In message <523080dd.6010...@restena.lu>, Gilles Massen writes:
> Hi,
>
> Do you know if Bind with auto-dnssec maintain + inline-signing is
> supposed to work with a single key (i.e. not a KSK + ZSK)?
>
> I'm seeing weird things (multiple RRSIGs when enabling NSEC3) so I'd
> like to know if thes
In article ,
Brian Cuttler wrote:
> Cross posting to both Amanda users and bind users lists.
>
> We have remapped some of our DNS clients to point to another
> DNS resolver, one that we do not control, but that has "forwarder"
> records in place to point our domain's address resolution requests
On Wed, Sep 11, 2013 at 12:24 PM, Maria Iano wrote:
>
> What does it mean when the edns0 response to a dig says the overall packet
> size will be one value but the message size reported is different. For
> example in this reponse the OPT PSEUDOSECTION says udp: 4096 but at the end
> it says MSG
On 11 Sep 2013, at 17:24, Maria Iano wrote:
> What does it mean when the edns0 response to a dig says the overall packet
> size will be one value
Not "will be one value" but "can be no more than that value".
> but the message size reported is different.
That's the actual size
On Wed, Sep 11, 2013 at 04:40:29PM +0200, Gilles Massen wrote:
> Do you know if Bind with auto-dnssec maintain + inline-signing is
> supposed to work with a single key (i.e. not a KSK + ZSK)?
Yes, it's supposed to work, but I don't think we've tested it
much. If you find problems, please report to
What does it mean when the edns0 response to a dig says the overall packet size
will be one value but the message size reported is different. For example in
this reponse the OPT PSEUDOSECTION says udp: 4096 but at the end it says MSG
SIZE rcvd: 275.
$ dig www.google.com
; <<>> DiG 9.9.3-P2-gc
Cross posting to both Amanda users and bind users lists.
We have remapped some of our DNS clients to point to another
DNS resolver, one that we do not control, but that has "forwarder"
records in place to point our domain's address resolution requests
back to an authoritative server in our domain
Hi,
Do you know if Bind with auto-dnssec maintain + inline-signing is
supposed to work with a single key (i.e. not a KSK + ZSK)?
I'm seeing weird things (multiple RRSIGs when enabling NSEC3) so I'd
like to know if these are likely to be bugs or if I'm in unchartered
territory...
Gilles
--
Fond
8 matches
Mail list logo
