On 9/19/17 8:15 AM, [email protected] wrote: > My original question was does my > modem have such a cache. Now is seems your answer is No, it does not. Do I > understand you correctly? > > Harpreet 12:11 PM yes, you are Because I obsess about stuff like facts and truth.
First, did you talk to an "XFINITY Domain Name System expert." at https://dns.xfinity.com/ ?!?!?! (All sarcasm & snarkiness fully intended) Second, it appears both Comcast & Google do DNNSEC validation. Third, this seems to be a pretty good too that I found on that xfinity dns web page. "DNSViz is a tool for visualizing the status of a DNS zone. It was designed as a resource for understanding and troubleshooting deployment of the DNS Security Extensions (DNSSEC). It provides a visual analysis of the DNSSEC authentication chain for a domain name and its resolution path in the DNS namespace, and it lists configuration errors detected by the tool." http://dnsviz.net/ It's non-SSL, so if you're having problems with browsing to SSL based web sites again, try to go here and plug in the domain you're having problems with. You may not understand the DNSKEY errors, as neither do I, but if you see things in highlighted in red, and red triangles w. exclamation points, e.g. http://dnsviz.net/d/quacktopia.com/WVmoCg/dnssec/ , you have a useful data point that a particular domain zone file has an error and/or be compromised. _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
