The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,909 other followers

Archive for the ‘bind-named’ Category

Overriding some DNS entries for internal networks

Posted by jpluimers on 2022/01/27

Based on [Wayback] domain name system – Overriding some DNS entries in BIND for internal networks – Server Fault and some further reading, there seem to be two ways used in these scenarios:

I wonder how that would interact best with Pi-Hole based solutions. Would it be best to have your local network use the Pi-Hole server, then have the Pi-Hole server obtain the DNS information it cannot resolve through one of the above solutions? Or would other solutions work better?

So here are a few links:

Pi-Hole seems not interested in RPZ: [Wayback] Implement Response Zone Policies (NXDOMAIN) for end-user performance increase – Feature Requests / Implemented – Pi-hole Userspace

Pi-Hole default blacklist is mentioned in [Wayback/Archive.is] pi-hole/basic-install.sh at master · pi-hole/pi-hole (look for adlistFile which defaults to [Wayback/Archive.is] StevenBlack/hosts: 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.).

Since I need this for ESXi: [Wayback/Archive.is] Let’s Encrypt SSL for ESXi

–jeroen

Posted in *nix, *nix-tools, bind-named, DNS, Internet, Linux, Power User | Leave a Comment »

Some links on bind rndc

Posted by jpluimers on 2020/03/13

No, this is not a random number generator, according to the documentation, bind rndc is the name server control utility. Again very undescriptive; luckily the full name found elsewhere is Remote Name Daemon Control.

Some links for my archive as often there are no man-pages installed on systems with bind:

–jeroen

Posted in *nix, bind-named, Linux, Power User | Leave a Comment »

Fixing bind named messages like `lame-servers: network unreachable resolving ‘c.gtld-servers.net/AAAA/IN’: 2001:500:127::30#53`

Posted by jpluimers on 2019/11/15

When you see messages like below in your bind named.d logs then you’ve a Jekyll and Hyde network config: part of it says it supports IPv6, but in reality doesn’t as “2001:500:127::30” is the IPv6 of the generic TLD servers.

In my case a brain-dead TP-Link switch.

04-Dec-2016 13:05:48.008 lame-servers: network unreachable resolving 'c.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.008 lame-servers: network unreachable resolving 'd.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.008 lame-servers: network unreachable resolving 'e.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.008 lame-servers: network unreachable resolving 'f.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.008 lame-servers: network unreachable resolving 'g.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.009 lame-servers: network unreachable resolving 'h.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.009 lame-servers: network unreachable resolving 'i.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.009 lame-servers: network unreachable resolving 'j.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.009 lame-servers: network unreachable resolving 'k.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.009 lame-servers: network unreachable resolving 'l.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
04-Dec-2016 13:05:48.009 lame-servers: network unreachable resolving 'm.gtld-servers.net/AAAA/IN': 2001:500:127::30#53
...
04-Dec-2016 13:24:13.500 lame-servers: network unreachable resolving './NS/IN': 2001:500:2f::f#53

A temporary solution is to run bind named.d in -4 mode (see examples for RHEL, CENTOS and OpenSuSE in the links below), but the actual solution is to get IPv6 working properly.

–jeroen

Posted in *nix, bind-named, Linux, Power User | Leave a Comment »

OpenSuSE: the relation between /etc/var/named.d and /var/lib/named

Posted by jpluimers on 2019/10/24

For first time BIND named users on OpenSuSE there is often confusion on the relation between these directories:

  • /etc/named.d/
  • /var/lib/named/

For example here someone else struggled: [WayBackRe: Fwd: Re: [opensuse] Split DNS? Solved

This is how I inferred the workings:

The /etc/named.conf.include is re-generated at named start by running /usr/share/bind/createNamedConfInclude by including files that both match NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named and exist in the /etc/named.d/ directory.

At named startup, it also copies everything from /etc/named.d to /var/lib/named/etc/named.d

For details see

–jeroen

Posted in *nix, *nix-tools, bind-named, Linux, openSuSE, Power User, SuSE Linux | Leave a Comment »

Eigenes DynDNS mit Bind und Apache – CupRacer.de

Posted by jpluimers on 2019/09/16

Dieser Artikel beschreibt, wie man einen eigenen Mechanismus für DNS-Updates als DynDNS-Alternative aufbaut.

Translated:

This article describes how you can create your own mechanism for DNS-updates as alternative for DynDNS.

Interesting read: [WayBackEigenes DynDNS mit Bind und Apache – CupRacer.de

Edit

The above post disappeared, but this one (which adds calling the DynDNS server from a Fritz!Box) is still up: [WayBack] Eigener DynDNS mit Bind, Apache und PHP | onderka.com with an update at [WayBack] Eigener DynDNS mit dnsmasq, Apache und PHP | onderka.com.

Source code for both:

Related and background reading:

–jeroen

Posted in *nix, bind-named, Linux, openSuSE, Power User, SuSE Linux, Tumbleweed | Leave a Comment »

 
%d bloggers like this: