FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian ISP

 
 
LinkBack Thread Tools
 
Old 05-02-2011, 10:09 PM
Michelle Konzack
 
Default How to setup TSIG (bind9) to work from a dynamic IP?

Hello *,

I had to change my setup and now my "master" DNS is at home and behind a
dynamic IP. I have setup TSIG, but it requires a fixed IP, which I "not
have".

OK, now I have following Servers

<dns.private.tamay-dogan.net> master # @office

<dns1.tamay-dogan.net> master # @ ISP 1 gemany
<dns2.tamay-dogan.net> slave # @ ISP 2 uk
<dns3.tamay-dogan.net> slave # @ ISP 3 germany

My NS @office should update <dns1> which then automaticaly send
notifications to <dns2> and <dns3>.

So, can someone tell men please, how to setup TSIG to let the <dns> work
with <dns1>.

Note: I do not know what happen to <lists.isc.org>, because I am
subscribed to <bind-users> since many years and have already
written there, but since some weeks I can not more send any
messages to them. Exactly, I see from the courier log, that it
accept my messages, but they never appear on the lists nor
<listmaster>, <postmaster> or <owner> resond.

It seems, ANY messages from my domains are eaten by the ISC mail
system which sounds like a misconfiguration.

If someone can contact them, please do it on my behalf.

I am SUBSCRIBED to <bind-users> and GET messages every day.

Thanks, Greetings and nice Day/Evening
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux

itsystems@tdnet France EURL itsystems@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel mobil: +33-6-61925193 Tel mobil: +49-177-9351947
Tel office: +49-176-86004575

<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>

Jabber linux4michelle@jabber.ccc.de

Linux-User #280138 with the Linux Counter, http://counter.li.org/
 
Old 05-02-2011, 10:46 PM
Michelle Konzack
 
Default How to setup TSIG (bind9) to work from a dynamic IP?

Hello *,

I had to change my setup and now my "master" DNS is at home and behind a
dynamic IP. I have setup TSIG, but it requires a fixed IP, which I "not
have".

OK, now I have following Servers

<dns.private.tamay-dogan.net> master # @office

<dns1.tamay-dogan.net> master # @ ISP 1 gemany
<dns2.tamay-dogan.net> slave # @ ISP 2 uk
<dns3.tamay-dogan.net> slave # @ ISP 3 germany

My NS @office should update <dns1> which then automaticaly send
notifications to <dns2> and <dns3>.

So, can someone tell men please, how to setup TSIG to let the <dns> work
with <dns1>.

Note: I do not know what happen to <lists.isc.org>, because I am
subscribed to <bind-users> since many years and have already
written there, but since some weeks I can not more send any
messages to them. Exactly, I see from the courier log, that it
accept my messages, but they never appear on the lists nor
<listmaster>, <postmaster> or <owner> resond.

It seems, ANY messages from my domains are eaten by the ISC mail
system which sounds like a misconfiguration.

If someone can contact them, please do it on my behalf.

I am SUBSCRIBED to <bind-users> and GET messages every day.

Thanks, Greetings and nice Day/Evening
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux

itsystems@tdnet France EURL itsystems@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstra=DFe 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel mobil: +33-6-61925193 Tel mobil: +49-177-9351947
Tel office: +49-176-86004575

<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>

Jabber linux4michelle@jabber.ccc.de

Linux-User #280138 with the Linux Counter, http://counter.li.org/
 
Old 05-03-2011, 12:31 PM
Matus UHLAR - fantomas
 
Default How to setup TSIG (bind9) to work from a dynamic IP?

On 03.05.11 00:09, Michelle Konzack wrote:
> I had to change my setup and now my "master" DNS is at home and behind a
> dynamic IP. I have setup TSIG, but it requires a fixed IP, which I "not
> have".

you apparently mean, that using master server requires it to have dynamic
address.

> OK, now I have following Servers
>
> <dns.private.tamay-dogan.net> master # @office
>
> <dns1.tamay-dogan.net> master # @ ISP 1 gemany
> <dns2.tamay-dogan.net> slave # @ ISP 2 uk
> <dns3.tamay-dogan.net> slave # @ ISP 3 germany
>
> My NS @office should update <dns1> which then automaticaly send
> notifications to <dns2> and <dns3>.

you _can_ send dynamic updates from office to ISP's nameserver, when you
configure nameserver (or dhcp) at your office to use TSIG key and nameserver
@isp to accept the key.

> So, can someone tell men please, how to setup TSIG to let the <dns> work
> with <dns1>.

what exactly did you try?

> Note: I do not know what happen to <lists.isc.org>, because I am
> subscribed to <bind-users> since many years and have already
> written there, but since some weeks I can not more send any
> messages to them. Exactly, I see from the courier log, that it
> accept my messages, but they never appear on the lists nor
> <listmaster>, <postmaster> or <owner> resond.

spam filter?
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110503123149.GC28151@fantomas.sk">http://lists.debian.org/20110503123149.GC28151@fantomas.sk
 
Old 05-03-2011, 01:13 PM
Michelle Konzack
 
Default How to setup TSIG (bind9) to work from a dynamic IP?

Hello Matus UHLAR - fantomas,

Am 2011-05-03 14:31:49, hacktest Du folgendes herunter:
> you apparently mean, that using master server requires it to have dynamic
> address.

No. If you search google for "How to setup TSIG" you see in ALL examples
you have to use a FIXED IP address (the place from WHERE you update)
which is not possibel, because I am on a dynamic IP and my MASTER server
is in my INTRANET.

> you _can_ send dynamic updates from office to ISP's nameserver, when you
> configure nameserver (or dhcp) at your office to use TSIG key and nameserver
> @isp to accept the key.

I do not want to update dynamicaly. I need a TSIG xfer from my intranet
NS <dns.private.tamay-dogan.net> to my public NS <dns1.tamay-dogan.net>.

> > Note: I do not know what happen to <lists.isc.org>, because I am
> > subscribed to <bind-users> since many years and have already
> > written there, but since some weeks I can not more send any
> > messages to them. Exactly, I see from the courier log, that it
> > accept my messages, but they never appear on the lists nor
> > <listmaster>, <postmaster> or <owner> resond.
>
> spam filter?

It seems they have setup NEW spamfilters which think, my domain is
sending spam... Now I wrote a message to <abuse@isc.org> and gotten a
ticket and it seems, there is ONE MTA, accepting my messages...

Thanks, Greetings and nice Day/Evening
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux

itsystems@tdnet France EURL itsystems@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +49-176-86004575 office

<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>

Jabber linux4michelle@jabber.ccc.de
ICQ #328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/
 
Old 05-03-2011, 01:41 PM
Henrique de Moraes Holschuh
 
Default How to setup TSIG (bind9) to work from a dynamic IP?

A secure VPN would probably be a better time investiment, as it would be
safer than naked TSIG anyway, and solve any issues you could have with
other management protocols and applications as well.

--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110503134102.GC13501@khazad-dum.debian.net">http://lists.debian.org/20110503134102.GC13501@khazad-dum.debian.net
 
Old 05-03-2011, 03:00 PM
Matus UHLAR - fantomas
 
Default How to setup TSIG (bind9) to work from a dynamic IP?

> Am 2011-05-03 14:31:49, hacktest Du folgendes herunter:
> > you apparently mean, that using master server requires it to have dynamic
> > address.

On 03.05.11 15:13, Michelle Konzack wrote:
> No. If you search google for "How to setup TSIG" you see in ALL examples
> you have to use a FIXED IP address (the place from WHERE you update)
> which is not possibel, because I am on a dynamic IP and my MASTER server
> is in my INTRANET.

use VPN then, you may have static IP there

> > you _can_ send dynamic updates from office to ISP's nameserver, when you
> > configure nameserver (or dhcp) at your office to use TSIG key and nameserver
> > @isp to accept the key.
>
> I do not want to update dynamicaly. I need a TSIG xfer from my intranet
> NS <dns.private.tamay-dogan.net> to my public NS <dns1.tamay-dogan.net>.

xfer? Impossible. Mostly because DNS is pull, not push and for pull you need
to know the IP. Maybe changing it dynamically would help but in such case
you can just upload the zone file to master and issue reload
(and this will avoid zone expiration in case you don't connect for some
time).

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
There's a long-standing bug relating to the x86 architecture that
allows you to install Windows. -- Matthew D. Fuller


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110503150037.GB30043@fantomas.sk">http://lists.debian.org/20110503150037.GB30043@fantomas.sk
 
Old 05-05-2011, 02:11 PM
Kilian Krause
 
Default How to setup TSIG (bind9) to work from a dynamic IP?

On Tue, 2011-05-03 at 10:41 -0300, Henrique de Moraes Holschuh wrote:
> A secure VPN would probably be a better time investiment, as it would be
> safer than naked TSIG anyway, and solve any issues you could have with
> other management protocols and applications as well.

...or if you have got the option to use (native) IPv6 on both ends that
should work fine too. bind9 can handle IPv6 just nicely and that way you
would be having the static IP to transfer from hidden master to public
master for your config.

--
Best regards,
Kilian
 
Old 05-05-2011, 02:11 PM
Kilian Krause
 
Default How to setup TSIG (bind9) to work from a dynamic IP?

On Tue, 2011-05-03 at 10:41 -0300, Henrique de Moraes Holschuh wrote:
> A secure VPN would probably be a better time investiment, as it would be
> safer than naked TSIG anyway, and solve any issues you could have with
> other management protocols and applications as well.

...or if you have got the option to use (native) IPv6 on both ends that
should work fine too. bind9 can handle IPv6 just nicely and that way you
would be having the static IP to transfer from hidden master to public
master for your config.

--
Best regards,
Kilian
 

Thread Tools




All times are GMT. The time now is 11:15 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org