From liman at sunet.se Fri Feb 4 11:16:25 2000 From: liman at sunet.se (Lars-Johan Liman) Date: Fri, 04 Feb 2000 11:16:25 +0100 Subject: Invitation: informal DNSSEC workshop. Message-ID: <20000204111625E.liman@flaptop.pilsnet.sunet.se> Hi! First the important thing: *REGISTER* BY SENDING A PRIVATE NOTE TO ME ON WEDNESDAY FEBRUARY 16, AT THE LATEST! Now, register for what? At the last RIPE meeting, I asked if there was any interest in holding a DNSSEC workshop at the upcoming RIPE meeting, and there was some, so here goes: I hereby invite you (primarily the DNS-wg, others if there is room) to participate in an informal workshop around secure DNS. The intended schedule is that I (or Ed Lewis, if I can persuade him that this is a chance in a lifetime ... :-) give a brief presentation on the new record types and how they work and also a quick overview over the tools that are part of the BIND distribution. Then we try to obtain some hands-on experience in the terminal room, by setting up a number of zones, and trying to make them work. _If_we_are_lucky_, ISC might let us use the new BIND version 9, which is _supposed_ to be available in beta at the time of the event. I have coerced RIPE NCC into providing 10 Unix machines for the event, and we have to limit the number of participants to 15 due to space limitations. If you have your own laptop with some Unix implementation (according to your religious conviction :-) on it, please bring it. The schedule will be something like ... When: Tuesday February 22 Where: Hotel Krasnapolsky, Damsquare 9, Amsterdam, The Netherlands RIPE meeting terminal room 09.00 Welcome and administrativa 09.15 Introduction to DNSSEC (by L-J Liman, or, if Lady Fortune smiles, Ed Lewis from Network Associates). 12.00 Lunch (not included) 13.30 Hands-on installation and setup. Compilation, installation, key generation, zone creation and signing, delegation. (Coffee under ways - or short break.) 16.30 Exchange of experiences. 17.00 End of day. There will be opportunity for coffee brakes in the morning and in the afternoon if you register for the RIPE meeting, as we then can participate in their coffee arrangements. Now, this an _INFORMAL_ event of the type "let's get together and see how it works" rather than an official training course, so please don't expect me to describe how to run "vi" or "make", or what an "NS record" means. Also - please *REGISTER* by sending a private note to me on Wednesday February 16, at the latest. The workshop will be free of cost for the participants. Best regards, /Lars-Johan Liman #---------------------------------------------------------------------- # What the DNS really needs, is CLUE records ... ;-) #---------------------------------------------------------------------- # Lars-Johan Liman, Systems Specialist ! E-mail: liman at sunet.se # KTH Network Operations Centre ! HTTP : //www.sunet.se/~liman # Royal Institute of Technology, Sweden ! Voice : Int +46 8 - 790 65 60 #---------------------------------------------------------------------- From Daniel.Karrenberg at ripe.net Mon Feb 7 12:27:09 2000 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Mon, 07 Feb 2000 12:27:09 +0100 Subject: Invitation: informal DNSSEC workshop. In-Reply-To: <20000204111625E.liman@flaptop.pilsnet.sunet.se> Message-ID: <4.2.0.58.20000207122605.0098a5e0@localhost.ripe.net> Sorry I cannot make it because of unavoidable family commitments. I would have liked to be there! Daniel At 11:16 4-2-00 , Lars-Johan Liman wrote: >Hi! > >First the important thing: > > *REGISTER* BY SENDING A PRIVATE NOTE TO ME ON WEDNESDAY > FEBRUARY 16, AT THE LATEST! > >Now, register for what? > >At the last RIPE meeting, I asked if there was any interest in holding >a DNSSEC workshop at the upcoming RIPE meeting, and there was some, so >here goes: > >I hereby invite you (primarily the DNS-wg, others if there is room) to >participate in an informal workshop around secure DNS. The intended >schedule is that I (or Ed Lewis, if I can persuade him that this is a >chance in a lifetime ... :-) give a brief presentation on the new >record types and how they work and also a quick overview over the >tools that are part of the BIND distribution. Then we try to obtain >some hands-on experience in the terminal room, by setting up a number >of zones, and trying to make them work. _If_we_are_lucky_, ISC might >let us use the new BIND version 9, which is _supposed_ to be available >in beta at the time of the event. > >I have coerced RIPE NCC into providing 10 Unix machines for the event, >and we have to limit the number of participants to 15 due to space >limitations. If you have your own laptop with some Unix implementation >(according to your religious conviction :-) on it, please bring it. > >The schedule will be something like ... > >When: Tuesday February 22 >Where: Hotel Krasnapolsky, Damsquare 9, Amsterdam, The Netherlands > RIPE meeting terminal room > >09.00 Welcome and administrativa >09.15 Introduction to DNSSEC (by L-J Liman, or, if Lady Fortune > smiles, Ed Lewis from Network Associates). >12.00 Lunch (not included) >13.30 Hands-on installation and setup. > Compilation, installation, key generation, > zone creation and signing, delegation. >(Coffee under ways - or short break.) >16.30 Exchange of experiences. >17.00 End of day. > >There will be opportunity for coffee brakes in the morning and in the >afternoon if you register for the RIPE meeting, as we then can >participate in their coffee arrangements. > >Now, this an _INFORMAL_ event of the type "let's get together and see >how it works" rather than an official training course, so please don't >expect me to describe how to run "vi" or "make", or what an "NS >record" means. > >Also - please *REGISTER* by sending a private note to me on Wednesday >February 16, at the latest. The workshop will be free of cost for the >participants. > > Best regards, > /Lars-Johan Liman >#---------------------------------------------------------------------- ># What the DNS really needs, is CLUE records ... ;-) >#---------------------------------------------------------------------- ># Lars-Johan Liman, Systems Specialist ! E-mail: liman at sunet.se ># KTH Network Operations Centre ! HTTP : //www.sunet.se/~liman ># Royal Institute of Technology, Sweden ! Voice : Int +46 8 - 790 65 60 >#---------------------------------------------------------------------- From liman at sunet.se Wed Feb 23 16:33:38 2000 From: liman at sunet.se (Lars-Johan Liman) Date: Wed, 23 Feb 2000 16:33:38 +0100 Subject: Please publish. Message-ID: <20000223163338C.liman@flaptop.pilsnet.sunet.se> Hi! Would you please publish the following document as RIPE-192. The number has already been assigned long ago by Ambrose. The DNS WG has approved this document long ago. *** PLEASE OBSERVE *** that the RIPE document number 192 has already been reserved. Cheers, /Liman #---------------------------------------------------------------------- # Lars-Johan Liman, Systems Specialist ! E-mail: liman at sunet.se # KTH Network Operations Centre ! HTTP : //www.sunet.se/~liman # Royal Institute of Technology, Sweden ! Voice : Int +46 8 - 790 65 60 #---------------------------------------------------------------------- -------------- next part -------------- SIMPLE DNS CONFIGURATION EXAMPLE This document is intended as a very short primer and example on how to set up your own server for the domain name system (DNS). Setting up the DNS server is not the only step you need to take to make your domain visible on the Internet. There can be several steps of registration procedures you have to go through. Your Internet service provider (ISP) should be able to help you with these. This text assumes that you are running the Unix operating system, and that you are using the Berkeley Internet Name Daemon (BIND) version 8 or version 4. If this is not the case, this document is of less value to you, but may still be worth reading. It also assumes that you have basic experience with Unix, moving around in the file tree, starting and stopping processes, and editing text files with some text editor. You are also expected to have administrator privileges on the machine, and you will find that most command will have to be given by the "root" user. You also need the following information: your domain name, your network number, who your ISP is, and the host names and IP addresses of your computers. This "step by step" instruction does not intend to explain what the various files and statements therein actually mean, but is a quick and dirty "do this, and it might work". If you are interested in a more thorough introduction to the subject, please see the following documents. RECOMMENDED READING "DNS & BIND 3rd Edition" by Paul Albitz & Cricket Liu, O'Reilly & Associates Inc. The DNS Resources Directory http://www.dns.net/dnsrd/ PREPARATION In the files below, the domain name company.xy is used. This is just an example, and should of course be replaced with your own domain name. We also assume that this "example company" has been assigned the IP network numbers 192.168.42.0 - 192.168.42.255 (often expressed as 192.168.42.0/24). Please pay attention to the notes in the example files, if your address assignment is not exactly 256 addresses (i.e., a /24, or previously referred to as a "class 'C' network"). There are a couple of steps you have to take before installing the configuration files. 1) Install a mail alias "hostmaster at company.xy" that receives mail and delivers it to the person that runs the DNS server at your site. This probably means YOU. Also be prepared to read and act on mail arriving to this address. ("company.xy" should of course be replaced with your own domain name.) 2) Make sure that your machine has the program "named" (name daemon) installed. Also find out which version of the program you are using. You only need to worry about the first digit in the version number. It should be either 4 or 8. "named" is part of the BIND package, and we STRONGLY encourage you to take the effort of installing the latest version of BIND you can lay your hands on. All programs have errors in them, and "named" is no exception. We tend to believe that more modern versions are less prone to this problem, especially on the security side. 3) Create the directory "/etc/domain" (using the command "mkdir /etc/domain") on your name server computer. All the examples below assume that the directory exists, and all files except one reside in that directory. The one exception is the file /etc/named.boot or /etc/named.conf. You only use one of them, and which one depends on which version of BIND you are using. Now you can install the files below in the location indicated by the "Filename:" comment that you find at the top of all the example files. Please remember to replace the strings as indicated. We have done the best we can to provide a simple and straight forward configuration, but all Internet sites are different, and it is not at all unlikely that your site will not fit exactly into our model. If you find that the configuration below doesn't work for you, you will either have to study the system further (see suggested reading list) or consult someone who is more experienced in running the system. If you do, don't be surprised if the models presented in literature and by consultants differ substantially from ours. DNS can be done in many ways - most of which are wrong, but there is a substantial number of ways that DO work, and they may seem quite different. Which one to choose is merely a question of taste or religious conviction. EXAMPLE FILES On the following pages we present a set of example files that can be used as a very basic configuration for a BIND DNS server. The name server process uses these files to tell the rest of the Internet about your machines. If you add a new machine, or if you change the IP address of a machine, you have to change the corresponding file. After having edited one or more files, you must restart the "named" process. Don't forget to update the serial number in every zone file you edit. You have to choose ONE of the first two example files. The first one is to be used if you have BIND version 8 installed. The second one is to be used if you have BIND version 4 installed. The third and following files are common to the two versions, and are all required on your system. When dealing with DNS files it is crucial that one is EXTREMELY careful when one types. If the example files have a period character (".") at one place, it is imperative that your files have that character in the corresponding place. Likewise, if the files do NOT have have a period character, neither should yours. The placement of special characters might seem random and unmotivated, but they are there to make your unforgiving computer shut up and not complain, and in the long run, that will make life easier for you. :-) The file "named.root" that resides in the /etc/domain directory is not included in the example files below. It is a standard file, but its content varies slowly over time. You should obtain a fresh copy, and you do so by pointing your favourite web browser to ftp://ftp.rs.internic.net/domain/named.root and save the file do disk in "text" format. Copy the file to its correct location (/etc/domain/named.root). The example files follow the authors section. AUTHORS This document is a collaborate effort with its root in the RIPE DNS working group. Suggestions have been brough forward by many. Thanks a lot! The following people have devoted some extra time to it: Amar Andersson Telia Network Services AA90-RIPE Hans Niklasson Tele2/SwipNet HN413-RIPE Ruediger Volk Deutsche Telekom RV32 Peter Koch Universitaet Bielefeld PK46-RIPE Niall O'Reilly University College Dublin NO8 Randy Bush Verio RB366 Kurt Kayser VIAG Interkom KK37-RIPE Nic Lewis LINX Lars-Johan Liman Royal Inst. of Technology LL10-RIPE // Filename: /etc/named.conf // This is an example of a name server configuration for BIND version 8. // If you change this file, you must restart the "named" process. //---------------------------------------------------------------------- // This is the directory where the rest of the files reside. options { directory "/etc/domain"; }; //---------------------------------------------------------------------- // The following three blocks are standard configuration // and should appear verbatim. zone "." { type hint; file "named.root"; // This file should be picked up from }; // ftp://ftp.rs.internic.net/domain/named.root zone "localhost" { type master; file "localhost"; }; zone "0.0.127.in-addr.arpa" { type master; file "127.0.0"; }; //---------------------------------------------------------------------- // This is the part of the DNS database that will translate host and // domain names into IP addresses. Replace "company.xy" with your // own domain name. zone "company.xy" { // The file "company.xy" should reside in type master; // the /etc/domain/ directory, and you file "company.xy"; // have to create it yourself. }; //---------------------------------------------------------------------- // This is the part of the DNS database that will translate your IP // addresses back to domain names (so called reverse DNS information). // Replace "192.168.42" with your own network number. NOTE! The // network number appears backwards in the second clause (just before // ".in-addr.arpa"). zone "42.168.192.in-addr.arpa" { // The file "192.168.42" should reside in type master; // the /etc/domain/ directory, and you file "192.168.42"; // have to create it yourself. }; // IMPORTANT NOTE! // If your ISP has assigned fewer than 255 addresses to you, you must // contact the ISP for further assistance. //---------------------------------------------------------------------- // END OF FILE ; Filename: /etc/named.boot ; This is an example of a name server configuration for BIND version 4. ; If you change this file, you must restart the "named" process. ;---------------------------------------------------------------------- ; This is the directory where the rest of the files reside. directory /etc/domain ;---------------------------------------------------------------------- ; The following three blocks are standard configuration ; and should appear verbatim. cache . named.root ; This file should be picked up from ; ftp://ftp.rs.internic.net/domain/named.root primary localhost localhost primary 0.0.127.in-addr.arpa 127.0.0 ;---------------------------------------------------------------------- ; This is the part of the DNS database that will translate host and ; domain names into IP addresses. Replace "company.xy" with your ; own domain name. primary company.xy company.xy ; The file "company.xy" should reside in ; the /etc/domain/ directory, and you ; have to create it yourself. ;---------------------------------------------------------------------- ; This is the part of the DNS database that will translate your IP ; addresses back to domain names (so called reverse DNS information). ; Replace "192.168.42" with your own network number. NOTE! The ; network number appears backwards in the second clause (just before ; ".in-addr.arpa"). primary 42.168.192.in-addr.arpa 192.168.42 ; The file "192.168.42" should reside in ; the /etc/domain/ directory, and you ; have to create it yourself. ; IMPORTANT NOTE! ; If your ISP has assigned fewer than 255 addresses to you, you must ; contact the ISP for further assistance. ;---------------------------------------------------------------------- ; END OF FILE ; Filename: /etc/domain/localhost ; This is information about a special host named "localhost" that ; should appear in all name servers. Replace "dns.company.xy" with the ; hostname of your DNS server and "company.xy" with your domain name. ; Also replace the serial number indicated with a number made up of ; the year (4 digits), the month (two digits), the day of the month ; (two digits) and a version number (two digits). The date should ; correspond to the date when you edit the file. ; The serial number should be adjusted every time you edit the file, ; and must always be increased. If you make several changes the same ; day, increase the version part of the serial number, keeping the ; date. Start with version = 00 for a new day and increase the value ; by 1 for every change. This will allow for 99 changes the same day. ; The serial number was generated in the year 1998, month 09 ; (September), the 29th day of the month, and it was the first version ; (00) that day. ; If you change this file, you must restart the "named" process. localhost. SOA dns.company.xy. hostmaster.company.xy. ( 1998092900 ; Serial number 86400 ; Refresh 1 day 7200 ; Retry 2 hours 3600000 ; Expire 41.67 days 172800 ) ; Minimum TTL 2 days localhost. NS dns.company.xy. localhost. A 127.0.0.1 ;---------------------------------------------------------------------- ; END OF FILE ; Filename: /etc/domain/127.0.0 ; This is the information about the translation from the special IP ; address 127.0.0.1 back to the special hostname "localhost" (see ; /etc/domain/localhost) that should appear in all name ; servers. Replace "dns.company.xy" with the hostname of your DNS ; server and "company.xy" with your domain name. ; Also replace the serial number indicated with a number made up of ; the year (4 digits), the month (two digits), the day of the month ; (two digits) and a version number (two digits). The date should ; correspond to the date when you edit the file. ; The serial number should be adjusted every time you edit the file, ; and must always be increased. If you make several changes the same ; day, increase the version part of the serial number, keeping the ; date. Start with version = 00 for a new day and increase the value ; by 1 for every change. This will allow for 99 changes the same day. ; The serial number was generated in the year 1998, month 09 ; (September), the 29th day of the month, and it was the first version ; (00) that day. ; If you change this file, you must restart the "named" process. 0.0.127.in-addr.arpa. SOA dns.company.xy. hostmaster.company.xy. ( 1998092900 ; Serial number 86400 ; Refresh 1 day 7200 ; Retry 2 hours 3600000 ; Expire 41.67 days 172800 ) ; Minimum TTL 2 days 0.0.127.in-addr.arpa. NS dns.company.xy. 1.0.0.127.in-addr.arpa. PTR localhost. ;---------------------------------------------------------------------- ; END OF FILE ; Filename: /etc/domain/company.xy (replace company.xy with your ; domain) ; This file contains the information regarding your domain. Generally ; replace "company.xy" with your domain name, and replace other ; records according to the comments in the file. ; Also replace the serial number indicated with a number made up of ; the year (4 digits), the month (two digits), the day of the month ; (two digits) and a version number (two digits). The date should ; correspond to the date when you edit the file. ; The serial number should be adjusted every time you edit the file, ; and must always be increased. If you make several changes the same ; day, increase the version part of the serial number, keeping the ; date. Start with version = 00 for a new day and increase the value ; by 1 for every change. This will allow for 99 changes the same day. ; The serial number was generated in the year 1998, month 09 ; (September), the 29th day of the month, and it was the first version ; (00) that day. ; If you change this file, you must restart the "named" process. company.xy. SOA dns.company.xy. hostmaster.company.xy. ( 1998092900 ; Serial number 86400 ; Refresh 1 day 7200 ; Retry 2 hours 3600000 ; Expire 41.67 days 172800 ) ; Minimum TTL 2 days company.xy. NS dns.company.xy. ; This is the hostname of your name server. ; It should have its address defined in an ; "A" record below. company.xy. NS ns2.isp.net. ; This is the hostname of a slave name server. ; You should have one, and you need to talk ; to your Internet provider to agree on the ; name to put here. They also need to ; set up their system accordingly. company.xy. MX 0 mailserver.company.xy. ; This is the hostname of your mail ; server. NOTE! You have to set up the ; mail system of your mail server to ; accept mail to your domain. The ; record here is not sufficient, but ; necessary. www.company.xy. A 192.168.42.33 ; This should be the IP address of ; your web server. ; The following is the list of computers at your site. To the left ; should go the hostnames of the hosts. They should all end with your ; domain name. To the left you should put their corresponding IP ; addresses. dns.company.xy. A 192.168.42.2 mailserver.company.xy. A 192.168.42.3 computer1.company.xy. A 192.168.42.12 server-nt.company.xy. A 192.168.42.17 www.company.xy. A 192.168.42.33 pc1.company.xy. A 192.168.42.51 pc2.company.xy. A 192.168.42.52 pc3.company.xy. A 192.168.42.53 macserver.company.xy. A 192.168.42.217 ;---------------------------------------------------------------------- ; END OF FILE ; Filename: /etc/domain/192.168.42 (replace 192.168.42 with your ; network number) ; This file contains the information regarding your domain. Generally ; replace "42.168.192" with your own network number TURNED BACKWARDS! ; and replace other records according to the comments in the file. ; Also replace the serial number indicated with a number made up of ; the year (4 digits), the month (two digits), the day of the month ; (two digits) and a version number (two digits). The date should ; correspond to the date when you edit the file. ; The serial number should be adjusted every time you edit the file, ; and must always be increased. If you make several changes the same ; day, increase the version part of the serial number, keeping the ; date. Start with version = 00 for a new day and increase the value ; by 1 for every change. This will allow for 99 changes the same day. ; The serial number was generated in the year 1998, month 09 ; (September), the 29th day of the month, and it was the first version ; (00) that day. ; If you change this file, you must restart the "named" process. 42.168.192.in-addr.arpa. SOA dns.company.xy. hostmaster.company.xy. ( 1998092900 ; Serial number 86400 ; Refresh 1 day 7200 ; Retry 2 hours 3600000 ; Expire 41.67 days 172800 ) ; Minimum TTL 2 days 42.168.192.in-addr.arpa. NS dns.company.xy. ; This is the hostname of your name server. 42.168.192.in-addr.arpa. NS ns2.isp.net. ; This is the hostname of a slave name server. ; You should have one, and you need to talk ; to your Internet provider to agree on the ; name to put here. They also need to ; set up their system accordingly. ; The following is the list of computers at your site. To the left ; should go the IP addresses (TURNED BACKWARDS!) of your hosts, ; immediately followed by the string ".in-addr.arpa." To the left you ; should put the corresponding hostnames. 2.42.168.192.in-addr.arpa. PTR dns.company.xy. 3.42.168.192.in-addr.arpa. PTR mailserver.company.xy. 12.42.168.192.in-addr.arpa. PTR computer1.company.xy. 17.42.168.192.in-addr.arpa. PTR server-nt.company.xy. 33.42.168.192.in-addr.arpa. PTR www.company.xy. 51.42.168.192.in-addr.arpa. PTR pc1.company.xy. 52.42.168.192.in-addr.arpa. PTR pc2.company.xy. 53.42.168.192.in-addr.arpa. PTR pc3.company.xy. 217.42.168.192.in-addr.arpa. PTR macserver.company.xy. ;---------------------------------------------------------------------- ; END OF FILE From michael.hallgren at teleglobe.com Thu Feb 24 17:24:31 2000 From: michael.hallgren at teleglobe.com (Hallgren, Michael) Date: Thu, 24 Feb 2000 16:24:31 -0000 Subject: Please publish. Message-ID: Hi, >Hi! > >Would you please publish the following document as RIPE-192. The >number has already been assigned long ago by Ambrose. The DNS WG has >approved this document long ago. As said while eating, perhaps adding the (late) Bind $TTL statement to the zone files ? (Was somewhat reluctant to propose, since Bind is merely one of a few implementations... ... but who uses other ? :) Michael > >*** PLEASE OBSERVE *** that the RIPE document number 192 has already >been reserved. > > Cheers, > /Liman >#---------------------------------------------------------------------- ># Lars-Johan Liman, Systems Specialist ! E-mail: liman at sunet.se ># KTH Network Operations Centre ! HTTP : //www.sunet.se/~liman ># Royal Institute of Technology, Sweden ! Voice : Int +46 8 - 790 65 60 >#---------------------------------------------------------------------- <> From randy at psg.com Thu Feb 24 18:23:38 2000 From: randy at psg.com (Randy Bush) Date: Thu, 24 Feb 2000 09:23:38 -0800 Subject: Please publish. References: Message-ID: > As said while eating, perhaps adding the (late) Bind $TTL statement to > the zone files ? seems ill-advised as they are not standard and are a kink of one implementation. randy From michael.hallgren at teleglobe.com Thu Feb 24 18:20:36 2000 From: michael.hallgren at teleglobe.com (Hallgren, Michael) Date: Thu, 24 Feb 2000 17:20:36 -0000 Subject: Please publish. Message-ID: >> As said while eating, perhaps adding the (late) Bind $TTL statement to >> the zone files ? >seems ill-advised as they are not standard and are a kink of one >implementation. yes, perhaps you're right -- that's why i was unsure of the value ;) on the other hand, a lot of people use these versions, and are bound to be intrigued by the log messages... mh >randy From michael.hallgren at teleglobe.com Thu Feb 24 18:27:51 2000 From: michael.hallgren at teleglobe.com (Hallgren, Michael) Date: Thu, 24 Feb 2000 17:27:51 -0000 Subject: Please publish. Message-ID: On Thu, Feb 24, 2000 at 05:20:36PM -0000, Hallgren, Michael wrote: >> a lot of people use these versions, and are bound to be intrigued by the log >> messages... >So, add an annex saying to ignore these warnings. Yes, or a footnote explaining how to turn them off ? mh >-- >${talks} From adamo at dblab.ece.ntua.gr Thu Feb 24 18:30:11 2000 From: adamo at dblab.ece.ntua.gr (Yiorgos Adamopoulos) Date: Thu, 24 Feb 2000 19:30:11 +0200 Subject: Please publish. In-Reply-To: ; from michael.hallgren@teleglobe.com on Thu, Feb 24, 2000 at 05:20:36PM -0000 References: Message-ID: <20000224193011.A93468@dblab.ece.ntua.gr> On Thu, Feb 24, 2000 at 05:20:36PM -0000, Hallgren, Michael wrote: > a lot of people use these versions, and are bound to be intrigued by the log > messages... So, add an annex saying to ignore these warnings. -- ${talks} From pk at TechFak.Uni-Bielefeld.DE Thu Feb 24 19:30:46 2000 From: pk at TechFak.Uni-Bielefeld.DE (Peter Koch) Date: Thu, 24 Feb 2000 19:30:46 +0100 Subject: Please publish. In-Reply-To: Your message of "Thu, 24 Feb 2000 17:27:51 GMT." Message-ID: <200002241830.TAA02036@sequoia.TechFak.Uni-Bielefeld.DE> > Yes, or a footnote explaining how to turn them off ? I would like to strongly advocate publishing this document as-is: o Weighing cost vs. benefit it is better to have some warnings produced by missing $TTL statements than errors introduced by $TTL statements in older BIND versions. Recommendation of the use of the ``latest'' version nonwithstanding. Please remember the working title and that the target audience may not be expected to fetch and compile those ``latest'' versions themselves. o A design criterion was that the document be ``short''. Any further discussion about peculiarities of certain major or minor releases is not helpful. o While there is an issue with $TTL, the document in its current state is not broken. There is always some issue not covered in all detail, but that's by design. o Even RIPE documents are not set in stone. Should the operational experience with that document suggest that the $TTL or any other issue do not work out, we can and should review and maybe revise it. o With regard to working group economics I would prefer a living (i.e. published and hopefully used in real life) document over a draft that circulates forever heading for perfection and never hits a ``real end user''. We need that kind of feedback. -Peter From liman at sunet.se Thu Feb 24 20:14:22 2000 From: liman at sunet.se (Lars-Johan Liman) Date: Thu, 24 Feb 2000 20:14:22 +0100 Subject: Please publish. In-Reply-To: References: Message-ID: <20000224201422J.liman@flaptop.pilsnet.sunet.se> randy at psg.com: > seems ill-advised as they are not standard and are a kink of one > implementation. Mja, it's really not _that_ bad. It's not full standard yet, agreed, but it _is_ on standards track (RFC 2308, proposed standard), so it not just "a kink of one implementation". I agree we should probably wait until it's a bit further along the track before recommending it, though. /Liman From michael.hallgren at teleglobe.com Mon Feb 28 17:22:52 2000 From: michael.hallgren at teleglobe.com (Hallgren, Michael) Date: Mon, 28 Feb 2000 16:22:52 -0000 Subject: Please publish. Message-ID: <04BCD7586FEDD3119C0B00A0C9E4605F06160D@uklozms02.Teleglobe.CA> >Go ahead. Publish the bl**dy thing. You'll feel much better for it. :) mh > >>On 24-Feb-2000 Lars-Johan Liman wrote: >> randy at psg.com: >>> seems ill-advised as they are not standard and are a kink of one >>> implementation. >> >> Mja, it's really not _that_ bad. >> >> It's not full standard yet, agreed, but it _is_ on standards track >> (RFC 2308, proposed standard), so it not just "a kink of one >> implementation". >> >> I agree we should probably wait until it's a bit further along the >> track before recommending it, though. >> >> /Liman > >-- >Tel: +44 171 864 4450 Fax: +44 171 864 4488 >Well I'm disenchanted too. We're all disenchanted (James Thurber) >(http://www.seanet.com/~thurber/disenchanted.gif) > From nigel.titley at level3.com Mon Feb 28 16:57:56 2000 From: nigel.titley at level3.com (Nigel Titley) Date: Mon, 28 Feb 2000 15:57:56 -0000 (UTC) Subject: Please publish. In-Reply-To: <20000224201422J.liman@flaptop.pilsnet.sunet.se> Message-ID: Go ahead. Publish the bl**dy thing. You'll feel much better for it. On 24-Feb-2000 Lars-Johan Liman wrote: > randy at psg.com: >> seems ill-advised as they are not standard and are a kink of one >> implementation. > > Mja, it's really not _that_ bad. > > It's not full standard yet, agreed, but it _is_ on standards track > (RFC 2308, proposed standard), so it not just "a kink of one > implementation". > > I agree we should probably wait until it's a bit further along the > track before recommending it, though. > > /Liman -- Tel: +44 171 864 4450 Fax: +44 171 864 4488 Well I'm disenchanted too. We're all disenchanted (James Thurber) (http://www.seanet.com/~thurber/disenchanted.gif) From support at engelholm.se Tue Feb 29 09:55:35 2000 From: support at engelholm.se (=?iso-8859-1?Q?Support_@_N=E4tverk_Engelholm?=) Date: Tue, 29 Feb 2000 09:55:35 +0100 Subject: BIND Message-ID: <000901bf8292$bef13c60$710ba8c0@engelholm.se> Hi, Does anyone no where to get the latest BIND for WinNT? Regards Mats N. From jim at rfc1035.com Tue Feb 29 13:38:18 2000 From: jim at rfc1035.com (Jim Reid) Date: Tue, 29 Feb 2000 12:38:18 +0000 Subject: BIND In-Reply-To: Your message of "Tue, 29 Feb 2000 09:55:35 +0100." <000901bf8292$bef13c60$710ba8c0@engelholm.se> Message-ID: <26890.951827898@gromit.rfc1035.com> >>>>> "Mats" == =?iso-8859-1?Q?Support @ N=E4tverk Engelholm?= writes: Mats> Hi, Does anyone no where to get the latest BIND for WinNT? Try http://www.isc.org/products/BIND. The current release, 8.2.2P5, runs on NT. From pk at TechFak.Uni-Bielefeld.DE Tue Feb 29 15:24:00 2000 From: pk at TechFak.Uni-Bielefeld.DE (Peter Koch) Date: Tue, 29 Feb 2000 15:24:00 +0100 Subject: New draft for ``long'' server setup document posted Message-ID: <200002291424.PAA21025@grimsvotn.TechFak.Uni-Bielefeld.DE> Dear all, an action item from last week's DNS WG meeting was to post the latest version of "RIPE DNS WG Guide To Setting Up a DNS Server", the only remaining document in our trilogy. The draft has just been sent to the Internet Drafts directory: draft-koch-ripe-dns-setup-guide-00.txt Until all mirror sites have grabbed it you can also access my local copy at http://www.TechFak.Uni-Bielefeld.DE/~pk/dns/draft-koch-ripe-dns-setup-guide-00.txt.gz This is a draft, so there are several sections ``TBD''. However, we all know much more to say about DNS, but we have to constrain ourselves to a digestable piece of paper. Any comments and suggestions are very welcome, but I would like to suggest that we only very carefully add more bullet points. Maybe we could even get rid of some. Any first hand experiences with the desired target audience are especially appreciated. I plan to have an updated draft with all the gaps filled ready by RIPE 36. Please post contributions to this list. -Peter