All time spent in other than the above two activities is wasted time, according
to the Collective.
(To badly parody the Borg Collective from "Star Trek".) :-)
Andrew
(another futile rebel against the Collective)
From: bind-users on behalf of Peter &
Link for the Debian packaged version you mentioned is at
https://bind9.readthedocs.io/en/v9.18.24/reference.html#namedconf-statement-dnssec-policy
On Thu, Jun 6, 2024 at 9:31 AM Andrew Latham wrote:
> I took a quick look
>
> *
> https://github.com/isc-projects/bind9/blob/main/doc
org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
>
ling list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
--
- Andrew "lathama" Latham -
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscrip
ts.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc
sers to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/m
to maintain external IPs in bind internal.
>
> TIA,
>
> Nick
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/co
erent subdomains or zones.
Andrew Pavlin
Powered by Cricket Wireless
Get Outlook for Android<https://aka.ms/AAb9ysg>
From: bind-users on behalf of Nick Howitt
via bind-users
Sent: Friday, November 3, 2023 1:58:51 PM
To: bind-users@lists.isc.org
Subje
gt; bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
--
- Andrew "lathama" Latham -
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software wi
ially exacerbated by network links on the path with
asymmetrical baud rates}.
Just my $.02 (or whatever your local currency is).
Andrew Pavlin
ka2ddo.org
From: bind-users on behalf of Matus UHLAR -
fantomas
Sent: Tuesday, June 27, 2023 12:54:09 PM
On 27.06.23
y if you create gitlab issues, but do know we’ve seen this and we’re
> working on it.
>
> Best,
>
> -Dan
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
>
N: See apt-secure(8) manpage for repository creation and user configuration
details.
If I have to compile from source, so be it, but it would be far more convenient
to get a binary build from the authority.
Andrew Pavlin
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
t; --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
ead.
>
>
>
> --
> Grant. . . .
> unix || die
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/cont
.org/contact/ for more
> information.
> >
> >
> > bind-users mailing list
> > bind-users@lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
&g
1.1.1.1) in 12 ms
>
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
cording to the server
logs) does not appear to have increased since the DNSSEC deployment.
This is for the ka2ddo.org and ka2ddo.radio domains.
So, is DNSSEC really that much more costly in terms of queries?
Andrew Pavlin
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
| PO Box: 15224,
Doha – Qatar
E-mail: a.ba...@salaminternational.com| Website:
www.salaminternational.com<http://www.salaminternational.com/>
From: Felipe Agnelli Barbosa
Sent: Tuesday, February 22, 2022 8:46 PM
To: Andrew Baker
Cc: bind-users@lists.isc.org
Subject: Re: Recent upgrade
Cou
I've just upgraded the first of my redundant slave DNS servers from Debian
10.11 (bind 9.11) to Debian 11.2 (bind 9.16). Upgrade seemed to go smoothly but
I'm now seeing the below in the bind logs
22-Feb-2022 14:54:59.745 lame-servers: info: timed out resolving
'ns4.he.net//IN': 1.1.1.1#53
I'm already using Hurricane for my external slave servers to I will have a dig
through their site thanks
Andy Baker
IT Technical Lead | SIIL Corporate IT
Tel: +974-44838733, Direct: +974-44485711| Fax: +974-44838732
Salam International Investments Ltd.
Maysaloun Street - West Bay | Salam Plaza
Firstly, thanks for the advice about the hidden master the other day, that's
now setup, working fine and we've just finished transferring about 4500 records
across!
My software team came up this morning and slapped me across the face with a wet
fish (figuratively speaking as It's not Thursday ye
Thanks for the quick response and confirmation Ondřej
You have helped take my paranoia levels down at least one notch!
Andy Baker
From: Ondřej Surý
Sent: Tuesday, February 15, 2022 10:12 AM
To: Andrew Baker
Cc: bind-users@lists.isc.org
Subject: Re: Setup a hidden master
Hi,
do both, or at
Dear List,
We are based in the middle east and manage a lot of domains across a lot of
tld's including regional ones. Not all registrars are equal and the DNS
services of several weren't offering what we required. For a number of
operational and political reasons, it was decided to setup a distr
Reindl Harald writes:
>Am 16.12.21 um 14:56 schrieb Andrew P.:
>> Reindl Harald writes:
>> Am 16.12.21 um 14:22 schrieb Andrew P.:
>>>> You don't understand what kind of blacklist I want; I want to blacklist
>>>> the domain name
>>>> being
Reindl Harald writes:
Am 16.12.21 um 14:22 schrieb Andrew P.:
>> You don't understand what kind of blacklist I want; I want to blacklist the
>> domain name
>> being asked for, so I don't answer for it. I'm not looking to blacklist
>> forged IP addres
_
From: bind-users on behalf of Reindl Harald
Sent: Thursday, December 16, 2021 8:14 AM
To: bind-users@lists.isc.org
Subject: Re: Millions of './ANY/IN' queries denied
Am 16.12.21 um 14:04 schrieb Andrew P.:
> So you're claiming that legitimate resolvers would st
So why isn't there a way to tell BIND not to respond to queries for which it
clearly is not authoritative (such as these attack vectors)? Since no
legitimate resolver would be asking a non-authoritative server for information,
why should his (or my) public BIND server respond to these even with
Isn't this sort of dynamic functionality (real-time presence or absence of SRV
records) what mDNS and the avahi daemon are for?
From: bind-users on behalf of Matus UHLAR -
fantomas
Sent: Wednesday, January 6, 2021 8:51 AM
To: bind-users@lists.isc.org
Su
with smaller packets the victim of a
DNS amplication attack)?
I can't figure it out from reading the source code; I haven't so far been able
to trace back from where the messages are logged to where (if any) a response
packet would be transmitted.
Andrew
_
nd I am using does not permit putting the
"dnssec-enable" and "dnssec-validation" options inside a zone definition.
I look forward to your advice in this matter.
Andrew Pavlin, KA2DDO
member, Amateur Radio Emergency Service
___
Please vis
;--without-python" option ?
>
>
>
>
> --
> Dennis Clarke
> RISC-V/SPARC/PPC/ARM/CISC
> UNIX and Linux spoken
> GreyBeard and suspenders optional
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
- Andrew "lathama" Latham -
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Further to the original post, as well as not creating a DNS record and
"possibly" adding robot.txt with appropriate content, as discussed, I
presume that if I run the http server on a personally selected unprivileged
port then it is very "unlikely" the site pages will be
indexed/discovered/etc sure
Ok I'm a bit confused. I have some questions re last post, copied below:
I have done this some time ago, I made sure that there was no link from any
pages to the new site,
** So the new site (in development) would have no domain name mapped in
DNS, so it seems unlikely that other sites and pages
he fact that the NTP configuration is not
> related to domain, but to the local network.
>
>
> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chc
lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
--
- Andrew "lathama" Latham -
___
Please vi
SRV records can be useful when
devices support them. It does not hurt to add the SRV records for common
services.
On Wed, Sep 19, 2018 at 9:59 AM Mauricio Tavares
wrote:
> On Wed, Sep 19, 2018 at 10:12 AM, Andrew Latham wrote:
> > You can add SRV records for NTP to your domain if that is
g LDAP?
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
--
- Andrew "lathama" Latham -
Matus
You are correct, I am coffee deprived. That direction was for an internal
testing only/development goal.
On Thu, Apr 12, 2018 at 12:18 PM, Matus UHLAR - fantomas
wrote:
>
> On 12.04.18 12:14, Andrew Latham wrote:
>>
>> As long as your zone file is correct you can use
Andrew
As long as your zone file is correct you can use *. (Note: Asterisk and
Dot) to match all entries. I would put this below any other required
entries.
Example:
"""
$ORIGIN mydomain.com.
*. IN A 192.168.12.12
"""
On Thu, Apr 12, 2018 at 10:49 AM, Hardy
Perfect!
Thank you so much.
Yes I know http is not really relevant, but I was just kind of providing
some kind of (unnecessary) context.
Thank you again. Will try the install soon. 😊
On Thu, Apr 12, 2018, 17:21 Matus UHLAR - fantomas
wrote:
> On 12.04.18 16:11, Andrew Hardy wrote:
>
I am so so sorry,
This is my final attempt to send this from the correct (subscribed) email
address. I am having problems with my email client selecting the correct
"from" address. So sorry.
...
Here's the question:
Does bind support wildcard prefix
I want to install bind DNS server on my LA
Does bind support wildcard prefix
I want to install bind DNS server on my LAN to locally test a web
application that is designed to support receiving requests on different url
domain prefixes.
Map *.mydomain.com to
For example 192.168.12.12
Use
abc.mydomain.com
def.mydomain.com
www.mydomain.com
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> >
> > bind-users mailing list
> > bind-users@lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> >
>
>
>
>
Looks all is correctly delivered ( all three versions of tar.gz ) from
my side ( UA )
12.01.2017 14:44, G.W. Haywood пишет:
Hi there,
On Thu, 12 Jan 2017, Michael McNally wrote:
ISC has issued new security releases of BIND today [..snip..]
These are available via the http://www.isc.org/downl
is to work by commenting out the use of named-checkconf as a
prerequisite in the service file. That just doesn't seem like a good
idea.
Thanks...
Andrew Gideon
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users t
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
~ Andrew "lathama" Latham lath...@lathama.com http://lathama.net ~
___
Please visit https://lists.isc.org/mailman/listinfo/b
ecords.
>
> Please advise!!
>
>
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listin
R<<- opcode: QUERY, status: NOERROR, id: 21326
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;subzone.test.net. IN DS
&g
Thanks for sharing Lawrence. One thing I wanted to ask the list is whether
it would make more sense to have
a KSK rollover a month before the domain expires? What would be cons and
pros?
Thanks,
- Andrew.
Andrew Petrov
IT Security Engineering
NYC DoITT
-Original Message-
From: bind
t;
> -- Matthew Horsfall (alh)
A quick search shows that the source is easily read. For example
http://stuff.mit.edu/afs/sipb/machine/charon3/src/bind-9.6-ESV-R5-P1/bin/rndc/rndc.c
uses isc_socket and checks the underlying protocols during connection.
ie... v6 or v4, UDP or TCP...
--
~ A
Yay! I fixed it! It was a problem with my router. I went to the Netgear
website, downloaded the latest firmware and BING! It's working now:
andy:~$ dig nhs.uk
; <<>> DiG 9.8.0-P2 <<>> nhs.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39092
;; flag
On Fri, 17 Jun 2011 09:22:02 -0500 (CDT)
David Forrest wrote:
> Resolves from here:
>
> [drf@maplepark ~]$ dig nhs.uk
>
> ; <<>> DiG 9.8.0-P2 <<>> nhs.uk
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65421
> ;; flags: qr rd ra; QUERY: 1, ANSWE
On Fri, 17 Jun 2011 11:26:22 -0500
Lyle Giese wrote:
> > andy:~$ dig nhs.uk
> >
> > ;<<>> DiG 9.8.0-P2<<>> nhs.uk
> > ;; global options: +cmd
> > ;; connection timed out; no servers could be reached
> > andy:~$
> >
> > It then leaves this in /var/sys.log:
> >
> > Jun 17 11:49:42 eccles named[46
On Fri, 17 Jun 2011 13:01:00 +0100
Phil Mayers wrote:
> On 17/06/11 12:10, Andrew Benton wrote:
> >
> > And it works well for every domain on the internet. Except for
> > www.nhs.uk - I can't resolve nhs.uk
>
> www.nhs.uk is, currently, a CNAME to
> www.prod.
Hello World!
I have installed bind-9.8.0-P2. I configured it with:
./configure --prefix=/usr --disable-static --enable-shared --enable-threads \
--with-libtool --with-libxml2=yes --sysconfdir=/etc --localstatedir=/var
I have created a user named and a group named, gave named somewhere to play:
c dumpdb doesn't actually dump the cache to stdout. Has it
actually written to named_dump.db in named's working directory?
Regards,
Andrew
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
m: Chris Buxton
> Subject: Re: search directive in resolv.conf - only 2 domains searched
> To: "Andrew Swartzbaugh"
> Cc: bind-users@lists.isc.org
> Date: Thursday, January 14, 2010, 4:04 AM
> On Jan 14, 2010, at 5:47 AM, Andrew
> Swartzbaugh wrote:
>
> > My
My resolver only does lookups for the first two domains specified by the search
directive in the /etc/resolv.conf file. For example, if I do a lookup of
server1.eur.domain2.mil and domain2.mil is the second domain specified by the
search directive, the query works. However, if domain2.mil is t
Hi All: I just brought a new 9.6.0 slave server online on freebsd 7. In
my configuration file, I added all the zones with a configuration like:
zone "myzone" IN { type slave; masters {xxx.xxx.xxx.xxx}; };
note that I left out the "file" statement.
When I reload BIND I see the zones being loade
Hi All: I just brought a new 9.6.0 slave server online on freebsd 7. In my
configuration file, I added all the zones with a configuration like:
zone "myzone" IN { type slave; masters {xxx.xxx.xxx.xxx}; };
note that I left out the "file" statement.
When I reload BIND I see the zones being loade
> What are the backend database options available? Is bind-sdb active
> developed and is it production ready?
You can use mysql with dlz. I have yet to get it successfully
working, but that's another issue.
One of the reasons I wanted to use a database was for the speed
increase. I would probab
61 matches
Mail list logo
