diff options
Diffstat (limited to 'FAQ.xml')
| -rw-r--r-- | FAQ.xml | 43 |
1 files changed, 33 insertions, 10 deletions
@@ -17,7 +17,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: FAQ.xml,v 1.30.26.3 2008/02/25 05:08:10 marka Exp $ --> +<!-- $Id: FAQ.xml,v 1.30.26.4 2008/06/04 02:51:13 tbox Exp $ --> <article class="faq"> <title>Frequently Asked Questions about BIND 9</title> @@ -706,8 +706,7 @@ zone "list.dsbl.org" { requests are coming from a Windows 2000 machine, see <ulink url="http://support.microsoft.com/support/kb/articles/q246/8/04.asp"> - http://support.microsoft.com/support/kb/articles/q246/8/04.asp - </ulink> + <http://support.microsoft.com/support/kb/articles/q246/8/04.asp></ulink> for information about how to turn them off. </para> </answer> @@ -857,7 +856,7 @@ serial-query-rate 5; // default 20</programlisting> usage rules and are leaking queries to the Internet. You should establish your own zones for these addresses to prevent you querying the Internet's name servers for these addresses. - Please see <ulink url="http://as112.net/">http://as112.net/</ulink> + Please see <ulink url="http://as112.net/"><http://as112.net/></ulink> for details of the problems you are causing and the counter measures that have had to be deployed. </para> @@ -1010,7 +1009,31 @@ client: UDP client handler shutting down due to fatal receive error: unexpected </para> <para> See: - <ulink url="http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2">http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2</ulink> + <ulink url="http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2"><http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2></ulink> + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + Why does named lock up when it attempts to connect over IPSEC tunnels? + </para> + </question> + <answer> + <para> + This is due to a kernel bug where the fact that a socket is marked + non-blocking is ignored. It is reported that setting + xfrm_larval_drop to 1 helps but this may have negative side effects. + See: +<ulink url="https://bugzilla.redhat.com/show_bug.cgi?id=427629"><https://bugzilla.redhat.com/show_bug.cgi?id=427629></ulink> + and +<ulink url="http://lkml.org/lkml/2007/12/4/260"><http://lkml.org/lkml/2007/12/4/260></ulink>. + </para> + <para> + xfrm_larval_drop can be set to 1 by the following procedure: +<programlisting> +echo "1" > proc/sys/net/core/xfrm_larval_drop</programlisting> </para> </answer> </qandaentry> @@ -1101,8 +1124,9 @@ modprobe capability</programlisting> <para> Red Hat have adopted the National Security Agency's - SELinux security policy ( see http://www.nsa.gov/selinux - ) and recommendations for BIND security , which are more + SELinux security policy (see <ulink + url="http://www.nsa.gov/selinux"><http://www.nsa.gov/selinux></ulink>) + and recommendations for BIND security , which are more secure than running named in a chroot and make use of the bind-chroot environment unnecessary . </para> @@ -1341,8 +1365,7 @@ rand_irqs="3 14 15"</programlisting> <para> See also <ulink url="http://people.freebsd.org/~dougb/randomness.html"> - http://people.freebsd.org/~dougb/randomness.html - </ulink> + <http://people.freebsd.org/~dougb/randomness.html></ulink>. </para> </answer> </qandaentry> @@ -1364,7 +1387,7 @@ rand_irqs="3 14 15"</programlisting> <para> <ulink url="http://blogs.sun.com/roller/page/anay/Weblog?catname=%2FSolaris"> - http://blogs.sun.com/roller/page/anay/Weblog?catname=%2FSolaris + <http://blogs.sun.com/roller/page/anay/Weblog?catname=%2FSolaris> </ulink> </para> </answer> |