DNS64 doesn't work like that.
If you are having problems connecting over IPv6 contact your service
provider. Facebook treats IPv6 as a production service and will
deal with connectivity issues.
If you want to force browsers to use IPv4 then send back RST to the
connection attempts to reach the
Hello, All.
Many clients queries to IPv6(IN/) domain.
But IPv6 network is so far, then slow then IPv4 network.
I want to forced dns64 for special domain.
Example, 'm.facebook.com' IN/ address is
'2a03:2880:f115:83:face:b00c:0:25de'.
But I don't want to use IPv6 address. So I want to use
On Mon, Oct 10, 2016 at 7:51 AM, Sebastian Wiesinger
wrote:
>
> http://dnsviz.net/d/blau.beer/V_tTtQ/dnssec/
>
> After the DS TTL expired I removed the old DS, so the zone now looks
> like this:
>
> http://dnsviz.net/d/blau.beer/V_t2Hg/dnssec/
>
TBH, the prior one looks cooler than the later.
-J
* Tony Finch [2016-10-10 12:36]:
> I thought the algorithm rollover process is required to be: introduce new
> ZSK and KSK and sign the zone; wait for old records to expire; flip the DS
> from old to new; wait for old DS to expire; delete old ZSK and KSK and
> RRSIGs. A double-DS algorithm rollove
Mark Andrews wrote:
> Sebastian Wiesinger wrote:
> >
> > Thank you for explaining this for me. I was reading RFC6781, which I
> > now realize is probably outdated in this regard so I was a bit
> > confused.
RFC 7583 (DNSSEC Key Rollover Timing) is also worth reading.
> > > Once named has comple
5 matches
Mail list logo