Re: how can i recognize dnssec servers

2012-04-25 Thread Paul Wouters
On Wed, 25 Apr 2012, William SAMEN wrote: Hi, all Bind'ers i'm just trying to write a bash script which allow me to collect a list of zones which are signed with dnssec by giving a file of request in argument. So my problem is that i created my personnal DNS with 3 signed zones when i'm testi

how can i recognize dnssec servers

2012-04-25 Thread William SAMEN
Hi, all Bind'ers i'm just trying to write a bash script which allow me to collect a list of zones which are signed with dnssec by giving a file of request in argument. So my problem is that i created my personnal DNS with 3 signed zones when i'm testing all is good but when i made a dig +dnssec

Re: Don't understand why I get a FORMERR (quad-A - ipv6 related)

2012-04-25 Thread Alan Clegg
On 4/25/2012 10:28 AM, Matus UHLAR - fantomas wrote: >> In message >> >> , Nicolas Michel writes: >>> I only get no answer but a return code of NOERROR. > On 25.04.12 23:53, Mark Andrews wrote: >> The root cause is that the name servers for www.ryanair.com are >> misconfigured. They are returni

Re: Don't understand why I get a FORMERR (quad-A - ipv6 related)

2012-04-25 Thread Matus UHLAR - fantomas
In message , Nicolas Michel writes: I have BIND 9.6-ESV-R5-P1 on SLES 11 SP1 installed and it is working fine. I only have a situation where I don't understand what's happening and why : I try to do a quad-A query to www.ryanair.com (which is doesn't exists, only single A). When trying this wit

Re: Don't understand why I get a FORMERR (quad-A - ipv6 related)

2012-04-25 Thread Nicolas Michel
Thank you for your answers guys! It's much more clear now ;) But the google DNS (8.8.8.8) still return NOERROR for the same query and the same situation. So I wonder what is the "right" behavior (documented in RFC? or maybe that situation is not documented so it is right to the software dev to deci

Re: Don't understand why I get a FORMERR (quad-A - ipv6 related)

2012-04-25 Thread Mark Andrews
The root cause is that the name servers for www.ryanair.com are misconfigured. They are returning answers as if they are configured for ryanair.com (see the SOA record) instead of www.ryanair.com as can be seen below. ; <<>> DiG 9.9.0rc2 <<>> www.ryanair.com @fr27dns.ryanair.com +noedns ;;

RE: SERVFAIL with ocsp.entrust.net.

2012-04-25 Thread Bischof, Ralph F. (MSFC-IS40)[NICS]
Thanks for the help everyone. The query is now coming back with a NOERROR response. Of note, any other query besides A or is still showing SERVFAIL. Thank you, Ralph F. Bischof, Jr. NASA Agency IPAM/DNS/DHCP SAIC/NICS 256-544-3982 > -Original Message- > From: bind-users-bo

Don't understand why I get a FORMERR (quad-A - ipv6 related)

2012-04-25 Thread Nicolas Michel
Hello guys, I have BIND 9.6-ESV-R5-P1 on SLES 11 SP1 installed and it is working fine. I only have a situation where I don't understand what's happening and why : I try to do a quad-A query to www.ryanair.com (which is doesn't exists, only single A). When trying this with "dig" on my BIND server,