Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog linux powercomputing machine tonight. It worked. And the mail queues began clearing out. Just for an oddball success report. Are others having similar luck? What needs to be done to make this a standard feature set? Is somebody working on an RFC? -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog linux powercomputing machine tonight. It worked. And the mail queues began clearing out. Just for an oddball success report.
oh hell. thanks for the kind words, but we just released rc4.
Are others having similar luck? What needs to be done to make this a standard feature set? Is somebody working on an RFC?
i do not expect the ietf to say that root and tld zones should all be delegation-only. but good luck trying. -- Paul Vixie
On 23 Sep 2003, Paul Vixie wrote:
Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog linux powercomputing machine tonight. It worked. And the mail queues began clearing out. Just for an oddball success report.
oh hell. thanks for the kind words, but we just released rc4.
Now all I need is a patched version of the 9.3 snapshot tree, so I don't need to kill my dnssec stuff :P (And it's time for a non-snapshot bind version with full dnssec capabilities anyway :) Paul
Paul Vixie wrote:
i do not expect the ietf to say that root and tld zones should all be delegation-only. but good luck trying.
It hasn't been that large an issue in the past, and as pointed out by some, the countermeasures are just as harmful. I hope that delegation-only is only a temporary measure in bind. I'm sure some people will keep it running and probably put it on tld's where it'll break valid records. -Jack
I am using bind 9.2.2-p2 on our resolver name servers so far.. And I have no problems to report at this time, it's been running smooth so far; mail queues started clearing out nice and clean. -hc -- Haesu C. TowardEX Technologies, Inc. Consulting, colocation, web hosting, network design and implementation http://www.towardex.com | haesu@towardex.com Cell: (978)394-2867 | Office: (978)263-3399 Ext. 174 Fax: (978)263-0033 | POC: HAESU-ARIN On Tue, Sep 23, 2003 at 02:35:48AM -0400, William Allen Simpson wrote:
Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog linux powercomputing machine tonight. It worked. And the mail queues began clearing out. Just for an oddball success report.
Are others having similar luck? What needs to be done to make this a standard feature set? Is somebody working on an RFC? -- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
On Tue, Sep 23, 2003 at 02:35:48AM -0400, William Allen Simpson wrote:
Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog linux powercomputing machine tonight. It worked. And the mail queues began clearing out. Just for an oddball success report.
We've been using these patches on production servers since they first came out (both the 9.2.2 patches and the 9.2.3rcx versions); no problems reported so far (knock wood). -- "Since when is skepticism un-American? Dissent's not treason but they talk like it's the same..." (Sleater-Kinney - "Combat Rock")
William Allen Simpson <wsimpson@greendragon.com> writes:
Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog linux powercomputing machine tonight. It worked.
It breaks a few things we care about--for example, www.ithaca.ny.us is a naked CNAME in the the us root: dsr_lnxcu9% dig @b.gtld.biz www.ithaca.ny.us ; <<>> DiG 9.2.1 <<>> @b.gtld.biz www.ithaca.ny.us ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38161 ;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13 ;; QUESTION SECTION: ;www.ithaca.ny.us. IN A ;; ANSWER SECTION: www.ithaca.ny.us. 900 IN CNAME fallcrk.tc.cornell.edu. ;; AUTHORITY SECTION: . 433340 IN NS J.ROOT-SERVERS.NET. . 433340 IN NS K.ROOT-SERVERS.NET. . 433340 IN NS L.ROOT-SERVERS.NET. . 433340 IN NS M.ROOT-SERVERS.NET. [...] which is, IMO, more than a bit crazed, particularly considering that ci.ithaca.ny.us is delegated, but there it is. -dan
On Tue, 2003-09-23 at 01:35, William Allen Simpson wrote:
Thought I'd mention that I helped setup BIND 9.2.3rc3 on a yellowdog linux powercomputing machine tonight. It worked. And the mail queues began clearing out. Just for an oddball success report.
I upgrade our DNS server the week-end but only to bind 9.2.2-P2. (And I see there's a new release already. Sigh...) It's helped clear out a bunch of mail queues. I'm new to the list, but I do want to echo the thanks to Paul Vixie and the ISC for their prompt work. Thanks You very much! -- Stephen L Johnson stephen.johnson@mail.state.ar.us Unix Systems Administrator sjohnson@monsters.org Department of Information Systems State of Arkansas 501-682-4339
participants (8)
-
Dan Riley
-
Haesu
-
Jack Bates
-
Paul Vixie
-
Paul Wouters
-
Stephen L Johnson
-
William Allen Simpson
-
william+nanog@hq.dreamhost.com