Re: [Pdns-users] qtype argument to pipe backend is always set to 'ANY' (continued)

2010-02-04 Thread Duane at e164 dot org
Sudarshan Raghavan wrote: > I have tried this on both 2.9.21 and 2.9.22 versions. Should I compile > any extra module to get this working? Won't help, this is the intended behaviour, I hit the same "feature" some time back. -- Best regards, Duane http://www.freeauth

Re: [Pdns-users] [Pdns-announce] Some comic relief - freeware is not malware, but it is close according to Nominum

2009-09-24 Thread Duane at e164 dot org
munity fuming. Especially when you consider that Nominum was one of the companies affected by the DNS cache poisoning problem of last year, something PowerDNS, MaraDNS and DJBDNS (all open source) weren't vulnerable to." -- Best regards, Duane http://www.freeauth.org - Enterprise Two

Re: [Pdns-users] PowerDNS & DNSSEC!

2009-07-15 Thread Duane at e164 dot org
Stephane Bortzmeyer wrote: > On Wed, Jul 15, 2009 at 02:59:58AM +1000, > Duane at e164 dot org wrote > a message of 62 lines which said: > >> On the other hand do you know of any "exciting" development with DNScurve? > > What's the relationship? DNSSEC

Re: [Pdns-users] PowerDNS & DNSSEC!

2009-07-14 Thread Duane at e164 dot org
with DNScurve? -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Global Communication for the 21st Century "In the long

Re: [Pdns-users] Multiple IP?

2009-07-11 Thread Duane at e164 dot org
a packet was sent to when binding to any."" > > Ok, so it seems an unix-related problem. That isn't right, you have to bind a listener to each interface and then use that specific instance to reply to incoming queries. -- Best regards, Duane http://www.freeauth.org - E

Re: [Pdns-users] Ranges in names (NAPTRs)

2009-05-16 Thread Duane at e164 dot org
sense to expand things on the fly if you want quick look ups etc. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Global C

Re: [Pdns-users] Limit on Zone Transfer Size ?

2008-12-17 Thread Duane at e164 dot org
DORDAL wrote: > Should I be worried? We used to use PDNS to do 10+ M zone transfers... -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Free

Re: [Pdns-users] Exception: unknown escape sequence on NAPTR regex

2008-08-04 Thread Duane
> deal more sense. Without more details I'm only speculating but I'm pretty sure you haven't considered alternative options. -- Best regards, Duane signature.asc Description: OpenPGP digital signature ___ Pdns-users mailing li

Re: [Pdns-users] Exception: unknown escape sequence on NAPTR regex

2008-08-04 Thread Duane
#x27; since the backslashes are not > passed correctly. I've never had a problem with \+ in PDNS... As for the subranges that's what DNAME is for... -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, netwo

Re: [Pdns-users] Exception: unknown escape sequence on NAPTR regex

2008-08-04 Thread Duane
he backend is entirely impractical since we'd > potentially have to insert hundreds of thousands of records to match a > single pattern with a backref, depending on the numbering scheme. I'm assuming you are talking about consecutive numbering, in which case you just use a wildcard.

Re: [Pdns-users] Exception: unknown escape sequence on NAPTR regex

2008-08-04 Thread Duane
Peter Fern wrote: > Duane wrote: >> It's pointless trying to expand regular expressions from within the DNS >> server, either it will increase load unnecessarily or the regular >> expressions were designed to be expanded by a client requesting the >> information. &

Re: [Pdns-users] Exception: unknown escape sequence on NAPTR regex

2008-08-04 Thread Duane
Peter Fern wrote: > Duane wrote: >> Peter Fern wrote: >> >>> Can anyone point me to roughly where I should be looking in the codebase >>> to patch this out? I imagine somewhere in this new universal parser? I >>> assume it will only be a couple of li

Re: [Pdns-users] Exception: unknown escape sequence on NAPTR regex

2008-08-04 Thread Duane
rips with another codebase > completely - any pointers in the right direction would be a great help. The server doesn't, the client does. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http

Re: [Pdns-users] No More Ads!

2008-06-25 Thread Duane
> > So from now on you don't have to see those annoying ads anymore! > > http://www.fredan.org/nomoreads_pdns-recursor.tar > > Please see the included readme file for instuction of how to do this. squid+adzap+iptables ;) -- Best regards, Duane http://www.freeauth.org

Re: [Pdns-users] Rough internet draft

2008-06-13 Thread Duane
d your point of view, however it still fails in terms of efficiency, and all name servers would receive copies of the query, this is something that I've attempted to protect against since the information in the query can be as important as the returned data. -- Best regards, Duane htt

Re: [Pdns-users] Rough internet draft

2008-06-13 Thread Duane
l to solve using custom code which we already publish for things like FreePBX. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e

Re: [Pdns-users] Rough internet draft

2008-06-13 Thread Duane
Duane wrote: > Ardo van Rangelrooij wrote: >> Did you consider using IPsec? Seems to be fitting the bill perfectly... > > The amount of packets would be excessive in comparison, the ID I'm > putting together in some cases wouldn't have any more packets than a > reg

Re: [Pdns-users] Rough internet draft

2008-06-13 Thread Duane
Ardo van Rangelrooij wrote: > Did you consider using IPsec? Seems to be fitting the bill perfectly... The amount of packets would be excessive in comparison, the ID I'm putting together in some cases wouldn't have any more packets than a regular DNS query. -- Best regards,

[Pdns-users] Rough internet draft

2008-06-13 Thread Duane
uch nothing but silence, even from the likes of BIND authors and other DNSd coders. http://www.e164.org/docs/draft-groth-dns-encryption-00.odt I sort of have this fleshed out a little more, but informally on the e164.org wiki: http://www.e164.org/wiki/DNS_Encryption -- Best regard

Re: [Pdns-users] Nameservers are same domain as a domain that uses them - subdomains don't work!

2008-04-28 Thread Duane
IN SOA ns1.mysportsite.com. support.mysportsite.com. 0 10800 3600 604800 3600 ;; Received 86 bytes from 67.222.128.43#53(ns2.mysportsite.com) in 220 ms # dig +short blog.mysportsite.com @ns1.mysportsite.com # dig +short blog.mysportsite.com @ns2.mysportsite.com # -- Best re

Re: [Pdns-users] Nameservers are same domain as a domain that uses them - subdomains don't work!

2008-04-28 Thread Duane
ecords: www.mysportsite.com.120 IN A 67.222.128.44 Absolute minimum TTL recommended is at least 180 seconds. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywirele

Re: [Pdns-users] Nameservers are same domain as a domain that uses them - subdomains don't work!

2008-04-28 Thread Duane
com. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Global Communication for the 21st Century "In the long run the p

Re: [Pdns-users] TinyDNS backend for PowerDNS

2008-03-17 Thread Duane
at on small zones using AXFR's, on much larger zones things fall down pretty quickly. The jist of this post is, if you can't easily run MySQL/LDAP replication then PowerDNS isn't the best option that I would recommend. -- Best regards, Duane http://www.freeauth.org - Enterpris

Re: [Pdns-users] TinyDNS backend for PowerDNS

2008-03-15 Thread Duane
bert hubert wrote: > On Sun, Mar 16, 2008 at 12:52:21AM +1100, Duane wrote: >>> I'm unhappy it doesn't match your needs though, but perhaps you want >>> something else. Basically you get a lot of ANY queries, instead of queries >>> for the exact type request

Re: [Pdns-users] TinyDNS backend for PowerDNS

2008-03-15 Thread Duane
bert hubert wrote: > Duane - I suggest you ponder it all a bit. We thought long and hard about > how to separate the backend from the frontend, and this really is the only > way to do it. All problems have multiple solutions, if this works best for you and most of your users tha

Re: [Pdns-users] TinyDNS backend for PowerDNS

2008-03-15 Thread Duane
tween dumbing things down and making a dumb interface, knowing the dns type requested doesn't mean you have to know DNS logic to the nth degree. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network loc

Re: [Pdns-users] TinyDNS backend for PowerDNS

2008-03-15 Thread Duane
uitable for the criteria, PDNS was mostly ok, but in the end I was forced to roll my own out of frustration because most free DNS daemons don't handle large zone files in an efficient manner, or they leave the handling up to a backend like LDAP or a SQL server. -- Best regar

Re: [Pdns-users] TinyDNS backend for PowerDNS

2008-03-15 Thread Duane
kend was different then when asked by the user. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa is a tax on VoIP

Re: [Pdns-users] Status of poweradmin?

2008-02-04 Thread Duane
ss, but the shortened IPs is the only corner case I can think of that might cause issues. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom htt

Re: [Pdns-users] [Fwd: Re: PowerDNS admin frontend]

2008-01-22 Thread Duane
if > one ever needs to add a DNS record 'on the fly' via his mobile phone ;) I can see the latter as a possibility, maybe not adding, but perhaps you administer a cluster of web servers and one dies and you use a simple DNS round-robin scheme, so you just take the dead one

Re: [Pdns-users] [Fwd: Re: PowerDNS admin frontend]

2008-01-22 Thread Duane
Rudolph Bott wrote: > requested features even partially exclude each other (e.g. "AJAX" and > "Must allow working with lynx/w3m on text consoles). Besides that it's a These aren't as mutually exclusive as you may think, you can use the tags for browsers with no JS support, or JS disabled, and us

Re: [Pdns-users] Problems using PipeBackend, always getting ANY requests...

2007-12-20 Thread Duane
and I'm hitting the same bug you found, I'm trying to debug it at present. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e

Re: [Pdns-users] Frontend for PowerDNS ?!

2007-12-20 Thread Duane
ne version and not the new version. It was a very long time ago so details are a bit hazy. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom htt

Re: [Pdns-users] Frontend for PowerDNS ?!

2007-12-20 Thread Duane
enes to something PDNS can deal with at this point in time. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa

Re: [Pdns-users] Frontend for PowerDNS ?!

2007-12-20 Thread Duane
ems with zone transfers. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa is a tax on VoIP "I

Re: [Pdns-users] Frontend for PowerDNS ?!

2007-12-20 Thread Duane
mpted input, rather then expect the user to know it. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa is a

Re: [Pdns-users] This can't be right - DNS Load Test Results

2007-11-30 Thread Duane
e initial results and would appreciate any input from the > PDNS community for configuration. Oh and tinydns won't perform any/much better with a ram drive etc because it compresses the data file/memory to use less resources it will eat up all the CPU it can instead. -- Best regar

Re: [Pdns-users] This can't be right - DNS Load Test Results

2007-11-30 Thread Duane
o reduce reloads on zone files that change often, no idea. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa

Re: [Pdns-users] problem with naptr answer

2007-11-30 Thread Duane
+short 200 10 "u" "E2U+SIP" "!^\\+1800(.*)$!sip:[EMAIL PROTECTED]" . 200 10 "u" "E2U+SIP" "!^\\+1800(.*)$!sip:[EMAIL PROTECTED]" . -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication ht

Re: [Pdns-users] PowerDNS MySQL API in Perl by a PowerDNS user

2007-11-16 Thread Duane
from the powerdns.com site. Also the other thing I forgot to write down was viewing all records for a domain, you could do a view, stored proc or just a simple join. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally,

Re: [Pdns-users] PowerDNS MySQL API in Perl by a PowerDNS user

2007-11-14 Thread Duane
mean to disuade the person that has coded this, but imho isn't the best way to go when dealing with MySQL specifically. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com

Re: [Pdns-users] OpenDBX vs Generic-Mysql/Pgsql backends

2007-11-12 Thread Duane
r bugs to creep in, and an extra point of failure. I've seen the point of failure happen with some versions of ODBC. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneyw

Re: [Pdns-users] pdns-recursor peering

2007-10-12 Thread Duane
uthority part of memcache, not the recursor and it should work perfectly well for the task of a cluster of systems. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecomm

Re: [Pdns-users] pdns-recursor peering

2007-10-11 Thread Duane
gs/parents in DNS? It seems to work well as far as I've seen. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e

[Pdns-users] bind backend bug

2007-10-11 Thread Duane
If the file doesn't exist, or corrupted or something, the backend looses the plot a little bit and won't bother trying later even if the file is fully there/no longer corrupt if pdns_control reload is called. The only fix is to stop and restart pdns. -- Best regards, D

Re: [Pdns-users] Debian Packages on powerdns.com

2007-09-25 Thread Duane
bert hubert wrote: > On Tue, Sep 25, 2007 at 10:42:38PM +1000, Duane wrote: >> By default these packages run as root, where as the debian packages drop >> privileges by default. > > That is correct. We don't want to create new users. Any particular reason why not to c

[Pdns-users] Debian Packages on powerdns.com

2007-09-25 Thread Duane
By default these packages run as root, where as the debian packages drop privileges by default. -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications

Re: [Pdns-users] PDNS 2.9.21 using LOTS of virtual memory...

2007-09-24 Thread Duane
James Cloos wrote: >>>>>> "Duane" == Duane <[EMAIL PROTECTED]> writes: > >>> (I never did get NAPTR to work.) > > Duane> For what it's worth we're running PDNS with a lot of NAPTR records > Duane> (and not just SIP et

Re: [Pdns-users] Book ideas

2007-09-22 Thread Duane
some of the root name servers (H, K and L) these are anycast servers and all the servers for that root run the same software afaik. All other root servers run BIND. http://en.wikipedia.org/wiki/Root_nameserver So I think it is very much used ;) -- Best regards, Duane http://www.freeau

Re: [Pdns-users] PDNS 2.9.21 using LOTS of virtual memory...

2007-09-22 Thread Duane
er did get NAPTR to work.) > > (gpgsql backend; debian box; deb's debs.) For what it's worth we're running PDNS with a lot of NAPTR records (and not just SIP et al). -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.node

Re: [Pdns-users] Re: "Parsing record content: Data field in DNS should start with quote" on TXT/SPF records

2007-09-20 Thread Duane
l this support for bare vs. quoted TXT records? Is it > supposed to be automatic? It's not just the TXT records I upgraded recently to the deb packages on powerdns.com and it kept breaking on NAPTR records as well in the end I gave up and fixed rsync properly so I don't have a problem an

Re: [Pdns-users] dynamic load balacing

2007-05-21 Thread Duane
fatih cerit wrote: 3- if your clients registering sip.example.com at 172.16.0.1 and server down then your clients going to register sip.example.com at 172.16.30.40 if you have a failover rotation rule at DNS level. But if you have a dynamic fail over rule you can say some clients register sip.

Re: [Pdns-users] dynamic load balacing

2007-05-21 Thread Duane
fatih cerit wrote: Hi Is it possible to query requesting client's ip address in backend query like %s ??? I am looking for dynamic load balancing of my clients on sip network but first I must authenticate them. If I get the requesting client ip address/natted ip address in the backend querie

Re: [Pdns-users] split dns possible

2007-04-22 Thread Duane
special case a > few records, you can either use the 'geo backend', which does complete > global distributing of answers based on a map of IP addresses. Ummm correct me if I'm wrong, but couldn't this person pre-load the cache with local info, and have pdns distribute n

Re: [Pdns-users] Re: SPF records

2007-04-19 Thread Duane
ed, type 99. As to how you > insert that in PowerDNS, I don't know. In the real world how much software uses type 99 though? -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywire

Re: Fw: [Pdns-users] Re: How Do SPF records work in PDNS? ( begionner)

2006-11-19 Thread Duane
Richard Vernooij wrote: > Received: from dedicated ([127.0.0.1]) by dedicated.domain.com with > Reporting-MTA: dns;[EMAIL PROTECTED] > Received-From-MTA: dns;dedicated The problem seems like it's MTA related... -- Best regards, Duane http://www.cacert.org - Free Security Cer