Re: Can't use Bind DLZ through LDAPS SSL

On 2/16/21 11:54 PM, Dario García Díaz-Miguel via bind-users wrote: Hi everybody, Hi, Since I'm a little bit desperate with this issue, and after asking this on reddit (r/sysadmin) and serverfault with low or none responses, I think it would be worth half an hour or so to test stunnel. It

Re: Can't use Bind DLZ through LDAPS SSL

On 2/12/21 4:49 AM, Ted Mittelstaedt wrote: If you are not familiar with stunnel you should have looked up what it was before responding. It's not going to be applicable here and I would not have suggested it if I had known both programs were on the same machine. What does being on the same

BIND DLZ - ldap_init and LDAP_PORT function argument values

Hello, I'm checking the source code of bind dlz since we need to use ldaps instead of ldap. I found this on the source code of BIND DLZ: If (ldap_url->lud_port != 389) { db->log(ISC_LOG_ERROR,"%s query must not specify a port", msg); result = ISC_R_FAILURE; goto cleanup;

RE: Can't use Bind DLZ through LDAPS SSL

-Mensaje original- De: Dario García Díaz-Miguel Enviado el: lunes, 15 de febrero de 2021 8:07 Para: 'bind-users@lists.isc.org' CC: skmf_support Asunto: RE: Can't use Bind DLZ through LDAPS SSL Hi Ted, Thank you again for your reply, very appreciated. Yes, I'm using t

RE: Can't use Bind DLZ through LDAPS SSL

Hi Ted, Thank you again for your reply, very appreciated. Yes, I'm using the Bind-DLZ site's examples to build my own configuration: dlz "ldap zone" { database "ldap 2 v3 simple {uid=bind/test-machine.example.com,ou=Services,dc=example,dc=com} {secret} localhost ldap:/

Re: Can't use Bind DLZ through LDAPS SSL

That should be impossible. Bind DLZ is compiled to use the same openldap libraries that your openldap server is using. If you configure the query URL as ldapi then the same thing is being sent to the libraries that ldapsearch is sending. That is why you do not have to do anything special

RE: Can't use Bind DLZ through LDAPS SSL

lSSF configuration is not using SSL and that's required due to some implementations. The problem is that BIND DLZ is NOT using LDAPI nor LDAPS and I don't know how to configure it. Ldapsearch -H ldapi:/// -D "cn=Administrator,dc=example,dc=com" -W --> works Ldapse

Re: Can't use Bind DLZ through LDAPS SSL

looked up what it was before responding. It's not going to be applicable here and I would not have suggested it if I had known both programs were on the same machine. Ted On 2/12/2021 3:15 AM, Dario García Díaz-Miguel wrote: Hi Ted, Thank you for your answer. Both servers (OpenLDAP and BIN

RE: Can't use Bind DLZ through LDAPS SSL

Hi Ted, Thank you for your answer. Both servers (OpenLDAP and BIND DLZ) are on the same machine. LDAPI:/// socket has been configured to not require SSL with olcLocalSSF If BIND DLZ is not supporting LDAPS, does it support any way to bind against LDAP using LDAPI? I've tried to use the

Re: Can't use Bind DLZ through LDAPS SSL

Instead of beating your head against DLZ can't you simply put the DLZ query into stunnel and connect to the openldap server that way? Ted On 2/11/2021 10:39 PM, Dario García Díaz-Miguel wrote: Hi there, I really don't know If this is the correct place to ask about Bind DLZ, but

Can't use Bind DLZ through LDAPS SSL

Hi there, I really don't know If this is the correct place to ask about Bind DLZ, but I'm afraid that I could not have any responses from the BIND DLZ mail list and, since this seems to be an "official" plugin and it's compiled on the bind9 package from the SuSE15 SP2

Scaling Bind-DLZ

Hi, we are using with a quite good satisfaction Bind-DLZ (with Postgresql 9.6.4) on Bind9. I know, it is a quite old driver, but we know very well how does it work. Due to traffic increase, we are experiencing some visible delays when the number of concurrent queries per second reach the

Bind DLZ / LDAP error

I am upgrading from a very old version of bind (9.4.1) with the DLZ patch applied to 9.11.3, it looks like DLZ is now build in, I have compiled bind with “-with-dlz-ldap=/opt/openldap”. I am getting some errors trying to run it: 30-Apr-2018 13:07:23.691 Loading 'ldap zone' using driver ldap 30-A

Bind DLZ and 64 bit environment

Dear guys,   I would like to ask you an help on this. We are using since some years, with success, Bind DLZ (the first implementation of 2004 i think). We use Postgresql 9.6.1 as backend server and still a 32bit system with CentOS 5. Bind is compiled with enable threads; we put 64 as drivers

Bind DLZ on a 64 bit environment

Dear guys, I would like to ask you an help on this. We are using since some years, with success, Bind DLZ (the first implementation of 2004 i think). We use Postgresql 9.6.1 as backend server and still a 32bit system with CentOS 5. Bind is compiled with enable threads; we put 64 as drivers

Bind DLZ

Hi all, I've been using Bind DLZ for quite some time now - the original Sourceforge code in various older versions of bind - and have had no issues with it. So as to move away from hand patching code and building custom packages I've tried to move to the packaged version of bind i

Use the $client$ token in findzone query - Bind-DLZ

Hello, regarding this post of some years ago: http://bind9-users.isc.narkive.com/aduGYTeB/dlz-client-parameter-segfault i would like is there is some hacks/workaround in order to use $client$ variable in other query, as example in the "findzone" query? Actually the source client token is avail

Use the $client$ token in findzone query - Bind-DLZ

Hello, regarding this post of some years ago: http://bind9-users.isc.narkive.com/aduGYTeB/dlz-client-parameter-segfault i would like is there is some hacks/workaround in order to use $client$ variable in other query, as example in the "findzone" query? Actually the source client token is availa

Use the $client$ token in findzone query - Bind-DLZ

Hello, regarding this post of some years ago: http://bind9-users.isc.narkive.com/aduGYTeB/dlz-client-parameter-segfault i would like is there is some hacks/workaround in order to use $client$ variable in other query, as example in the "findzone" query? Actually the source client token is availa

Re: Question about bind-dlz performance limit

On Tue, Jan 27, 2015 at 02:50:33PM +0800, WXR wrote: > I'm using bind-dlz(bind version 9.10) with mysql to store zone data. > According to the dlz official documents I use the compile > arguments " -enable-threads=no". If you're on 9.10, the documentation you

Question about bind-dlz performance limit

I'm using bind-dlz(bind version 9.10) with mysql to store zone data. According to‍ the dlz official documents I use the compile arguments " -enable-threads=no‍". Now I use dnstop and netstat to monitor the performance,and find there is a perfomance bottleneck of bind-dlz. Once t

Re: Using BIND-DLZ for a hidden master [was: Re: dns master-slave transfer]

2012/11/1 Chris Thompson : > On Oct 29 2012, Feng He wrote: > >> 于 2012-10-29 9:58, kavin 写道: >>> >>> Now，I want transfer the zone data from the master dns serverto slave >>> dns server ,the master dns use bind-dlz+mysql and the slave dns server >>>

Re: Using BIND-DLZ for a hidden master [was: Re: dns master-slave transfer]

Chris, > Can one use BIND 9.9 "inline signing" > with the unsigned version provided by a DLZ interface? there's no reason why you shouldn't be able to. Your BIND 9.9 inline signer would AXFR from BIND DLZ without trouble, but your signer won't be notified by DLZ;

Using BIND-DLZ for a hidden master [was: Re: dns master-slave transfer]

On Oct 29 2012, Feng He wrote: 于 2012-10-29 9:58, kavin 写道: Now，I want transfer the zone data from the master dns serverto slave dns server ,the master dns use bind-dlz+mysql and the slave dns server use bind+file. AFAIK, BIND DLZ doesn't send a notify message to slave, so both your m

[info]: BIND DLZ dlopen() with Lua

During a bout of excessive boredom I created a Lua back-end for DLZ's dlopen() driver. If anybody is interested, I've put up a short description [1] and the source code [2]. Patches are welcome. :) -JP [1] http://jpmens.net/2011/12/01/lua-back-end-for-bind/ [2] https://github.com/jpmens/d

Re: R: Bind DLZ and Postgres 8.4.8

On 04/10/11 21:38, Job wrote: > Hello, > > everything is fine, i patched the source tree! > > Thank you, regards! > > Francesco Whose source tree? Is it the patch something that would be useful/appropriate to share here? Regards, Cathy ___ Please

R: Bind DLZ and Postgres 8.4.8

2011 16:47 A: bind-users@lists.isc.org Oggetto: Bind DLZ and Postgres 8.4.8 Hello, by regarding the excellent guide of Jan Pit Mens, i have integrated Bind 9.8.1 DLZ with Mysql 5.x DB; everything is fine and fantastic. I cannot use Postgresql 8.4.8 backend; named correctly starts but, when first

Bind DLZ and Postgres 8.4.8

Hello, by regarding the excellent guide of Jan Pit Mens, i have integrated Bind 9.8.1 DLZ with Mysql 5.x DB; everything is fine and fantastic. I cannot use Postgresql 8.4.8 backend; named correctly starts but, when first nslookup query take place, named crash with this dump: --

bind-dlz don't work

Bind-dlz(the latest Berkeley DB as a back-end),Services can start correctly, but DNS is not returned to the correct value. Related data: dbsql> .tables dns_client dns_datadns_xfr dns_zone dbsql> select * from dns_client; test.com|192.168.146.155 test.com|127.0.0.1 dbsql&g

Bind dlz(mysql) with SRV Record

How to store SRV records in the database(mysql)? PRI、weight、port、target can be stored in data field？ mysql> select zone,host,type,data from dns_records where zone='zzz.cn' and type='srv'; +++--+-+ | zone | host | type | data

Re: bind dlz(mysql)

In message <201007011210381811...@114.com.cn>, "ShanyiWan" writes: > SOA Record query : > > 01-Jul-2010 12:00:09.121 dns_rdata_fromtext: buffer-0xbff9b414:1: near '20100 > 701000': out of range > 01-Jul-2010 12:00:09.121 dns_sdlz_putrr returned error. Error code was: out o > f range > What is the

bind dlz(mysql)

SOA Record query : 01-Jul-2010 12:00:09.121 dns_rdata_fromtext: buffer-0xbff9b414:1: near '20100701000': out of range 01-Jul-2010 12:00:09.121 dns_sdlz_putrr returned error. Error code was: out of range What is the scope of the serial field values? and data fields(table:dns_records) cannot be

Re: Bind DLZ/DNAME problem

On 29/06/10 02:53, Mark Andrews wrote: [...] I would remove the following from lib/dns/sdlz.c:find(). /* * Unless this is an explicit lookup at the origin, don't * look at the origin. */ if (i == olabels&&

Re: Bind DLZ/DNAME problem

example.net. NS ... > example.net. DNAME example.com. > > , I have the strange problem that this does not work in a Bind-DLZ configurat > ion > (Bind 9.7.0 with posgreSQL backend). For a query of "test.example.net", no > DNAME/CNAME is returned, but an NXDOMAIN. If I either

Bind DLZ/DNAME problem

Hi, I don't know whether this is the right place to ask, sorry if not. I am currently chasing a problem with DNAMEs: If I have a zone, say, example.net. SOA example.net. NS ... example.net. DNAME example.com. , I have the strange problem that this does not work in a Bin

Re: Favorite bind-dlz / mysql web based frontend?

I don't use mysql, I use postgresql. For web mgt, I use a locally modified copy of Ant. -david On 01/22/10 13:34, da...@from525.com wrote: > > All, > > I was wondering if any of the folks out there using bind-dlz with > mysql have found a decent web based tool for

Favorite bind-dlz / mysql web based frontend?

All, I was wondering if any of the folks out there using bind-dlz with mysql have found a decent web based tool for managing their data? Thanks, David Porsche___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman

Re: Semi-OT, BIND dlz and excessive queries

afaik, yes it's expected - for the reason that we don't yet have a smart way across all types of database to find the most specific match without doing multiple queries. -david Scott Haneda wrote: > The DLZ users mailing list is pretty quiet, thought to ask here in > case someone can elaborate. >

Semi-OT, BIND dlz and excessive queries

The DLZ users mailing list is pretty quiet, thought to ask here in case someone can elaborate. I have MySql query logging on so I can see the queries as they come in for testing. dig example.com @localhost This yields a hit to the database of 090509 5:50:56 2593 Query SELECT zone

Re: bind-dlz and %client% token

On 27-Nov-2008, at 11:50 , Jakub Heichman wrote: Hello all, I'm looking to implementing a DNS server based on bind-dlz with mysql backend that would allow me to give different DNS responses based on clients' IP addresses. The closest match to this in BIND currently is views. If

bind-dlz and %client% token

Hello all, I'm looking to implementing a DNS server based on bind-dlz with mysql backend that would allow me to give different DNS responses based on clients' IP addresses. I have found this post to bind-dlz-testers from back in 2006: http://sourceforge.net/mailarchive/forum.php?thread