Hi Bob
On Tue, Oct 18, 2016 at 03:26:00PM -0400, Bob Harold wrote:
> On Tue, Oct 18, 2016 at 3:26 AM, Mukund Sivaraman wrote:
>
> >
> > Firstly, RPZ in BIND 9.9 (vanilla) is broken, unmaintained and should
> > not be used by anyone. If you know people using BIND 9.9 (vanilla) for
> > RPZ, please
On Tue, Oct 18, 2016 at 3:26 AM, Mukund Sivaraman wrote:
>
> Firstly, RPZ in BIND 9.9 (vanilla) is broken, unmaintained and should
> not be used by anyone. If you know people using BIND 9.9 (vanilla) for
> RPZ, please ask them to upgrade to 9.10 at least. RPZ in 9.9
> subscription branch is OK.
>
Hi Phil
On Tue, Oct 18, 2016 at 09:15:45AM +0100, Phil Mayers wrote:
> On 18/10/16 08:26, Mukund Sivaraman wrote:
>
> > We know that IXFR with RPZ policy zones (esp. this DBL zone) causes some
> > trouble due to a less than desirable design / implementation of RPZ in
> > BIND. We have a plan to r
On 18/10/16 08:26, Mukund Sivaraman wrote:
We know that IXFR with RPZ policy zones (esp. this DBL zone) causes some
trouble due to a less than desirable design / implementation of RPZ in
BIND. We have a plan to refactor the RPZ implementation for 9.12 to
remove these inefficiencies.
Can you sh
Hi Daniel
On Tue, Oct 18, 2016 at 09:08:37AM +0200, Daniel Stirnimann wrote:
> It currently looks like that only having the spamhaus rpz zones active
> causes the occasional timeouts. Maybe it's related to the zone size as
> dbl.rpz.spamhaus.org is quite large. If i/o performance on the virtual
>
>> I have upgraded some of our BIND resolvers from BIND 9.9.9-P3 to BIND
>> 9.11.0 and I notice timeouts for 3 - 5 seconds about every 1 to 5 hour.
>
> Something to do with dlv.isc.org?
No, I can rule out dlv.isc.org.
It currently looks like that only having the spamhaus rpz zones active
causes
Hi there,
On Mon, 17 Oct 2016, Daniel Stirnimann wrote:
I have upgraded some of our BIND resolvers from BIND 9.9.9-P3 to BIND
9.11.0 and I notice timeouts for 3 - 5 seconds about every 1 to 5 hour.
Something to do with dlv.isc.org?
--
73,
Ged.
___
Hi,
I have upgraded some of our BIND resolvers from BIND 9.9.9-P3 to BIND
9.11.0 and I notice timeouts for 3 - 5 seconds about every 1 to 5 hour.
I have managed to trace this back to our RPZ configuration. I have 14
RPZ zones configured. Some of them are quite large (e.g. Spamhaus). The
only work
8 matches
Mail list logo
