Because it isn't all about udp size. Sending a OPT signals that the client
supports EDNS. Also if you want DNSSEC you send the do with EDNS.
--
Mark Andrews
> On 17 Sep 2017, at 16:10, Harshith Mulky wrote:
>
> Am 15.09.2017 um 09:37 schrieb Harshith Mulky:
> > Hello Experts,
> >
> > I had
Am 15.09.2017 um 09:37 schrieb Harshith Mulky:
> Hello Experts,
>
> I had a query on advertising the payload size on client in DNS Responses
> over UDP/TCP
>
>
> This is as much I have understood from RFC 6891, that a
> requester(client) can address his capabilities to restrict the UDP
> Payload si
Maybe he has no say in what ISP is used, and they have draconian policies...
On Sat, 16 Sep 2017 19:48:51 +0200
Matus UHLAR - fantomas wrote:
> . . .
> >Note:1.2.3.4 is not what they really return . I've changed it for
> >privacy .
>
> why? it's your ISP, there's no need to hide IP they send t
On 14/09/2017 16:55, Tony Finch wrote:
> Mark Elkins wrote:
>
>> With BIND version 9.12 coming out - I'm wondering if I've missed any
>> announcements on some form of Automatic (DNS)Key Management?
>> Something that will create and retire keys according to some sort of policy.
> See dnssec-keymg
On 16.09.17 07:01, Omid Kosari via bind-users wrote:
2nd scenario is mine . Upstream manipulated everything on 53 tcp/udp . Even
if i query a non-existent dns-server it returns result ;)
Note:1.2.3.4 is not what they really return . I've changed it for privacy .
why? it's your ISP, there's n
On Sat, Sep 16, 2017 at 10:50:14AM +, Alberto Colosi wrote:
> even on hotel . why not to use a BIND on unix or window
> on ur box u r using ?
>
> it is so easy
Ugh, this is a mailing list, please use real words and not TXT
messaging / chat abbreviations. Thank you.
No, it is not ea
On Sat, Sep 16, 2017 at 03:18:57AM -0700,
Omid Kosari via bind-users wrote:
> This is my first post to this mailing list .
And it's a classic example of "XY question": "I want to do X, and I
think Y will do it, so I ask how to do Y, although people more
familiar with the subject matter think
On 16-09-2017 16.01, Omid Kosari via bind-users wrote:
> 2nd scenario is mine . Upstream manipulated everything on 53 tcp/udp . Even
> if i query a non-existent dns-server it returns result ;)
>
> C:\WINDOWS\system32>nslookup newsroom.fb.com 8.8.8.254
> Server: UnKnown
> Address: 8.8.8.254
>
>
2nd scenario is mine . Upstream manipulated everything on 53 tcp/udp . Even
if i query a non-existent dns-server it returns result ;)
C:\WINDOWS\system32>nslookup newsroom.fb.com 8.8.8.254
Server: UnKnown
Address: 8.8.8.254
Non-authoritative answer:
Name:newsroom.fb.com
Addresses: 1.2.3.4
Am 16.09.2017 um 15:12 schrieb Sten Carlsen:
On 16-09-2017 14.56, Matus UHLAR - fantomas wrote:
On 16.09.17 04:19, Omid Kosari via bind-users wrote:
Actually my situation is a bit strange . But as explanation i can say
that
our upstream provider do dns manipulation on normal ports 53 tcp/ud
On 16-09-2017 14.56, Matus UHLAR - fantomas wrote:
> On 16.09.17 04:19, Omid Kosari via bind-users wrote:
>> Actually my situation is a bit strange . But as explanation i can say
>> that
>> our upstream provider do dns manipulation on normal ports 53 tcp/udp
>> (please
>> don't ask why). We may n
On 16.09.17 04:19, Omid Kosari via bind-users wrote:
Actually my situation is a bit strange . But as explanation i can say that
our upstream provider do dns manipulation on normal ports 53 tcp/udp (please
don't ask why). We may not use vpn or tunnels . The only way is using
alternate ports as for
Am 16.09.2017 um 14:26 schrieb Alberto Colosi:
your answer to "Actually my situation is a bit strange . But as
explanation i can say that our upstream provider do dns manipulation on
normal ports 53 tcp/udp" coming with "port 53 is only open directed to
forwarders" and "I think u should read
>your answer to "Actually my situation is a bit strange . But as
>explanation i can say that our upstream provider do dns manipulation on
>normal ports 53 tcp/udp" coming with "port 53 is only open directed to
>forwarders" and "I think u should read how DNS works, TLD and so on
>simply drop forwar
Am 16.09.2017 um 13:30 schrieb Alberto Colosi:
I read so well your answer and wasn't an answer to you
in all case , who said I can't use port 53 if blocked ?
😲 are many ways without a VPN that usually is a paid
service or a company service for who have it.
In
I asked a technical question . Please answer technically if you know the
answer . Else your answer just take others time .
Thanks inn advance
--
Sent from: http://bind-users-forum.2342410.n4.nabble.com/
___
Please visit https://lists.isc.org/mailman/
port 53 is only open directed to forwarders
as I read , you think to use different forwarders so , port 53 should be open
to all IP , right ?
I think u should read how DNS works, TLD and so on
simply drop forwarders only use TLD
From: bind-us
I read so well your answer and wasn't an answer to you
in all case ,who said I can't use port 53 if blocked ? 😲
are many ways without a VPN that usually is a paid service or a company
service for who have it.
In all case even VPN even 443 is open, can be dropped
Am 16.09.2017 um 13:19 schrieb Omid Kosari via bind-users:
Wow . I love active community .
Actually my situation is a bit strange . But as explanation i can say that
our upstream provider do dns manipulation on normal ports 53 tcp/udp (please
don't ask why). We may not use vpn or tunnels . The
Wow . I love active community .
Actually my situation is a bit strange . But as explanation i can say that
our upstream provider do dns manipulation on normal ports 53 tcp/udp (please
don't ask why). We may not use vpn or tunnels . The only way is using
alternate ports as forwarders.
But i can no
Am 16.09.2017 um 12:50 schrieb Alberto Colosi:
even on hotel . why not to use a BIND on unix or window on ur
box u r using ?
did you read what i repsoned and too and did you try to understand my
answer?
a default bind with recursion won't work when it can't connect to the
world in
even on hotel . why not to use a BIND on unix or window on ur box u r
using ?
it is so easy
From: bind-users on behalf of Reindl Harald
Sent: Saturday, September 16, 2017 12:46 PM
To: bind-users@lists.isc.org
Subject: Re: Different forwarder for cer
is really normal ! I have seen even with DNS from VODAFONE or COLT-TELECOM ,
ALBACOM / BT.COM and so on. I used more but all here have some that give some
trouble. Telecom Italia / TIM so to say are good.
not all are good or fast updating (not depending on TTL)
At work as ITC Engineer I have
Am 16.09.2017 um 12:32 schrieb Matus UHLAR - fantomas:
1. who runs DNS servers on port 443?
likely people which where bitten by hotel access points where 53 is
catched to a internal nameserver and outgoing only 80/443 are possible,
the same reason many people have a VPN server on 443
_
On 16.09.17 03:18, Omid Kosari via bind-users wrote:
I have a caching bind dns server with forwarders like this .
forwarders {
8.8.8.8;
8.8.4.4;
};
why do you use forwarders? You rarely need that - not when you have acess to
the nameservers on internet.
BIND can do very well without
Hello,
This is my first post to this mailing list .
I have a caching bind dns server with forwarders like this .
forwarders {
8.8.8.8;
8.8.4.4;
};
I want to use another forwarders if the response of the query is for example
1.2.3.4
I've found that rpz-ip is what i want but i was
26 matches
Mail list logo
