Displaying 20 results from an estimated 47 matches for "zonefiles".
2022 Dec 31
1
rewrite manpages to mdoc(7)
...ol 8
command write does.
.It Fl i Ar oldfile
Create an IXFR from the differences between the old zone file
and the new zone file.
The
.Ar oldfile
argument to the
.Fl i
option is the old zonefile, the
.Ar zonefile
argument passed to
.Nm
is the new zonefile.
The difference is computed between the two zonefiles
by keeping one version of the zone in memory,
and another version in a temporary file.
The temporary file is located in the zonefile directory.
This is also where the result is written
in a file with the zonefile name, ending with
.Sq .ixfr .
This is also where NSD reads it when IXFRs are configure...
2001 Jul 27
0
(fwd) Re: rsync and named-xfer
...URATION
-------------------------
1. install rsync and add something like the following to /etc/inetd.conf
to run it as a daemon:
rsync stream tcp nowait root /usr/sbin/tcpd /usr/bin/rsync --daemon
2. edit /etc/rsyncd.conf like so:
---cut here---
syslog facility = daemon
[zonefile]
comment = zonefiles for rsync transfer
path = /var/cache/bind/rsync
read only = yes
# see rsyncd.conf(5) for details on hosts allow specification
hosts allow = a.a.a.a b.b.b.b c.c.c.c ...etc...
---cut here---
/var/cache/bind/rsync is the directory containing the rsyncable zone
file(s). this should be a ded...
2017 Feb 01
4
Script not running correctly as cronjob
...R="/etc/named/KSK"
ZSKDIR="/etc/named/ZSK"
ZONEDIR="/var/named/chroot/var/named"
LOG="/var/named/chroot/var/log/dnssec_resign.log"
MAILREC="monitor at xx"
#delete old signed files
rm -rf $ZONEDIR/*.signed
#delete the old log
rm -rf $LOG
#read the zonefiles
ZONEFILES=$(ls -p $ZONEDIR | grep -v '/$' | grep -v 'dsset*')
for FILES in $ZONEFILES; do
#remove the .zone at the end
ZONE=$(echo "${FILES%.*}")
#remove the old signed zone
rm -rf $ZONEDIR/$ZONE.signed
#Sign the zone
cd $ZONEDIR
dnssec-signz...
2006 Dec 10
5
which is the vaild a format?
hi,
after i test nsd i find the following. if i use this in a zone file:
$ORIGIN example.com.
CNAME www
www CNAME x
x A 1.2.3.4
then it's excepted by nsd what's more give the proper result. if the
slave is nsd than there is no problem, while if the slave is bind i've
got the following error:
2006 Dec 07
1
a few more notes
hi,
while all files is owned by nsd user and nsd run as nsd the nsd.db is
still owned by root user (because the compiler run as root and create
this file as root, ok i know just it'd be better if this file is owned
by nsd too).
another strange thing is that on the slave nsd i've got such messages:
-----------------------------------------
zonec: reading zone "lfarkas.org".
2017 Feb 01
1
Script not running correctly as cronjob
...K"
> ZONEDIR="/var/named/chroot/var/named"
> LOG="/var/named/chroot/var/log/dnssec_resign.log"
> MAILREC="monitor at xx"
>
> #delete old signed files
> rm -rf $ZONEDIR/*.signed
>
> #delete the old log
> rm -rf $LOG
>
> #read the zonefiles
> ZONEFILES=$(ls -p $ZONEDIR | grep -v '/$' | grep -v 'dsset*')
>
> for FILES in $ZONEFILES; do
> #remove the .zone at the end
> ZONE=$(echo "${FILES%.*}")
Why not just: ZONE=${FILES%.*}
> #remove the old signed zone
> rm -rf $ZONEDIR/$Z...
2019 Dec 28
2
tinydns to nsd
...log-time-ascii: yes
round-robin: yes
verbosity: 0
ip-address: "127.0.0.53"
rrl-size: 1000000
rrl-ratelimit: 200
rrl-slip: 2
rrl-ipv4-prefix-length: 24
rrl-ipv6-prefix-length: 64
rrl-whitelist-ratelimit: 2000
zonefiles-check: yes
zonefiles-write: 3600
remote-control:
control-enable: yes
control-port: 8952
server-key-file: "/etc/nsd/nsd_server.key"
server-cert-file: "/etc/nsd/nsd_server.pem"
control-key-file: "/etc/nsd/nsd_control.key"...
2013 Oct 18
1
nsd-4.0.0b5(and rc2) and changing zone from master to slave ?
Hi,
I'm doing some quick tests with nsd-4.0.0b5 and (rc2). And found
something strange when changing (nsd-control reconfig) one
zone from:
zone:
name: 10.in-addr.arpa
zonefile: /zones/empty.zone
to
zone:
name: 10.in-addr.arpa
request-xfr: 192.168.122.12 NOKEY
allow-notify: 192.168.122.12 NOKEY
zonefile: /zones/slave/10.rev
and doing nsd-control reconfig.
After
2012 Jul 18
1
allow-notify SUBNET and request-xfr inconsistency
Hi list,
We are observing strange behavior of nsd v3.2.9 acting as slave DNS server.
The environment is set up as follows:
0. We are using 172.16.0.0/16 subnet;
1. Primary Master server at 172.16.100.114;
2. Slave server at 172.16.100.115. The config file is
in /etc/nsd-dns-slave.conf;
3. There may be also other Master servers im the given subnet.
Now I want to permit DNS NOTIFY messages to
2017 Feb 01
0
Script not running correctly as cronjob
...K"
> ZONEDIR="/var/named/chroot/var/named"
> LOG="/var/named/chroot/var/log/dnssec_resign.log"
> MAILREC="monitor at xx"
>
> #delete old signed files
> rm -rf $ZONEDIR/*.signed
>
> #delete the old log
> rm -rf $LOG
>
> #read the zonefiles
> ZONEFILES=$(ls -p $ZONEDIR | grep -v '/$' | grep -v 'dsset*')
>
> for FILES in $ZONEFILES; do
> #remove the .zone at the end
> ZONE=$(echo "${FILES%.*}")
Why not just: ZONE=${FILES%.*}
> #remove the old signed zone
> rm -rf $ZONEDIR/$Z...
2006 Mar 24
3
Triggering on close of a written file.
...sename(copyinstr(self-
>file)),arg1); */
}
syscall::write:entry
/arg0==self->hostsfd/
{
/* trace("Write hosts"); */
self->hostswritten=1;
}
syscall::close:entry
/arg0==self->hostsfd && self->hostswritten==1/
{
system("/usr/local/bin/regen-zonefiles");
self->hostsfd=-1 ;
}
Is there an easier/better way to do this, I think this script fails
to detect a failed write, what is the best way to do that...
Paul
2023 Mar 20
1
NSD zone file GENERATE directive
BIND has a handy feature $GENERATE directive in zone files that allows
you to handle large ranges of things like PTR/A records without having
to actually create long lists in very large zonefiles.
This was handy for things like IPv4/v6 PTR's and matching A/AAAA records
for large dynamic hosts, etc.
Does NSD support any type of range generation such at this?
--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP: https://pgp.inoc.net/rblayzor/
2023 Sep 08
1
Adding PTR records
What is the right way to add PTR records to zonefile?
I have the following config. Is it syntactically correct?
humaaraartha.in.? ? ? ?A? ? ? ? ?182.59.136.243
243.136.59.182.in-addr.arpa.? ? ? PTR? ? ? ?humaaraartha.in.?
When I dig the latter @localhost, I'm unable to get humaaraartha.in.?
Thanking you
Sagar Acharya
https://humaaraartha.in
P.S. Kindly cc me, I'm not subscribed to the
2023 Dec 05
1
Question on slave
Hi Jean-Christophe,
Anand's answer is entirely correct.
Once 4.8.0 is released, zone files will be written once per hour by
default.
Best regards,
Jeroen
On Tue, 2023-12-05 at 10:48 +0100, Anand Buddhdev via nsd-users wrote:
> On 04/12/2023 13:47, Jean-Christophe Boggio via nsd-users wrote:
>
> Hi Jean-Christophe,
>
> > When syncing between master and slaves, am I
2023 Dec 07
2
Question on slave
...abase will always be created, or NEVER be created?
I always wondered why I had both the .db and the zone files. After
reading this first response, I was thinking I could cancel the zone
files from being produced.
But now, reading your reply, it appears that the nsd.db is being
deprecated, and the zonefiles will be the only option. Is this correct?
Cheers, Jamie
2023 Dec 11
1
Question about "store-ixfr"
Hi NSD developers,
I have been experimenting with the "store-ixfr" feature in NSD. I have a
configuration with:
server:
zonefiles-write: 0
pattern:
store-ixfr: yes
With this configuration, NSD transfers zones from a primary, and keeps
them in RAM. When the zones are updated, it receives and stores the IXFR
in RAM too. I can query NSD with the IXFR qtype, and it replies with the
appropriate difference records. Neither...
2024 Mar 01
1
RFC8501 IPv6 Wildcard PTR
Per RFC 8501 seciont 2.2
https://datatracker.ietf.org/doc/html/rfc8501
I have attempted to use a wildcard on a /64 boundary within a zonefile
for NSD, but it doesn't not appear to work. PTR lookups fail...
tested with, ie:
$ORIGIN 1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
* PTR my.fqdn.net.
Did not work...
or would you have to use? (not tested)
*.*.*.*.*.*.*.*.*.*.*.* PTR ....
--
2005 Jul 14
1
Any way to authenticate SIP peers using SRV?
A group which my school is part of wants to start using DNS SRV records
to allow "email-style" dialing amongst members of the group.
I have gotten the records in our zonefiles, and things work pretty much
just fine.
However, since the DNS server can only specify a host and port, there
doesn't seem to be any way to authenticate the user coming in.
Is that the case? Is there a fix?
Thanks in advance for anyone who might be able to shed some light. I've
been...
2023 Dec 05
1
Question on slave
On 04/12/2023 13:47, Jean-Christophe Boggio via nsd-users wrote:
Hi Jean-Christophe,
> When syncing between master and slaves, am I supposed to see new files
> appear in the slave's "zonesdir" directory? Because, as you might
> expect, I see nothing here. Is this behavior normal? From what I
> understand, the slave "caches" the data in /var/lib/nsd/nsd.db
2024 Jan 12
1
error: cannot write zone : Permission denied
Hello,
NSD 4.8.0 running on FreeBSD 13.2-RELEASE-p9 and serving both plain
and DNSSEC signed zones.
I noticed Permission denied errors in the logs for all domains listed
in nsd.conf:
[2024-01-12 12:20:05.710] nsd[8655]: info: writing zone
domain-plain.org to file domain-plain.org
[2024-01-12 12:20:05.710] nsd[8655]: error: cannot write zone
domain-plain.org file domain-plain.org~: Permission