Dans la série « on découvre toujours des choses sur le #DNS » : on ne peut pas utiliser "type stub" dans #BIND si les serveurs de noms sont dans la zone servie (stub ne charge que les noms, et ne peut ensuite pas les résoudre).

For those that run a homelab with DNS and DHCP, are you using IPv6? I'm running BIND and debating if I need to configure IPv6 just to future-proof myself. I'm not seeing any issues, at least any that I notice.

Also, I know little about IPv6, so I admit I need to do some learning.

Any idea why I'm getting so many SERVFAIL with Bind 9.18.33?

I have to restart bind to make it works again

Did you know ISC had a #DNS Hackathon recently? It was hosted by #RIPE_NCC , #dnsoarc , and #Netnod in Stockholm on March 14-15. We proposed a project, the DNS Zone Viewer, to integrate another DNS implementation (besides #BIND 9) with Stork, our graphical management interface.

Read more about it at https://www.isc.org/blogs/2025-dns-hackathon/ !

Is that a yack? The Lama scene: https://www.aurianneor.org/is-that-a-yack-the-lama-scene/

#académique #anglais #apprendreunelangue #aurianneor #L'aviateur #bind #communication #conservation #évolution #exclusion #inclusion #lama #langue #langueétrangère #languevivante #orthographe #règles #scene #TheAviator #yack #yak

#AI system predicts #protein fragments that can #bind to or #inhibit a target.

#computational_biology #FtsZ #FragFold

https://phys.org/news/2025-02-ai-protein-fragments-inhibit.html

I wrote a new blog post about DNS (part 1)!

Learn how DNS works in more depth and I even provide you will some useful terminal commands you can try yourself:

https://blog.melroy.org/2025/dns-part-1/

#dns #security #linux #unbound #bind #linux #recursive authoritative# server #nsd #dig #zone #domain #name #system

I started a discussion with fellow #sysadmin about updating #BIND / #named config to migrate from the overly permissive allow-update {…} stanzas to the more restricted update-policy {…} stanzas using targeted grant statements.

The idea being to allow the #acme client to only be able to update (add / delete) _acme-challenge TXT instead of any record in the zone.

Old:

allow-update {
TSIG_KEY_NAME;
};

New:

update-policy {
grant TSIG_KEY_NAME name _acme-challenge.example.net TXT;
};

ETA: Okay the below is fixed, but why would db.root not update when everything else does?

(it's on Debian)

-----

okay this is weird

the root hints file I have diffs identically to the one I just pulled down from the internic as a sanity check (other than the last updated date which is also weird)

but I'm getting this regardless:

named[1252171]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints
named[1252171]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints

(and similar for the IP6, elided for space)

why

You can simultaneously query multiple domain name records using the dig command in Linux as follows:

dig OPTIONS @server -f BATCH_FILE

Example:
dig +nocmd +noquestion +nostats +nocomments @8.8.8.8 -f mydomains.txt
@8.8.8.8 -f mydomains.txt

cat mydomains.txt
example.com A
example.net MX
example.org NS

TIP: dig is part of the dns/bind utilities package depending on your distribution

Fixed mounting my #bind mount of a #ZFS volume in /etc/fstab on boot. According to "man systemd.mount" adding the "nofail" mount option to my bind mount was the correct way to break the default dependency of the ZFS mount service on things in /etc/fstab (via local-fs.target). Then I could use a "x-systemd.requires=zfs.target" mount option to my bind mount to have it wait for the ZFS mounts first, without creating a circular dependency. Yaiy! Pretty powerful dep. handling, #systemd backed mounts.

#bind : to tie, or confine with a cord, band, ligature, chain, etc.

- French: oblige

- German: binden

- Portuguese: ligar

- Spanish: ata

------------

Join our new subreddit for language learners @ https://reddit.com/r/LearnANewLanguage

The Q226L #mutation can convert a highly pathogenic #H5 2.3.4.4e virus to #bind #human-type #receptors, https://etidiohnew.blogspot.com/2025/01/the-q226l-mutation-can-convert-highly.html

Oh my goodness, how did I miss that in ES7 you can use a closure as a method. Goodbye `bind()`, you will not be missed :)

e.g.,

```js
class A {
b = () => console.log(this)
}

const a = new A()
a.b() // A { b: [Function: b] }

const c = a.b
c() // A { b: [Function:b] }
```

Nice! :)

**Edit**: Be careful with this. See this note by @marsup: https://mastodon.social/@marsup/113799934325782596

My dear sysadmin Federati with home labs and internal networks!

Our internal network has grown and now we want internal DNS resolution for local network stuff. It's a combo of bare metal and docker services, mostly from one host but not limited to it.

I really, really don't want to touch BIND again so I'm in a bind (badum-tss) and looking for suggestions. Any Linux based / containerised options for DNS on LAN?

Suggestions and boosts welcome!

RHEL 9.5 released by Red Hat
https://www.linux-magazine.com/Online/News/Red-Hat-Enterprise-Linux-9.5-Released
#RHEL #EnterpriseLinux #Cockpit #BIND #Linux

Finally got around to setup a #FreeBSD server. There was a huge need for more beastie fun
Currently serves #DNS in a #Jail via #Bind
Another #Jail is on the way for some internal hosting via #Nginx

Currently looking for some more ideas on how to leverage the system some more.

What do you guys run on your #BSD servers?

(Most of my services are currently containerized on a #Docker #Linux server)

Asi staré téma, ale ten #progresivismus a společenská #ultrakorektnost mě s3r3.

Aktualizoval jsem #Bind a musím přepisovat konfigurační soubory, protože si někdo řekl, že slovo !master! je špatný. Místo něj se smí používat !primary!.

Jsou služby u kterých to muže ohrožovat bezpečnost. #DNS je jedna z nich.

@jpmens @iscdotorg #bind user?