[prev in list] [next in list] [prev in thread] [next in thread]
List: bind-users
Subject: RE: DNS connection refused : round-robin pools
From: "Darcy Kevin (FCA)" <kevin.darcy () fcagroup ! com>
Date: 2015-08-26 21:43:06
Message-ID: e33f4c8ed6c342d6abfd06f197cd42a2 () mxph4chrw ! fgremc ! it
[Download RAW message or body]
How is DNS organized for the national VPN? Is someone running root nameservers? A \
"private" version of the .cu namespace, that the rest of us can't see, perhaps?
If you're trying to build this from scratch, then you can start by setting up your \
own root zone. But I suspect there's something already available, and you just need \
to ask around and find out how to configure your local nameserver to access the \
national DNS infrastructure.
- Kevin
-----Original Message-----
From: bind-users-bounces@lists.isc.org [mailto:bind-users-bounces@lists.isc.org] On \
Behalf Of Int
Sent: Wednesday, August 26, 2015 5:41 PM
To: bind-users@lists.isc.org
Cc: nrgd@eml.cc
Subject: DNS connection refused : round-robin pools
Importance: High
I do not have access to Internet in my case, only have access to a national VPN, As I \
can disable the zone "."
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
As I can avoid that the DNS try to get connected to consult db.root In order that in \
the DNS you not get lost time trying to access addresses IP unreachable or refused \
for my NET
Regularly I check my Log and I find the following: The DNS trying to access places of \
Internet
I need to publish in my DNS for my very NET'S correct functioning Addresses my \
servers's IP premises in DMZ, And that this out-of-doors only upon command sites .cu, \
Should solve it the server DNS making another servers forward DNS authorized in our \
national VPN
# tail -1000 /var/log/syslog |grep named
Aug 26 21:17:26 ns2 named[1093]: error (connection refused) resolving \
'G.ROOT-SERVERS.NET/AAAA/IN': 192.58.128.30#53 Aug 26 21:17:26 ns2 named[1093]: error \
(connection refused) resolving 'D.ROOT-SERVERS.NET/AAAA/IN': 128.8.10.90#53 Aug 26 \
21:17:26 ns2 named[1093]: error (connection refused) resolving \
'C.ROOT-SERVERS.NET/AAAA/IN': 192.228.79.201#53 Aug 26 21:17:26 ns2 named[1093]: \
error (connection refused) resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 192.228.79.201#53 \
Aug 26 21:17:26 ns2 named[1093]: error (connection refused) resolving \
'E.ROOT-SERVERS.NET/AAAA/IN': 192.112.36.4#53
Tell me if they have any suggestion for my case.
Greetings from Cuba
William
-----------------------------------
I run bind 9.10.2-P3.
I have three classes of forwarders that I'd like to use:
(1) my own, hosted forwarder. fast & private, but not redundant infrastructure
(2) private/encrypted hosted forwarders. slow, private, and redundant \
infrastructure. (3) reliable ISP & public forwarders. fast, redundant, \
privacy-challenged (Google, OpenDNS, AT&T, etc).
Reading the Arm & chatting in #irc IIUC 'forwarders' are NOT queried in order listed, \
and there's no option to set priority, failover, round-robin etc.
I'm requesting such a feature.
For example,
Forwaders would be queried in order of priority, and pools of multiple forwarders \
would be round-robin weighted within a given priority level.
So in conf, we could have
forward only;
forwarders { 11.11.11.11 port 11111 prio 1; 22.22.22.1 port 53 prio 2; \
22.22.22.2 port 53 prio 2; 8.8.8.8 prio 3; 8.8.4.4 prio 3; };
Thanks!
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from \
this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from \
this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from \
this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic