e VM.
>
> I have verified that forwarding is working correctly on both, the issue is
> not with the application because both VMs on each setup can handle traffic
> individually, the firewall is not blocking the queries, and the
> configuration is correct.
>
> This is the zone:
IN {
type forward;
forwarders { 127.0.0.1 port xxx; a.b.c.d port xxx; };
forward only;
};
Please share any other possible solutions.
On 19.09.23 08:25, Bob Harold wrote:
Note that the 'forwarders' line, from the BIND 9.11 manual: "There may be
one or more forwarders, and they are
M.
>
> I have verified that forwarding is working correctly on both, the issue is
> not with the application because both VMs on each setup can handle traffic
> individually, the firewall is not blocking the queries, and the
> configuration is correct.
>
> This is the zone:
>
>
because both VMs on each setup can handle traffic
individually, the firewall is not blocking the queries, and the
configuration is correct.
This is the zone:
zone "example.com" IN {
type forward;
forwarders { 127.0.0.1 port xxx; a.b.c.d port xxx; };
forward only;
};
Please share any othe
9.16.42 serves its local DNS zone, everything else is
supposed to come from the IT DNS servers. Therefore named.conf contains:
options {
forward only;
forwarders { ip4A; ip4B; }
};
It is my understanding that this local instance serves client queries either
from its cache, or it relies on the two
zones, and we don't need or want recursive queries between us to use TSIG.
> Our recursive servers still have the same shared access control config,
> but the Imperial parts are not used there, because none of the zone
> clauses refer to the Imperial acl/primaries names.)
>
> Thi
nfiguration doesn't work in all cases: for
instance, you can't specify TSIG keys in the `forwarders` clause, so you
have to use a `server` clause to configure TSIG for forwarding.
I haven't answered your specific questions because I'm not sure I
understand the details of your setup
on.key";
statistics-file "/var/named/log/named.stats";
tcp-clients 1000;
zone-statistics yes;
empty-zones-enable no;
rrset-order {
order cyclic;
};
transfers-in 50;
transfers-out 30;
transfers-per-ns 30;
no-case-compress {any; };
allow-recursion {any;};
recursive-clients 1
ally. Our
workaround while we sort through these issues is implementing
forwarders.
I’d like to understand how much traffic is flowing to each
forwarder (QPS, etc) and monitor that for any issues. Is
there a way to do that effectively in Bind without putting some
kind of network device on the out
Parkin, Richard (R.) wrote:
>
> I’d like to understand how much traffic is flowing to each forwarder
> (QPS, etc) and monitor that for any issues. Is there a way to do that
> effectively in Bind without putting some kind of network device on the
> outbound path to measure it? If not, does anyone
implementing forwarders.
I’d like to understand how much traffic is flowing to each forwarder (QPS, etc)
and monitor that for any issues. Is there a way to do that effectively in Bind
without putting some kind of network device on the outbound path to measure it?
If not, does anyone have any suggestions
On Mon, Oct 19, 2020 at 11:26 AM Victoria Risk wrote:
>
> The ARM was updated in 9.16.6. Sorry it took us so long!
>
> from https://gitlab.isc.org/isc-projects/bind9/-/issues/2030
> Forwarders are typically used when an administrator does not wish for
> all the servers
The ARM was updated in 9.16.6. Sorry it took us so long!
from https://gitlab.isc.org/isc-projects/bind9/-/issues/2030
Forwarders are typically used when an administrator does not wish for
all the servers at a given site to interact directly with the rest of
the Internet. For example, a common
On Sun, Oct 18, 2020 at 2:32 PM @lbutlr wrote:
>
> On 16 Oct 2020, at 08:36, Bob Harold wrote:
> > That is certainly not obvious. How do I request improving the manual?
> >
> > "in turn" would seem to imply "in order", and the order would logically be
> > the order I listed them.]
>
> I disagre
On 16 Oct 2020, at 08:36, Bob Harold wrote:
> That is certainly not obvious. How do I request improving the manual?
>
> "in turn" would seem to imply "in order", and the order would logically be
> the order I listed them.]
I disagree. In turn means one is tried, then if that fails the next is
On Fri, Oct 16, 2020 at 10:22 AM Matus UHLAR - fantomas
wrote:
>> On 16.10.20 09:56, Bob Harold wrote:
> >The BIND ARM (9.16.2) says:
> >"There may be one or more forwarders, and they are queried in turn until
> >the list is exhausted or an answer is found."
&
h.edu 734-512-7038
On Fri, Oct 16, 2020 at 10:21 AM Matus UHLAR - fantomas
wrote:
> On 16.10.20 09:56, Bob Harold wrote:
> >The BIND ARM (9.16.2) says:
> >"There may be one or more forwarders, and they are queried in turn until
> >the list is exhausted
> >or an a
On 16.10.20 09:56, Bob Harold wrote:
The BIND ARM (9.16.2) says:
"There may be one or more forwarders, and they are queried in turn until
the list is exhausted
or an answer is found."
But
https://lists.isc.org/pipermail/bind-users/2015-August/095544.html
says:
"Forwarders are se
The BIND ARM (9.16.2) says:
"There may be one or more forwarders, and they are queried in turn until
the list is exhausted
or an answer is found."
But
https://lists.isc.org/pipermail/bind-users/2015-August/095544.html
says:
"Forwarders are selected based on an RTT(round-trip-time)-
On 18.07.19 13:24, John Thurston wrote:
I have a number of 'forward' zones defined. Many of them look exactly
the same except for their name. It would be helpful to abstract the
addresses of my forwarders out and name them only once. But I can't
find any way to do this.
An A
On 7/18/19 3:24 PM, John Thurston wrote:
I have a number of 'forward' zones defined. Many of them look exactly
the same except for their name. It would be helpful to abstract the
addresses of my forwarders out and name them only once. But I can't find
any way to do this.
An A
I have a number of 'forward' zones defined. Many of them look exactly
the same except for their name. It would be helpful to abstract the
addresses of my forwarders out and name them only once. But I can't find
any way to do this.
An ACL doesn't make sense. A 'master
TBH, I haven't worked specifically with "static-stub", but with the classic
"stub", one would put a "null forwarders" statement in the zone definition
to inhibit forwarding.
I.e.
forwarders { };
- Kevin
On Wed, M
Hi,
When I setup static-stub zones with the global forwarders options
configured, BIND by design forwards the requests before using the stubs.
What is the best way around this so the stubs and cache are consulted first?
This is required for split-brain DNS.
Thanks
Regards
Ben Lavender
On 10/25/2018 06:26 PM, Lee wrote:
If you're using those addresses internally it makes sense to filter them
from 'outside'.
That's what I thought.
I play those games at times also :) So it sounds like what I was
missing is that you like a challenge & are using more address space that
I thou
On 10/25/18, Grant Taylor via bind-users wrote:
> On 10/25/2018 03:25 PM, Lee wrote:
>
>> I'm missing what filtering out things like benchmarking & documentation
>> network addrs gets you beyond maybe saving some bandwidth?
>
> I do use all sorts of IP ranges (test networks extensively) in my home
On 10/25/2018 03:25 PM, Lee wrote:
I feel like I'm missing something :(
I'll see if I can fill in below.
I read this
https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325
and used RPZ to block anything coming from outside that might be
On 10/24/18, Grant Taylor via bind-users wrote:
> On 08/09/2018 01:01 AM, Lee wrote:
>> it does, so you have to flag your local zones as rpz-passthru.
>
> Thank you again Lee. You gave me exactly what I needed and wanted to know.
you're welcome :)
> I finally got around to configuring my RPZ to
On 08/09/2018 01:01 AM, Lee wrote:
it does, so you have to flag your local zones as rpz-passthru.
Thank you again Lee. You gave me exactly what I needed and wanted to know.
I finally got around to configuring my RPZ to filter IPv4
Special-Purpose Address Registry as per IANA's definition.
(
Well this is valid when users are directly talking to RPZ servers. What if
there is one more resolver in between like Active Directory which itself
acts as a DNS server? In that case I believe you don't need to do that,
right?
On Fri, Aug 10, 2018 at 12:33 AM Grant Taylor via bind-users <
bind-use
On 08/09/2018 01:01 AM, Lee wrote:
yes, it works just fine
Good.
it does, so you have to flag your local zones as rpz-passthru. eg:
*.home.net CNAME rpz-passthru.
localhost CNAME rpz-passthru.
8.0.0.0.127.rpz-ip CNAME . ; 127.0.0.0/8
8.0.0.0.10.rp
On 8/9/18, Grant Taylor via bind-users wrote:
> On 08/08/2018 10:02 PM, Blason R wrote:
>> Due to the architecture since I have my internal DNS RPZ built I wanted
>> my other internal DNS servers should send traffic to RPZ server and
>> then RPZ would resolve on behalf of client.
>
> Speaking of
On 08/08/2018 10:02 PM, Blason R wrote:
Due to the architecture since I have my internal DNS RPZ built I wanted
my other internal DNS servers should send traffic to RPZ server and
then RPZ would resolve on behalf of client.
Speaking of PRZ and forwarding…
Does anyone know off hand if BIND, w
n Wed, Aug 8, 2018 at 10:26 PM Matus UHLAR - fantomas
wrote:
> On 08.08.18 19:32, Blason R wrote:
> >I am bit confused about DNS forwarders. I have two BIND Servers one is
> >being used as Authoritative DNS server which has forwarder set
>
> why?
>
> > to other
&
On 08.08.18 19:32, Blason R wrote:
I am bit confused about DNS forwarders. I have two BIND Servers one is
being used as Authoritative DNS server which has forwarder set
why?
to other
server like this
Auth Server for xvyz.com 192.168.3.15
Recursive Server 192.168.3.44
Now if I am debugging
In article ,
Blason R wrote:
> Hi there,
>
> I am bit confused about DNS forwarders. I have two BIND Servers one is
> being used as Authoritative DNS server which has forwarder set to other
> server like this
>
> Auth Server for xvyz.com 192.168.3.15
> Recursive Serv
Hi there,
I am bit confused about DNS forwarders. I have two BIND Servers one is
being used as Authoritative DNS server which has forwarder set to other
server like this
Auth Server for xvyz.com 192.168.3.15
Recursive Server 192.168.3.44
Now if I am debugging from client side using -debug
Ben Croswell a
écrit :
If you load foo.com on server A and delegate bar.foo.com to server B with a
global forwarder of server C you resolution will vary depending on forward
first vs forward only and forwarders {}.
With no forward {} the path for blah.bar.foo.com directed at server A will b
If you load foo.com on server A and delegate bar.foo.com to server B with a
global forwarder of server C you resolution will vary depending on forward
first vs forward only and forwarders {}.
With no forward {} the path for blah.bar.foo.com directed at server A will
be A > C > B
With f
forward{} turns off global forwarding for that branch
of the tree.
On May 12, 2017 9:27 AM, "Mik J via bind-users"
wrote:
Hello,
If my DNS is master/slave for a zone, why would I want it to use forwarders.
In other terms why would I wantzone "mydomain.com"
{
typ
branch of the tree.
On May 12, 2017 9:27 AM, "Mik J via bind-users"
wrote:
> Hello,
>
> If my DNS is master/slave for a zone, why would I want it to use
> forwarders.
>
> In other terms why would I want
> zone "mydomain.com"
> {
> type master
Hello,
If my DNS is master/slave for a zone, why would I want it to use forwarders.
In other terms why would I wantzone "mydomain.com"
{
type master;
file "zones/master/com/mydomain.com";
allow-update { acl; };
};
Instead of (forwarders {}
Hi, Steve
Thanks for comments!
I was mistaken, recheck packet capture results,
it was query to all server access in configuration.
I thought single server access on first capture results
But, I think better to more hight cache hit rate by sequential
access(e.g. first access is static).
Howev
On 14 November 2016 at 02:54, Techs-yama wrote:
> Does not this configuration parameter [server address] is sequential access?
No, it will use both, it will calculate the RTT for both servers and
work out which one is responding faster and use that one for the
majority of the queries, every so of
Hi, bind-users All.
I have question about "global forwarders option" in named.conf,
For example,
forwarders {
1.1.1.1;
2.2.2.2;
};
I tried packet capture in this server on dig query,
However, I looked like destination server access is randomized.
looked like..
In message
<3c929ce024ce174480d567360a8291b1ee69071...@hq1-mailmb-v1.trade.ftc.gov>,
"Chakrapani, Praveen CTR via bind-users" writes:
>
> Hi,
>
> I added below line to my named.conf to include IPv6 addresses to the
> forwarders list. However I am getting this erro
I added below line to my named.conf to include IPv6 addresses to the
forwarders list. However I am getting this error *“Sep 13 10:33:06
servername named[24778]: [ID 873579 daemon.error] /etc/named.conf:158:
expected IP address near '2001:1890:1C04:3000:0CB7:4432'”*
That's bec
sc.org] On Behalf Of
Chakrapani, Praveen CTR via bind-users
Sent: Tuesday, September 13, 2016 4:48 PM
To: 'bind-users@lists.isc.org'
Subject: forwarders (IPv6)
Hi,
I added below line to my named.conf to include IPv6 addresses to the forwarders
list. However I am getting this erro
Hi,
I added below line to my named.conf to include IPv6 addresses to the forwarders
list. However I am getting this error "Sep 13 10:33:06 servername named[24778]:
[ID 873579 daemon.error] /etc/named.conf:158: expected IP address near
'2001:1890:1C04:3000:0CB7:4432'
e request.
Mark
> - Kevin
>
> -Original Message-
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of S Carr
> Sent: Thursday, August 25, 2016 4:09 PM
> To: bind-users
> Subject: Re: Slaves or Forwar
ginal Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of S Carr
Sent: Thursday, August 25, 2016 4:09 PM
To: bind-users
Subject: Re: Slaves or Forwarders?
On 25 August 2016 at 21:06, Matus UHLAR - fantomas wrote:
> just IXFRs or AXFRs too?
> Isn't edns over UDP
On 25 August 2016 at 21:06, Matus UHLAR - fantomas wrote:
> just IXFRs or AXFRs too?
> Isn't edns over UDP enough in many cases?
>From what I've seen in past testing any attempt to request an AXFR
against BIND using UDP gets an immediate TC response.
Steve
___
In message <844475874024407090c1c2e9d5718...@mxph4chrw.fgremc.it>, "Darcy Kevin
(FCA)" writes:
From an InfoSec standpoint, of course one would prefer to use
cryptographic methods of securing DNS data, but, in the absence of that,
slaving could, arguably, be considered more secure than forwarding,
Darcy Kevin (FCA) wrote:
> From an InfoSec standpoint, of course one would prefer to use
> cryptographic methods of securing DNS data,
Yes, use TSIG for zone transfers. You can also use it for forwarding.
Tony.
--
f.anthony.n.finchhttp://dotat.at/ - I xn--zr8h punycode
Fair Isle, North F
In message <844475874024407090c1c2e9d5718...@mxph4chrw.fgremc.it>, "Darcy Kevin
(FCA)" writes:
> From an InfoSec standpoint, of course one would prefer to use
> cryptographic methods of securing DNS data, but, in the absence of that,
> slaving could, arguably, be considered more secure than forwa
ver instances (e.g. IPSEC tunnels).
- Kevin
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Tony
Finch
Sent: Tuesday, August 23, 2016 11:00 AM
To: Baird, Josh
Cc: bind-users@lists.isc.org
Subject: Re: Slaves or Forwarders?
Ba
master outside of my
> environment).
> Is this method of 'sub-slaves' considered an acceptable practice?
Yes. (The new EDNS EXPIRE feature makes it a bit safer too.)
> Some folks also like to use forwarders if they don't have the capability
> to slave the zone.
). This seems to
work well and makes management easier on my end. Is this method of
'sub-slaves' considered an acceptable practice?
Some folks also like to use forwarders if they don't have the capability to
slave the zone. In this scenario, I would have to create a 'forward&
In article ,
Richard Thomas wrote:
> Hi all,
>
> Having heard about recursion, is there a way of getting BIND to make
> recursive DNS requests to the A.B.C.D and E.F.G.H DNS servers?
Requests to forwarders always have the Recursion Requested flag set. So
you could point them t
Matus UHLAR - fantomas
Sent: 11 December 2014 16:39
To: bind-users@lists.isc.org
Subject: Re: Question about how forwarders work
On 11.12.14 16:28, Richard Thomas wrote:
Please could I have some advice about how the below example configuration would
work:
forwarders { A.B.C.D; E.F.G.H; };
What I w
UHLAR - fantomas
Sent: 11 December 2014 16:39
To: bind-users@lists.isc.org
Subject: Re: Question about how forwarders work
On 11.12.14 16:28, Richard Thomas wrote:
>Please could I have some advice about how the below example configuration
>would work:
>
>forwarders { A.B.C.D; E.F.G.H;
On 11.12.14 16:28, Richard Thomas wrote:
Please could I have some advice about how the below example configuration would
work:
forwarders { A.B.C.D; E.F.G.H; };
What I wanted to achieve is that one of the IP addresses to be used as a
primary DNS server and the other IP address to be used as a
Hi,
Please could I have some advice about how the below example configuration would
work:
forwarders { A.B.C.D; E.F.G.H; };
What I wanted to achieve is that one of the IP addresses to be used as a
primary DNS server and the other IP address to be used as a secondary DNS
server.
I have had
The search algorithms in libresolve/libbind are a compromise.
If I had my way, back when libresolv was updated for RFC 1535,
support for partially qualified domain names would have died. ndots
was the compromise. Searches would have only continued on NXDOMAIN
and unqualified names would not hav
On 03/12/14 06:50, Tony Finch wrote:
> Lawrence K. Chen, P.Eng. wrote:
>
>> If you have FQDN for machines, the problem might be that the domain
>> isn't set in resolv.conf?
>
> The machines are configured with a bare hostname. If there isn't a search
> or domain directive in /etc/resolv.conf a
Lawrence K. Chen, P.Eng. wrote:
> If you have FQDN for machines, the problem might be that the domain
> isn't set in resolv.conf?
The machines are configured with a bare hostname. If there isn't a search
or domain directive in /etc/resolv.conf and there isn't an entry for the
machine in /etc/hos
1/14 06:28, Tony Finch wrote:
> Andreas Ntaflos wrote:
>>
>> Using Bind 9 on Ubuntu 12.04 for internal DNS (master for zones
>> "dc01.example.at.", "7.1.10.in-addr.arpa.", ...) with forwarders (ISP's
>> nameservers) for everything outside of inte
Andreas Ntaflos wrote:
>
> Using Bind 9 on Ubuntu 12.04 for internal DNS (master for zones
> "dc01.example.at.", "7.1.10.in-addr.arpa.", ...) with forwarders (ISP's
> nameservers) for everything outside of internal zones.
>
> The Problem: Clients,
7;s .hints file to locate the root servers, and from
there, it will resolve whatever it needs to resolve recursively, taking
over the roll of your upstream forwarder.
I'm sure someone can post a link to proper documentation, if you need it.
Incidentally, in the Windows world, you do the sa
ere you want the external namespaces to be visible (a
configuration-management system helps here, to ensure configuration
consistency; you mentioned you were using Puppet). For a forwarded
*external* zone, you want "forward only" as the mode, since otherwise
your internal boxes will tr
On 2014-03-10 22:23, Kevin Darcy wrote:
Options:
First, thanks a lot for the reply! So it seems what I described is
indeed the expected behaviour for the type of DNS we operate?
1) Change nameservice-switch order (e.g. /etc/nsswitch.conf) on your
hosts to prefer another source of name resol
M, Andreas Ntaflos wrote:
Hi list,
I hope I succeeded in articulating the problem we are facing and I
apologize for the length of this post.
Short version:
Using Bind 9 on Ubuntu 12.04 for internal DNS (master for zones
"dc01.example.at.", "7.1.10.in-addr.arpa.", ...) with forw
Hi list,
I hope I succeeded in articulating the problem we are facing and I
apologize for the length of this post.
Short version:
Using Bind 9 on Ubuntu 12.04 for internal DNS (master for zones
"dc01.example.at.", "7.1.10.in-addr.arpa.", ...) with forwarders (ISP's
na
That's kinda what I'm gleaning as well.
On Tue, Jan 28, 2014 at 12:43 PM, Matus UHLAR - fantomas
wrote:
> On 28.01.14 10:08, Phil Fagan wrote:
>>
>> Is it possible to configure the forward (only|first) timeout?
>
>
> AFAIK not (yet). The forwarder selection is done in the same way as the
> server
On 28.01.14 10:08, Phil Fagan wrote:
Is it possible to configure the forward (only|first) timeout?
AFAIK not (yet). The forwarder selection is done in the same way as the
server selection by RTT meassuring.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
Is it possible to configure the forward (only|first) timeout?
So, first query a server listed in the forwarders statement and upon
receiving no resolution answer [ in ?configurable? seconds ] query
another server (e.g., based on cached information or hints file
configuration) (forward first
};
server 172.16.202.2 {
keys {
ab.dc.example.com;
};
};
server 172.16.202.3 {
keys {
ab.dc.example.com;
};
};
server 172.16.202.4 {
keys {
ab.dc.example.com;
};
};
And i have my forwarders set to the same set of above servers.
xample.com;
};
};
server 172.16.202.4 {
keys {
ab.dc.example.com;
};
};
And i have my forwarders set to the same
set of above servers...My bind options clause is shown below.
forwarders { 172.16.202.1; 172.16.202.2; 172.16.202.3; 172.16.202.4; };
forward only;
allow-query { any; };
allow-trans
helps,
Len
>
> From: sumsum 2000
>To: bind-users@lists.isc.org
>Sent: Friday, July 12, 2013 6:14 AM
>Subject: Re: Reverse Lookups with Forwarders
>
>
>
>Along the same lines as that of ipv4 address:
>i have the following
28 and
> network range is 191.168.100.129 - 191.168.100.190
>
> in this specific case, this is what i end up with zone file configuration:
> zone "128.100.168.192.in-addr.arpa" IN {
> type forward;
>
, this is what i end up with zone file configuration:
zone "128.100.168.192.in-addr.arpa" IN {
type forward;
forwarders {10.213.246.15;};
fo
Thanks for the info
On Tue, Jul 9, 2013 at 1:03 PM, Matus UHLAR - fantomas wrote:
> On 09.07.13 11:51, sumsum 2000 wrote:
>
>> I have a reverse lookup zone file configuration as follows:
>> zone "0/24.110.252.173.in-addr.**arpa" {
>>
> [...]
>
> When I do dig -x 172.252.110.27, I expect it to f
On 2013.07.09 03.18, sumsum 2000 wrote:
What I am trying to achieve is this:
I am using BIND9 only for forwarding DNS requests to other DNS Servers.
I want the entire hosts in the
network : 173.252.110.0
with the host range: 173.252.110.1 - 173.252.110.254
with a total 254 addresses to be
On 09.07.13 11:51, sumsum 2000 wrote:
I have a reverse lookup zone file configuration as follows:
zone "0/24.110.252.173.in-addr.arpa" {
[...]
When I do dig -x 172.252.110.27, I expect it to forward it to
10.10.96.1, but instead, it uses the default resolver.
[...]
So if DNS Server X is confi
include "/etc/named.conf.test";
named.conf.test:
==
view "default" IN {
max-cache-ttl 600;
max-ncache-ttl 600;
zone "." IN {
ot;/etc/rndc.key";
include "/etc/named.conf.test";
named.conf.test:
==
view "default" IN {
max-cache-ttl 600;
max-ncache-ttl 600;
It's not at all clear from your description what you're trying to
accomplish. Particularly it's not clear what you seem to be trying to
accomplish with the 2317 delegation for a /24 zone.
Can you describe what you're trying to do, and why? It may be easier to
help you that way. Please use the
Oops mistype
range: 172.16.0.0 > 172.31.255.255
range b10: 2886729728 > 2887778303 range b16: 0xac10 > 0xac1f
hosts: 1048576 prefixlen: 12
mask:255.240.0.0
--
Jason Hellenthal
I
, July 8, 2013 11:21 PM
>Subject: Reverse Lookups with Forwarders
>
>
>
>I have a reverse lookup zone file configuration as follows:
>zone "0/24.110.252.173.in-addr.arpa" {
>type forward; forward only;
>forwarders {10.10.96.1;};
>};
>
>
>When I do dig -x 1
Only thing I see to be missing here is actual Class B address space 172.16/12
but instead you are trying to forward from Class A public address space
assigned to FACEBOOK. I don't quite think you will get that to work... That is
unless you are the Facebook authoritative server...
range:
I have a reverse lookup zone file configuration as follows:
zone "0/24.110.252.173.in-addr.arpa" {
type forward; forward only;
forwarders {10.10.96.1;};
};
When I do dig -x 172.252.110.27, I expect it to forward it to
10.10.96.1, but instead, it uses the default resol
On Jun 3, 2013, at 4:31 PM, John Miller wrote:
> Hi Mike,
>
> To keep my answer simple, if BIND is set up to allow recursion, and gets a
> recursive query for a zone it's not authoritative for, it'll:
>
> 1) Answer from cache
> 2) pass the query off to the co
ke S wrote:
Hello all, I was trying to follow the thread on the NXDOMAIN and got lost. :) I
have a question about using forwarders. If the DNS that is using forwarders
receives a query for a zone it's not authoritative for even if it's in the same
network, does it go to the forwa
Hi Mike,
To keep my answer simple, if BIND is set up to allow recursion, and gets
a recursive query for a zone it's not authoritative for, it'll:
1) Answer from cache
2) pass the query off to the configured forwarders
3) If the forwarders are unavailable, follow delegation itself
r microsoft.com goes
no where near your server and points at Microsoft's DNS servers.
On 3 June 2013 20:36, Ward, Mike S wrote:
> Hello all, I was trying to follow the thread on the NXDOMAIN and got lost. :)
> I have a question about using forwarders. If the DNS that is using forwarders
Hello all, I was trying to follow the thread on the NXDOMAIN and got lost. :) I
have a question about using forwarders. If the DNS that is using forwarders
receives a query for a zone it's not authoritative for even if it's in the same
network, does it go to the forwarders for zone i
ve DNS that are declared as
a forwarder in the named.conf.options settings.
Why do you define such forwarders in named.conf at all?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu c
I have bind set up to forward only.
Is it possible to declare a timeout for recursive queries? I can't seem to
find a setting
I'm trying to protect against slow or unresponsive DNS that are declared as
a forwarder in the named.conf.options settings.
___
I have a question about how smooth round-trip-time (srtt) works. If I
declare 5 separate DNS servers to forward queries to and one of them is
much faster than the other one, naturally the bulk of all queries will go
towards that host because of its low curve, correct?
However, what happens when th
All forwarders in the list will tried at least some. Every time the fastest
forwarder responds the srtt of the remaining forwarders are decayed.
Eventually they will be lower and get tried. If they are slower than the
original fastest their srtt go back up and the original will be used again.
It&#
1 - 100 of 159 matches
Mail list logo
