On Tue, 2011-11-29 at 15:36 +0200, Mark Elkins wrote: > When does 'EDNS' get brought into the picture? > A 'dig' with '+dnssec' works just fine (more than 512 bytes over udp) - > but a dig without '+dnssec' and actually asking for the 'dnskey' records > for a domain - which is over 512 bytes - does a "Truncated, retrying in > TCP Mode" on me - even when asking "localhost".
Thanks for the private replies... All this comes about as I had the expectation that DIG would run in a similar way to any other 'dns lookup' - which it currently doesn't. Neither does it have any form of config file. So adding '+dnssec' obviously adds the '+edns=0' switch. I'm told that in a future software release that '+edns=0' will be default behaviour - that sounds like a reasonable thing to do. -- . . ___. .__ Posix Systems - (South) Africa /| /| / /__ m...@posix.co.za - Mark J Elkins, Cisco CCIE / |/ |ARK \_/ /__ LKINS Tel: +27 12 807 0590 Cell: +27 82 601 0496
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users