On Tue, 2011-11-29 at 15:36 +0200, Mark Elkins wrote:
> When does 'EDNS' get brought into the picture?
> A 'dig' with '+dnssec' works just fine (more than 512 bytes over udp) -
> but a dig without '+dnssec' and actually asking for the 'dnskey' records
> for a domain - which is over 512 bytes - does a "Truncated, retrying in
> TCP Mode" on me - even when asking "localhost".

Thanks for the private replies...

All this comes about as I had the expectation that DIG would run in a
similar way to any other 'dns lookup' - which it currently doesn't.
Neither does it have any form of config file. So adding '+dnssec'
obviously adds the '+edns=0' switch. I'm told that in a future software
release that '+edns=0' will be default behaviour - that sounds like a
reasonable thing to do.
-- 
  .  .     ___. .__      Posix Systems - (South) Africa
 /| /|       / /__       m...@posix.co.za  -  Mark J Elkins, Cisco CCIE
/ |/ |ARK \_/ /__ LKINS  Tel: +27 12 807 0590  Cell: +27 82 601 0496

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to