[nycbug-talk] Re: Bind 9.3.0 on FreeBSD 5.3

swygue swygue
Wed Jan 5 10:45:35 EST 2005


G. Stewart, I am not clear on what you are referring to. Reply-to
address is a default gmail setting.

On Wed,  5 Jan 2005 09:26:37 -0500 (EST),
talk-request at lists.nycbug.org <talk-request at lists.nycbug.org> wrote:
> Send talk mailing list submissions to
>         talk at lists.nycbug.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.nycbug.org/mailman/listinfo/talk
> or, via email, send a message with subject or body 'help' to
>         talk-request at lists.nycbug.org
> 
> You can reach the person managing the list at
>         talk-owner at lists.nycbug.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of talk digest..."
> 
> 
> Today's Topics:
> 
>    1. Fwd: Delivery Status Notification (Failure) (Marc Spitzer)
>    2. Re: Bind 9.3.0 on FreeBSD 5.3. (Pete Wright)
>    3. Re: Fwd: Delivery Status Notification (Failure) (G. Rosamond)
>    4. Jail Performance (Pete Wright)
>    5. Re: Jail Performance (Louis Bertrand)
>    6. Re: Jail Performance (Pete Wright)
>    7. Re: Jail Performance (George Georgalis)
>    8. Thanks Poland, ePatents are out, for a year... (George Georgalis)
>    9. NetBSD on NewsForge (Michael)
>   10. Re: Jail Performance (Sunny Dubey)
>   11. Re: Thanks Poland, ePatents are out, for a year... (Isaac Levy)
> 
> 
> 
> ---------- Forwarded message ----------
> From: Marc Spitzer <mspitzer at gmail.com>
> To: NYC Bug List <talk at lists.nycbug.org>
> Date: Tue, 4 Jan 2005 14:16:30 -0500
> Subject: [nycbug-talk] Fwd: Delivery Status Notification (Failure)
> how rude
> 
> ---------- Forwarded message ----------
> From: Mail Delivery System <MAILER-DAEMON at c60.cesmail.net>
> Date: 04 Jan 2005 13:11:44 -0500
> Subject: Delivery Status Notification (Failure)
> To: mspitzer at gmail.com
> 
> The following message to <gstewart at bonivet.net> was undeliverable.
> The reason for the problem:
> 5.1.0 - Unknown address error 550-'5.0.0 <gstewart at bonivet.net>...
> GMail is unwelcome here'
> 
> ---------- Forwarded message ----------
> From: Marc Spitzer <mspitzer at gmail.com>
> To: Godwin Stewart <gstewart at spamcop.net>
> Date: Tue, 4 Jan 2005 13:11:33 -0500
> Subject: Re: [nycbug-talk] Bind 9.3.0 on FreeBSD 5.3.
> it is also rude to correct someone in public when it can be done in
> private, don't you think so?
> 
> marc
> 
> On Tue, 4 Jan 2005 19:00:08 +0100, Godwin Stewart <gstewart at spamcop.net> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On Tue, 4 Jan 2005 12:39:49 -0500, swygue <swygue at gmail.com> wrote:
> >
> > > I need some help setting up Bind 9.3.0 on FreeBSD 5.3.
> > >
> > > Here is my setup:
> > >
> > > edit /etc/rc.conf
> > >      named_enable="YES"
> > >      named_chrotdir="/var/named"
> >                ^^^
> > Unintentional typo while copying your config to e-mail maybe?
> >
> > BTW, please don't set a Reply-To: <yourself> header in your mail. If it's
> > the same address as your sender address then it's entirely unnecessary and
> > bad mannered in that it directs responses away from this public area where
> > you asked your question.
> >
> > - --
> > G. Stewart - gstewart at bonivet.net
> >
> > Mary had a little lamb which walked into a pylon
> > Ten thousand volts went up its @$$ and turned its fleece to nylon
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.0 (FreeBSD)
> >
> > iD8DBQFB2tmoK5oiGLo9AcYRAoylAKDAa+PYjT/K4jxghyou+hWs4E9V9QCbB1Gh
> > fg3uuQ11C4hONTN8Pnk5kJM=
> > =ouRp
> > -----END PGP SIGNATURE-----
> > _______________________________________________
> > % NYC*BUG talk mailing list
> > http://lists.nycbug.org/mailman/listinfo/talk
> > %Be sure to check out our Jobs and NYCBUG-announce lists
> > %We meet the first Wednesday of the month
> >
> 
> 
> 
> ---------- Forwarded message ----------
> From: Pete Wright <pete at finn.nomadlogic.org>
> To: Godwin Stewart <gstewart at spamcop.net>
> Date: Tue, 4 Jan 2005 16:17:14 -0500
> Subject: Re: [nycbug-talk] Bind 9.3.0 on FreeBSD 5.3.
> On Tue, Jan 04, 2005 at 07:00:08PM +0100, Godwin Stewart wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On Tue, 4 Jan 2005 12:39:49 -0500, swygue <swygue at gmail.com> wrote:
> >
> > > I need some help setting up Bind 9.3.0 on FreeBSD 5.3.
> > >
> > > Here is my setup:
> > >
> > > edit /etc/rc.conf
> > >      named_enable="YES"
> > >      named_chrotdir="/var/named"
> >                ^^^
> > Unintentional typo while copying your config to e-mail maybe?
> >
> 
> also a check of /var/log/messages may yeild what error bind is generating on start.
> 
> -pete
> 
> --
> ~~oO00Oo~~
> Peter Wright
> pete at nomadlogic.org
> www.nomadlogic.org/~pete
> 917.415.9866
> 
> 
> 
> ---------- Forwarded message ----------
> From: "G. Rosamond" <george at sddi.net>
> To: Marc Spitzer <mspitzer at gmail.com>
> Date: Tue, 4 Jan 2005 17:20:40 -0500
> Subject: Re: [nycbug-talk] Fwd: Delivery Status Notification (Failure)
> 
> On Jan 4, 2005, at 2:16 PM, Marc Spitzer wrote:
> 
> > how rude
> 
> Following the top/bottom/vertical replies is difficult here, but it
> does seem kind of funny that someone would bounce gmail. . . I think
> Mr. Fence Post does their UCE filters. . . (sorry, inside joke)
> 
> *Not* that *I* approve that. . .
> 
> g
> 
> >
> >
> > ---------- Forwarded message ----------
> > From: Mail Delivery System <MAILER-DAEMON at c60.cesmail.net>
> > Date: 04 Jan 2005 13:11:44 -0500
> > Subject: Delivery Status Notification (Failure)
> > To: mspitzer at gmail.com
> >
> >
> > The following message to <gstewart at bonivet.net> was undeliverable.
> > The reason for the problem:
> > 5.1.0 - Unknown address error 550-'5.0.0 <gstewart at bonivet.net>...
> > GMail is unwelcome here'
> >
> >
> >
> >
> > ---------- Forwarded message ----------
> > From: Marc Spitzer <mspitzer at gmail.com>
> > To: Godwin Stewart <gstewart at spamcop.net>
> > Date: Tue, 4 Jan 2005 13:11:33 -0500
> > Subject: Re: [nycbug-talk] Bind 9.3.0 on FreeBSD 5.3.
> > it is also rude to correct someone in public when it can be done in
> > private, don't you think so?
> >
> > marc
> >
> > On Tue, 4 Jan 2005 19:00:08 +0100, Godwin Stewart
> > <gstewart at spamcop.net> wrote:
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> On Tue, 4 Jan 2005 12:39:49 -0500, swygue <swygue at gmail.com> wrote:
> >>
> >>> I need some help setting up Bind 9.3.0 on FreeBSD 5.3.
> >>>
> >>> Here is my setup:
> >>>
> >>> edit /etc/rc.conf
> >>>      named_enable="YES"
> >>>      named_chrotdir="/var/named"
> >>                ^^^
> >> Unintentional typo while copying your config to e-mail maybe?
> >>
> >> BTW, please don't set a Reply-To: <yourself> header in your mail. If
> >> it's
> >> the same address as your sender address then it's entirely
> >> unnecessary and
> >> bad mannered in that it directs responses away from this public area
> >> where
> >> you asked your question.
> >>
> >> - --
> >> G. Stewart - gstewart at bonivet.net
> >>
> >> Mary had a little lamb which walked into a pylon
> >> Ten thousand volts went up its @$$ and turned its fleece to nylon
> >> -----BEGIN PGP SIGNATURE-----
> >> Version: GnuPG v1.4.0 (FreeBSD)
> >>
> >> iD8DBQFB2tmoK5oiGLo9AcYRAoylAKDAa+PYjT/K4jxghyou+hWs4E9V9QCbB1Gh
> >> fg3uuQ11C4hONTN8Pnk5kJM=
> >> =ouRp
> >> -----END PGP SIGNATURE-----
> >> _______________________________________________
> >> % NYC*BUG talk mailing list
> >> http://lists.nycbug.org/mailman/listinfo/talk
> >> %Be sure to check out our Jobs and NYCBUG-announce lists
> >> %We meet the first Wednesday of the month
> >>
> > _______________________________________________
> > % NYC*BUG talk mailing list
> > http://lists.nycbug.org/mailman/listinfo/talk
> > %Be sure to check out our Jobs and NYCBUG-announce lists
> > %We meet the first Wednesday of the month
> >
> 
> 
> 
> ---------- Forwarded message ----------
> From: Pete Wright <pete at finn.nomadlogic.org>
> To: talk at lists.nycbug.org
> Date: Tue, 4 Jan 2005 22:54:32 -0500
> Subject: [nycbug-talk] Jail Performance
> Hey nycbugers,
>         I've been kicking around some ideas regarding jailing
> in an "enterprise" environment.  While jails do have the obvious
> benefit of added security; one thing that interests me are the
> possibilities of using jails to assist with server and app.
> management in distrubited envrionments.  The basic idea I am
> thinking of is creating jails for specific applications that
> get loaded to a farm of servers via PXE-TFTP.  One would netboot
> a server, and then dist a jail to that system after boot.  Seems
> simple enough...but what about performance.  Has anyone noticed
> any significant performance bottlenecks w/in jails.  I would not
> expect any, and have not seen any either.  But maybe there is
> something I'm missing?
> 
> -p
> 
> --
> ~~oO00Oo~~
> Peter Wright
> pete at nomadlogic.org
> www.nomadlogic.org/~pete
> 917.415.9866
> 
> 
> 
> ---------- Forwarded message ----------
> From: Louis Bertrand <louis at bertrandtech.ca>
> To: Pete Wright <pete at finn.nomadlogic.org>
> Date: Tue, 4 Jan 2005 23:01:22 -0500 (EST)
> Subject: Re: [nycbug-talk] Jail Performance
> On Tue, 4 Jan 2005, Pete Wright wrote:
> 
> > Hey nycbugers,
> >       I've been kicking around some ideas regarding jailing
> > in an "enterprise" environment.  While jails do have the obvious
> > benefit of added security; one thing that interests me are the
> > possibilities of using jails to assist with server and app.
> > management in distrubited envrionments.  The basic idea I am
> > thinking of is creating jails for specific applications that
> > get loaded to a farm of servers via PXE-TFTP.  One would netboot
> > a server, and then dist a jail to that system after boot.  Seems
> > simple enough...but what about performance.  Has anyone noticed
> > any significant performance bottlenecks w/in jails.  I would not
> > expect any, and have not seen any either.  But maybe there is
> > something I'm missing?
> >
> 
> Just a quick thought, and note that I really have no idea what I'm
> talking aobut, but didn't you just describe IBM's VM operating
> system for mainframes?  I think they run multiple independent
> instances of Linux, each in its own virtual machine (hence the name).
> 
> Ciao
>  --Louis  <louis at bertrandtech dot ca>
> 
> 
> 
> ---------- Forwarded message ----------
> From: Pete Wright <pete at finn.nomadlogic.org>
> To: Louis Bertrand <louis at bertrandtech.ca>
> Date: Tue, 4 Jan 2005 23:10:19 -0500
> Subject: Re: [nycbug-talk] Jail Performance
> On Tue, Jan 04, 2005 at 11:01:22PM -0500, Louis Bertrand wrote:
> > On Tue, 4 Jan 2005, Pete Wright wrote:
> >
> > > Hey nycbugers,
> > >     I've been kicking around some ideas regarding jailing
> > > in an "enterprise" environment.  While jails do have the obvious
> > > benefit of added security; one thing that interests me are the
> > > possibilities of using jails to assist with server and app.
> > > management in distrubited envrionments.  The basic idea I am
> > > thinking of is creating jails for specific applications that
> > > get loaded to a farm of servers via PXE-TFTP.  One would netboot
> > > a server, and then dist a jail to that system after boot.  Seems
> > > simple enough...but what about performance.  Has anyone noticed
> > > any significant performance bottlenecks w/in jails.  I would not
> > > expect any, and have not seen any either.  But maybe there is
> > > something I'm missing?
> > >
> >
> > Just a quick thought, and note that I really have no idea what I'm
> > talking aobut, but didn't you just describe IBM's VM operating
> > system for mainframes?  I think they run multiple independent
> > instances of Linux, each in its own virtual machine (hence the name).
> >
> yes it is sorta similar to partitioning hardware on IBM or Sun gear,
> altho what I was thinking about was having a central repository of
> system images, bundled with a specific app (say an apache tomcat
> server) that can be distributed to a group a machines.  The idea is
> to make administration easier and allow more flexibility on how one
> can provision a group of servers.
> 
> -p
> 
> > Ciao
> >  --Louis  <louis at bertrandtech dot ca>
> >
> >
> > _______________________________________________
> > % NYC*BUG talk mailing list
> > http://lists.nycbug.org/mailman/listinfo/talk
> > %Be sure to check out our Jobs and NYCBUG-announce lists
> > %We meet the first Wednesday of the month
> 
> --
> ~~oO00Oo~~
> Peter Wright
> pete at nomadlogic.org
> www.nomadlogic.org/~pete
> 917.415.9866
> 
> 
> 
> ---------- Forwarded message ----------
> From: "George Georgalis" <george at galis.org>
> To: talk at lists.nycbug.org
> Date: Wed, 5 Jan 2005 00:00:34 -0500
> Subject: Re: [nycbug-talk] Jail Performance
> On Tue, Jan 04, 2005 at 11:10:19PM -0500, Pete Wright wrote:
> >On Tue, Jan 04, 2005 at 11:01:22PM -0500, Louis Bertrand wrote:
> >> On Tue, 4 Jan 2005, Pete Wright wrote:
> >>
> >> > Hey nycbugers,
> >> >    I've been kicking around some ideas regarding jailing
> >> > in an "enterprise" environment.  While jails do have the obvious
> >> > benefit of added security; one thing that interests me are the
> >> > possibilities of using jails to assist with server and app.
> >> > management in distrubited envrionments.  The basic idea I am
> >> > thinking of is creating jails for specific applications that
> >> > get loaded to a farm of servers via PXE-TFTP.  One would netboot
> >> > a server, and then dist a jail to that system after boot.  Seems
> >> > simple enough...but what about performance.  Has anyone noticed
> >> > any significant performance bottlenecks w/in jails.  I would not
> >> > expect any, and have not seen any either.  But maybe there is
> >> > something I'm missing?
> >> >
> >>
> >> Just a quick thought, and note that I really have no idea what I'm
> >> talking aobut, but didn't you just describe IBM's VM operating
> >> system for mainframes?  I think they run multiple independent
> >> instances of Linux, each in its own virtual machine (hence the name).
> >>
> >yes it is sorta similar to partitioning hardware on IBM or Sun gear,
> >altho what I was thinking about was having a central repository of
> >system images, bundled with a specific app (say an apache tomcat
> >server) that can be distributed to a group a machines.  The idea is
> >to make administration easier and allow more flexibility on how one
> >can provision a group of servers.
> 
> sounds like a good idea, less the ramp up time which no doubt be
> recoverable after a few image mods.
> 
> Speaking from second hand info, and I've been paying a lot of attention
> to these things, I don't think you'll see a performance hit. There is
> another layer of abstraction with a jail but the "cpu" doesn't really
> go through it, device IO does. I expect you'll see well under 1% cpu
> degrade, probably closer to 0.1%, and maybe 1% IO degrade. +/- 3% on all
> that. ;-) but seriously, I think any performance hit you'll see with a
> jail will be squelched by the reality of HW cost and Moore's Law, for
> that last 1% you need to buy new hardware every 6 months and if you're
> doing that, you'll have a nice, actual, cluster in no time. :)
> 
> // George
> 
> --
> George Georgalis, systems architect, administrator Linux BSD IXOYE
> http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org
> 
> 
> 
> ---------- Forwarded message ----------
> From: "George Georgalis" <george at galis.org>
> To: New York City *BSD User Group <talk at lists.nycbug.org>
> Date: Wed, 5 Jan 2005 00:45:39 -0500
> Subject: [nycbug-talk] Thanks Poland, ePatents are out, for a year...
> Thanks to a declaration by Poland and their
> Undersecretary of State at the Polish Ministry of
> Science and Technology, Wlodzimierz Marcinski,
> at the EU's Agriculture and Fisheries council
> meeting...
> 
> The Software Patent Directive, "computer-implemented
> inventions" (ePatents) are out, for at least a year.
> 
> Join the 33K others and sign the thank you letter.
> http://www.gnu.org/thankpoland.html
> 
> // George
> 
> --
> George Georgalis, systems architect, administrator Linux BSD IXOYE
> http://galis.org/george/ cell:646-331-2027 mailto:george at galis.org
> 
> 
> 
> ---------- Forwarded message ----------
> From:  "Michael" <lists at genoverly.net>
> To:  "NYCBUG Talk List" <talk at lists.nycbug.org>
> Date: Wed, 5 Jan 2005 13:28:02 +0100
> Subject: [nycbug-talk] NetBSD on NewsForge
> 
> Nice coverage:
> http://trends.newsforge.com/trends/04/12/22/1954233.shtml?tid=8&tid=29
> 
> This guys writes for OnLamp : http://www.oreillynet.com/pub/au/1777
> and has a good BSD news aggregator: http://bsd.it/
> 
> Michael
> 
> 
> 
> ---------- Forwarded message ----------
> From: Sunny Dubey <sunny-ml at opencurve.org>
> To: talk at lists.nycbug.org
> Date: Wed, 5 Jan 2005 09:25:13 -0500
> Subject: Re: [nycbug-talk] Jail Performance
> On Tuesday 04 January 2005 22:54, Pete Wright wrote:
> > Hey nycbugers,
> >       I've been kicking around some ideas regarding jailing
> > in an "enterprise" environment.  While jails do have the obvious
> > benefit of added security; one thing that interests me are the
> > possibilities of using jails to assist with server and app.
> > management in distrubited envrionments.  The basic idea I am
> > thinking of is creating jails for specific applications that
> > get loaded to a farm of servers via PXE-TFTP.  One would netboot
> > a server, and then dist a jail to that system after boot.
> 
> I have to admit, I don't see the security behind a single jail solution.  If I
> need to run httpd/maild/something-d whatever I run is going to touch XYZ.
> (In this case XYZ can be sensitive data, databases, etc).  Theoretically I
> already have a security issue by running whatever service/daemon/app.
> 
> The OS becomes nothing more than a management tool that provides for me to
> admin, provides the computing needed by whatever app, and the OS itself
> becomes a security risk.  That being said the host-OS must provide for the
> jail-OS which in turn provides for the app.  Each time you add an OS into the
> picture, I would assume it is another security risk.
> 
> (I'm thinking of data security greatly here, heh)
> 
> > Seems
> > simple enough...but what about performance.  Has anyone noticed
> > any significant performance bottlenecks w/in jails.  I would not
> > expect any, and have not seen any either.  But maybe there is
> > something I'm missing?
> 
> The only bottle-neck would be I/O and physical devices (hard drives).  But if
> you are only running one jail, then you have little to worry about.  Just
> remember to change the times the daily cron scripts run on the host and jail.
> It can become super painful and ugly when you have multiple cpu/io-intensive
> cron scrips running at the same time, heh
> 
> Sunny Dubey
> 
> 
> 
> ---------- Forwarded message ----------
> From: Isaac Levy <ike at lesmuug.org>
> To: "George Georgalis" <george at galis.org>
> Date: Wed, 5 Jan 2005 09:26:22 -0500
> Subject: Re: [nycbug-talk] Thanks Poland, ePatents are out, for a year...
> On Jan 5, 2005, at 12:45 AM, George Georgalis wrote:
> 
> > Join the 33K others and sign the thank you letter.
> > http://www.gnu.org/thankpoland.html
> 
> Pretty cool!  Would be sooo nice if we could see more of the sanity of
> this kind of thing stateside... (/me wonders how much money is
> absolutely wasted in the US in the obligatory patent wars?)
> 
> (BTW- my corp. just patented a thing called the 'User Group' if anyone
> is interested, I'm in the process of setting up licensing right now...
> Also patented a thing we're calling 'dmesg online' as well as a thing
> called 'swapd'. ;)
> 
> Rocket-
> .ike
> 
> 
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
> 
> 
> 


-- 
Rodrique Heron
Independent Network Consultant
(MS Window's Flavors, FreeBSD, Fedora)
---------------------------------------
pH:718-255-5876




More information about the talk mailing list