Thank you Ondrej! I changed my scripts to apply the hosts in this manner
moving forward. Everything appears to be working as before, with
significantly less memory usage, which is awesome! Still, I think the
memory usage for the way I had it setup before shouldn't drastically
increase in new ver
Also, 127.0.0.1 (localhost) needs to be returned for these hosts, not
a NXDOMAIN response. Would that impact it?
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at ht
No, I'm not asking you to prioritize anything. I'm just saying that
previously valid and memory performant setups are not performing well on
the newest versions of bind (using too much memory).
I created this setup based on guides I found online. So, if this is not
the proper way to do it, what
>> Apologies if I misunderstood your setup. I’ve also encountered memory
issues in recent BIND versions — BIND 9.18.33 on Debian 12 is a tremendous
beast, capable of handling millions of QPS — but after reducing logging
(including DNSTAP) and disabling serve-stale, I saw a significant
improvement
Can we quit pretending that the newest versions of bind aren't memory
hogs? We shouldn't have to provide the technical details as to why the
newest versions of bind use so much ram. We don't know. We're just end
users. However, with millions of zone entries (used as an ad blocking DNS
server) l
Ok, I fixed the problem.
I changed the zonefile templates for dynamic DNS used at dynamix.run to the
following:
$TTL60
@ IN SOA ns.{domainname}. ad...@dynamix.run (
{serial} ;
30 ; Refresh
20; Retr
I turned logging on, but I'm still not seeing anything that can help me
pinpoint why the query is failing?
Audit log:
18-Jul-2023 19:45:14.938 client @0x7f26e6def368 23.29.117.19#44526 (*.
wildcard-test.dynx.me): query: *.wildcard-test.dynx.me IN A -E(0)DCV
(23.29.117.19)
18-Jul-2023 19:45:22.142
The output from "named-checkconf -px" is over a million lines long, but
here you go:
http://23.29.117.19/bindconf.zip
My resolver servers are setup for ad-blocking, hence why there are so many
defined zones.
Here is a quick tcpdump sample where I do not see anything too helpful:
http://23.29.11
Spam assassin is blocking my message, so here are all the details (my
latest response message):
https://pastebin.com/raw/jSm6aGfC
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
I've got a bind recursion DNS server setup that is returning the wrong
value for an outside domain that I also maintain and host on another server
running a bind DNS server. Yet Google's DNS and other major DNS providers
respond with the correct IP address A record when querying. I can't figure
o
10 matches
Mail list logo
