches
Mail list logo
