Displaying 20 results from an estimated 5000 matches similar to: "which is the vaild a format?"
2006 Dec 07
1
a few more notes
hi,
while all files is owned by nsd user and nsd run as nsd the nsd.db is
still owned by root user (because the compiler run as root and create
this file as root, ok i know just it'd be better if this file is owned
by nsd too).
another strange thing is that on the slave nsd i've got such messages:
-----------------------------------------
zonec: reading zone "lfarkas.org".
2024 Jul 03
1
NSD incorrectly logging DNAME as refused?
I just noticed this with NSD 4.10.0 (and earlier versions - it's not a
new regression))
I have nsd set to log refused requests to syslog.
After adding a DNAME type into my dns for one sub-zone that is being moved,
I noticed that legitimate requests for hosts under that subdomain are working
as expected, howerver they are being logged as refused.
As a quick replicable test, I just did this
2024 Oct 02
2
SIGSEGV in rbtree_find_less_equal
Hi,
I found a reproducible seg fault with a DNSSEC signed zone and overlapping config. I'm running NSD 4.10.1. Here's how to reproduce.
2 zones in nsd.conf:
zone:
name: "foo.com."
zonefile: "/zones/foo.com.zone.signed"
zone:
name: "bar.foo.com."
zonefile: "/zones/bar.foo.com.zone"
Zone files:
2022 Dec 31
1
rewrite manpages to mdoc(7)
Dear authors of NSD,
currently, the manpages that come with NSD
are written in the traditional man(7) markup language.
I am proposing to rewrite them into the semantic markup
of the mdoc(7) language. I am willing to do the work.
See a version of nsd-checkzone.8 below as an example.
Both the man(7) and mdoc(7) languages have been around for decades,
and are supported by the prevalent formatters:
2024 Oct 08
1
SIGSEGV in rbtree_find_less_equal
Hi Chris,
I'm having trouble trying to reproduce the issue locally.
Like you I configure two zones.
zone:
name: example.com.
zonefile: example.com.zone.signed
zone:
name: bar.example.com.
zonefile: bar.example.com.zone
The file bar.example.com.zone does not exist. After touching and
reloading the signed zone, no segfault occurs. I've tried with and
without the
2024 Oct 08
1
SIGSEGV in rbtree_find_less_equal
Hi Jeroen,
Attached is the zone I used. Did you add the record for a.bar ?
Ex:
a.bar 300 IN NS ns.somewhere.net.
Chris
________________________________
From: Jeroen Koekkoek <jeroen at nlnetlabs.nl>
Sent: Tuesday, October 8, 2024 5:33 AM
To: Chris LaVallee <clavallee at edg.io>; nsd-users at lists.nlnetlabs.nl <nsd-users at lists.nlnetlabs.nl>
Subject: Re:
2024 Oct 09
1
SIGSEGV in rbtree_find_less_equal
Hi Chris,
I can reproduce with your zone. Thanks!
Best,
Jeroen
On Tue, 2024-10-08 at 14:07 +0000, Chris LaVallee wrote:
>
> Hi Jeroen,
>
>
> Attached is the zone I used. Did you add the record for a.bar ?
>
>
> Ex:
>
>
> a.bar ? 300 ? ? IN ?NS ? ? ?ns.somewhere.net.
>
>
> Chris
>
>
>
>
>
>
>
>
>
>
>
2024 Oct 16
1
SIGSEGV in rbtree_find_less_equal
Hi Chris,
I've properly started looking into this yesterday. NSD definitely
shouldn't crash, still working on that.
However, the provided zone is invalid too(?) I'm not the foremost
expert on NSEC3 (or even DNSSEC), but is seems an NSEC3 is missing for
bar.foo.com. Empty non-terminals should still have an NSEC3 RR.
(Of course, the delegation point should be at bar.foo.com. too and
2012 Jul 18
1
allow-notify SUBNET and request-xfr inconsistency
Hi list,
We are observing strange behavior of nsd v3.2.9 acting as slave DNS server.
The environment is set up as follows:
0. We are using 172.16.0.0/16 subnet;
1. Primary Master server at 172.16.100.114;
2. Slave server at 172.16.100.115. The config file is
in /etc/nsd-dns-slave.conf;
3. There may be also other Master servers im the given subnet.
Now I want to permit DNS NOTIFY messages to
2024 Jul 03
3
NSD incorrectly logging DNAME as refused?
B.t.w. I've created a PR for it that resolves it (see
https://github.com/NLnetLabs/nsd/pull/346 ), but we may need to discuss
if and how to resolve it first. First I'd like to know if your
configuration is similar in that the CNAME or DNAME target does contain
an allow-query list.
Op 03-07-2024 om 10:52 schreef Willem Toorop via nsd-users:
> Hi Jamie,
>
> I can reproduce,
2013 Oct 18
1
nsd-4.0.0b5(and rc2) and changing zone from master to slave ?
Hi,
I'm doing some quick tests with nsd-4.0.0b5 and (rc2). And found
something strange when changing (nsd-control reconfig) one
zone from:
zone:
name: 10.in-addr.arpa
zonefile: /zones/empty.zone
to
zone:
name: 10.in-addr.arpa
request-xfr: 192.168.122.12 NOKEY
allow-notify: 192.168.122.12 NOKEY
zonefile: /zones/slave/10.rev
and doing nsd-control reconfig.
After
2004 Sep 17
8
can I write such an action?
hi,
i create rule such action.AllowPostGrey:
-----------------------------------------------
######################################################################################
#TARGET SOURCE DEST PROTO DEST SOURCE
RATE USER/
# PORT PORT(S)
LIMIT GROUP
ACCEPT $A_IP $PORTAL_IP tcp 10023
ACCEPT
2019 Dec 28
2
tinydns to nsd
On Sat, 28 Dec 2019 17:02:09 +0100
richard lucassen via nsd-users <nsd-users at lists.nlnetlabs.nl> wrote:
> The problem is (was) that I used "include:" statements in nsd.conf
> to load zone information. Apparently nsd does not reread the include
> files upon a SIGHUP. I scripted everything into 1 file and a HUP
> rereads the zone info now.
Wrong, I made a mistake it
2013 Nov 19
2
* CNAME loop
Hi,
I'm testing:
$ sudo nsd-control status
version: 4.0.1
verbosity: 2
I found a loop problem with this record:
* IN CNAME none
("none" means no matching record in zone and therefore match * again)
Queries that use "* CNAME" will result in a loop. The response will use TCP
and will be limited to 65k bytes
$ dig @127.0.0.1 sdfgsfg.test.com
;; Truncated,
2023 Dec 05
1
Question on slave
On 04/12/2023 13:47, Jean-Christophe Boggio via nsd-users wrote:
Hi Jean-Christophe,
> When syncing between master and slaves, am I supposed to see new files
> appear in the slave's "zonesdir" directory? Because, as you might
> expect, I see nothing here. Is this behavior normal? From what I
> understand, the slave "caches" the data in /var/lib/nsd/nsd.db
2024 Mar 01
1
RFC8501 IPv6 Wildcard PTR
Per RFC 8501 seciont 2.2
https://datatracker.ietf.org/doc/html/rfc8501
I have attempted to use a wildcard on a /64 boundary within a zonefile
for NSD, but it doesn't not appear to work. PTR lookups fail...
tested with, ie:
$ORIGIN 1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
* PTR my.fqdn.net.
Did not work...
or would you have to use? (not tested)
*.*.*.*.*.*.*.*.*.*.*.* PTR ....
--
2004 Aug 06
9
how to define a dozens of interface as one zone
hi,
we use openvpn as for our vpn endpoints and we''ve got about 70-80 vpn
connections which means we have tun0 - tun80 interface. i''d like to
define one zone for all of our vpn connections how can I do that?
actualy our local zone is 192.168.0.0/17 (not 16) and all of the vpn''s
are in 192.168.128.0/17. our should i define somehow the local zone as
192.168.0.0/16? but in
2004 Oct 18
11
how can i log everything?
hi,
it''d be very useful to add some kind of "log everything" option to
shorewall. currently the logging is useful if you know what you would
like to log. but if you don''t know than it''s a problem...
another problem that currently it''s not possible to log the nat table.
at least i can''t find any way (can''t add logging into masq and
2007 Jun 13
4
network raid file system/server
hi,
we've a few 10-20 server in a lan each has 4-8 hdd. we'd like to create
one big file server on these server hard disks and we'd like to create
it in a redundant way ie:
- if one (or more) of the hdd or server fails the whole filesystem still
usable and consistent.
- any server in this farm can see the same storage/filesystem.
it's someting a big network raid5-6... storage where
2008 Jun 25
2
[Fwd: Re: [CentOS-announce] Release for CentOS-5.2 i386 and x86_64]
may here someone can answer me...
-------- Original Message --------
Subject: Re: [CentOS-announce] Release for CentOS-5.2 i386 and x86_64
Date: Tue, 24 Jun 2008 18:31:20 +0200
From: Farkas Levente <lfarkas at lfarkas.org>
To: The CentOS developers mailing list. <centos-devel at centos.org>
References: <4860E6EB.5000906 at centos.org>
Karanbir Singh wrote:
>
> We are