Re: Multi-master (HA)

2014-05-07 Thread fddi
I run bind multi master on 5 different site. my solution is bind-dlz with galeraDB backed. we are very satisfied by this configuration and works flawlessy until now. Rick On 5/7/14 8:11 PM, John Wingenbach wrote: I run a multi-master environment. We have 3 data centers which are considered to

problem with named-sdb DLZ with mysql

2013-05-20 Thread fddi
hello I am running named with sdb support on CentOS 6.4 here are the componetns I Am using bind-9.8.2-0.17.rc1.el6_4.4.x86_64 bind-utils-9.8.2-0.17.rc1.el6_4.4.x86_64 bind-libs-9.8.2-0.17.rc1.el6_4.4.x86_64 bind-sdb-9.8.2-0.17.rc1.el6_4.4.x86_64 bind-chroot-9.8.2-0.17.rc1.el6_4.4.x86_64 mysql-5

how t orestrict nsupdate to a single A or PTR record ?

2012-12-05 Thread fddi
Hello, I have a domain called mydomain.org I would need a way to allow access with nsupdate not to the entire domain mydomain.org but only to specific hosts and specific IP Address do be modified using nsupdate. here is my config zone "mydomain.org" IN { type master; allow-q

Re: ho to filter hundeds of domains ?

2012-08-30 Thread fddi
On 8/30/12 3:19 PM, Stephane Bortzmeyer wrote: On Thu, Aug 30, 2012 at 03:16:32PM +0200, fddi wrote a message of 15 lines which said: Actually many telephone companies in the world are doing this, They're wrong politically (censorship) and they're wrong technically (see O'

Re: ho to filter hundeds of domains ?

2012-08-30 Thread fddi
On 8/30/12 3:14 PM, Stephane Bortzmeyer wrote: On Thu, Aug 30, 2012 at 01:34:07PM +0100, Niall O'Reilly wrote a message of 32 lines which said: Don't waste your time. This approach is superficial. http://www.bortzmeyer.org/images/please-close-gate.jpg :-) Often it is not

Re: ho to filter hundeds of domains ?

2012-08-30 Thread fddi
On 8/30/12 2:32 PM, Stephane Bortzmeyer wrote: On Thu, Aug 30, 2012 at 02:14:38PM +0200, fddi wrote a message of 23 lines which said: I need to implement a bind filter for many hundreds of domains which are considered outlaw and illegal See <http://pwd.io/guide/>. Very good ebook.

ho to filter hundeds of domains ?

2012-08-30 Thread fddi
Hello, I need to implement a bind filter for many hundreds of domains which are considered outlaw and illegal by italian government about gamble games. If I create a named zone for each illegal domain and configure my nameserver as authoritative for those zones, I can catch the DNS resolutions

secondary nameserver for subdomains and notify messages to itself

2011-07-08 Thread fddi
Hello, I have primary DNS server for TLD domain mydomain.org which is also a secondary DNS server for many other subdomains like domainX.mydomain.org this name server IP Address is 131.x.y.z domain is mydomain.org ang his hostname is server2.mydomain.org he si serving as secondary the do

strange dig response querying my subdomain zone

2011-04-13 Thread fddi
Hello. if I query my domain zone with dig I have correct values as response. dig mydomain.com SOA now if I query one of my subdomains dig subodmain.mydomain.com SOA in the response I have a ANSWER SECTION and AUTHORITY SECTION. but I do not have an ADDICTIONAL SECTION and I did not expect i

NS record, nameserver down.

2011-04-12 Thread fddi
Hello, I have a domain.com with w nameservers defined, for example ;; ANSWER SECTION: domain.com.86400INNSns1.domain.com. domain.com.86400INNSns2.domain.com. ;; ANSWER SECTION: ns1.domain.com.86400INA172.16.16.1 ns2.domain.com.86400

bind and DLZ support

2011-04-08 Thread fddi
Hello, I was trying to add DLZ support to bind on CentOS 5.5 so it's bind-9.3.6-4.P1.el5_5 I found out that the CentOS rpm does not have DLZ support built in and trying to patch bind manually the patch looks like to be for 9.2.2 version so it does not work on 9.3.6 anyone has a solution on h

Re: R: Operating system recommendation

2011-03-11 Thread fddi
bind performances are excellent also on FreeBSD and OpenBSD. Myself if I were a big ISP I would use OpenBSD, mainly for a security point of view. Riccardo On 3/11/11 9:23 AM, Chiesa Stefano wrote: -Messaggio originale- Da: bind-users-bounces+stefano.chiesa=wki...@lists.isc.org [m

Re: multi-master with mysql backend

2011-02-14 Thread fddi
I will consider very much your hints. Thank you for your point of view and I would like to try What you suggested. Riccardo On 14/feb/2011, at 00:24, Doug Barton wrote: > On 2/13/2011 8:06 AM, fddi wrote: >> I do not know why you really don't liket this mysql solution. > &g

Re: multi-master with mysql backend

2011-02-14 Thread fddi
On 2/14/11 4:11 AM, Fajar A. Nugraha wrote: On Mon, Feb 14, 2011 at 6:24 AM, Doug Barton wrote: On 2/13/2011 8:06 AM, fddi wrote: I do not know why you really don't liket this mysql solution. It isn't a matter of "not liking" it. Given that you have steadfastly refused

Re: multi-master with mysql backend

2011-02-13 Thread fddi
n the two servers and the mysql solution looks safer to me. You do not have to rsync anything, just have mysql properly configured. Riccardo On 2/12/11 11:33 PM, Doug Barton wrote: On 02/11/2011 01:51 PM, fddi wrote: I understand you, but the advantage of having mysql backend is that if one o

Re: multi-master with mysql backend

2011-02-11 Thread fddi
mechanism. if I use file backend I have to manually sync it, and how to keep tracks of modifications ? for this I choose mysql backend Riccardo On 2/11/11 10:29 PM, David Sparro wrote: On 2/9/2011 7:12 PM, fddi wrote: I could succesfully setup bind with mysql backend and it works using bind

Re: multi-master with mysql backend

2011-02-09 Thread fddi
I could succesfully setup bind with mysql backend and it works using bind-mysql driver. everything works except that nsupdate will no longer work. is this normal ?? requests sent for adding a RR using nsupdate are ignored by named when using mysqldb backend while they are honoured and ser

Re: multi-master with mysql backend

2011-02-09 Thread fddi
On 2/9/11 2:15 AM, Warren Kumari wrote: On Feb 8, 2011, at 10:47 AM, fddi wrote: I need really something very simple: I have 2 domain name servers, I need them to be multi-master Please explain -- *why* do you need multimaster? I need to be able to update the nameserver even if one of the

Re: multi-master with mysql backend

2011-02-08 Thread fddi
Wallis wrote: fddi wrote: thank you for hte thread you pointed me. Actaully I do not have performance issue, but I just need DNS multi-master. I could succesfully apply mysql-bind patches. I have only one zone with few hosts. thank you very much Riccardo On 2/8/11 3:30 PM, Terry. wrote: 2011

Re: multi-master with mysql backend

2011-02-08 Thread fddi
I am trying them out thank you for all the suggestions you gave me Riccardo On 2/8/11 4:28 PM, Gary Wallis wrote: fddi wrote: thank you for hte thread you pointed me. Actaully I do not have performance issue, but I just need DNS multi-master. I could succesfully apply mysql-bind patches. I

Re: multi-master with mysql backend

2011-02-08 Thread fddi
thank you for hte thread you pointed me. Actaully I do not have performance issue, but I just need DNS multi-master. I could succesfully apply mysql-bind patches. I have only one zone with few hosts. thank you very much Riccardo On 2/8/11 3:30 PM, Terry. wrote: 2011/2/8 fddi: I have

Re: multi-master with mysql backend

2011-02-08 Thread fddi
Riccardo On 2/8/11 12:07 AM, p...@mail.nsbeta.info wrote: fddi writes: Hello, I would like to configure a multi-master configuration wirh 2 hosts and I have been thinking to mysql as a backend. Is there any official or semi-official support in bind for using mysql as backend ? Any kind of

multi-master with mysql backend

2011-02-07 Thread fddi
Hello, I would like to configure a multi-master configuration wirh 2 hosts and I have been thinking to mysql as a backend. Is there any official or semi-official support in bind for using mysql as backend ? Any kind of documentation on this ? thank you Riccardo _

basic MX question

2010-10-28 Thread fddi
Hello I have a question. I am going to start in production environment a bunch of 3 mail servers for my domain, let'say mydomain.com I need to install a X509 certificate on each server in a way that upon x509 authentication thunderbird or whatever MUA won't complain about hostname different f

named errors

2010-08-10 Thread fddi
hello, on my server I have many errors like this one: Aug 10 11:12:01 server2 named[31822]: dispatch 0x2c159550: shutting down due to TCP receive error: 213.198.65.226#53: connection reset anyone could give me some more hint ? does this mean that 213.198.65.226 is broken ? thanks Rick

using TXT fields

2010-05-18 Thread fddi
Hello, I wanted to ask if using TXT fields can have some bad implication security issues thanks Rick ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: problem with domain and sub-domain configuration

2010-05-04 Thread fddi
the only working solution for me was to configure inside ns.cr.test.com a slave zone for domain test.com. I wanted to avoid this but it is the only working solution thanks Barry Margolin wrote: In article , Gregory Hicks wrote: Date: Mon, 03 May 2010 17:37:46 +0200 From: fddi To

problem with domain and sub-domain configuration

2010-05-03 Thread fddi
Hello I have one domain test.com with namserver ns.test.com (10.0.0.1) and a subdomain cr.test.com with nameserver ns.cr.test.com (10.1.0.1) my problem is that if I update hostnames inside test.com zone updates are not seen by cr.test.com nameserver they are seen if I restart named on cr.t

Re: problem with notifies

2010-03-30 Thread fddi
thing started migrating from 9.2 to 9.3 thanks Rick Chris Thompson wrote: On Mar 30 2010, Matus UHLAR - fantomas wrote: On 30.03.10 13:56, fddi wrote: Hello I have a name server which is slave for many other zones. The problem is that I upgraded to bind 9.3.x and now I have plenty of messages

problem with notifies

2010-03-30 Thread fddi
Hello I have a name server which is slave for many other zones. The problem is that I upgraded to bind 9.3.x and now I have plenty of messages like: IN: refused notify from non-master: itselfIPaddress how can I avoid this ? Do I ahev to insert notify no for every zone in which it is slave

Re: reverse lookup zone different from /24

2010-03-05 Thread fddi
thank you to all for the explanatinos, I'll create all my /24 reverse with a python script :) Matus UHLAR - fantomas wrote: I have many IP sunets which are /22 or /21 and it is really annoying to write 8 reverse subnets [...] is there a way to write only one reverse zone for /22 or

reverse lookup zone different from /24

2010-03-05 Thread fddi
hello, I have many IP sunets which are /22 or /21 and it is really annoying to write 8 reverse subnets for a 10.10.0.0/21 network in the named.rev: I have to put 8 entries like zone "0.10.10.in-addr.arpa" IN { zone "1.10.10.in-addr.arpa" IN { zone "2.10.10.in-addr.arpa" IN { zone "3.10.10.in-

mysql backend

2010-02-07 Thread fddi
Hello, is anyone using a mysql backend for bind9 ? how to setup it ? thanks Rick ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: multi master primary nameserver.

2010-02-05 Thread fddi
Doug Barton wrote: On 2/5/2010 2:41 PM, fddi wrote: Hello I wanted to ask how could be possible in some way to have 2 or more multi master name servers authoritative for one domain, instead of the classical master slave model. Yes. so should I use somthing like rsync or cfengine

multi master primary nameserver.

2010-02-05 Thread fddi
Hello I wanted to ask how could be possible in some way to have 2 or more multi master name servers authoritative for one domain, instead of the classical master slave model. thank you Rick ___ bind-users mailing list bind-users@lists.isc.org https://

Re: how to setup a local root nameserver?

2010-02-02 Thread fddi
1D IN NS172.16.30.30 * IN A172.16.30.30 Joseph S D Yao wrote: On Tue, Feb 02, 2010 at 12:50:56AM +0100, fddi wrote: Hello, I need to setup a local named configuration so that ANY request will be resolved to a specific single IP only. I mean any

how to setup a local root nameserver?

2010-02-01 Thread fddi
Hello, I need to setup a local named configuration so that ANY request will be resolved to a specific single IP only. I mean any kind of DNS resolutin request www.luth.se www.isc.org www.anything.tld should be resolved in 172.16.30.30 for example I need this because I need to redirect users