That's what makes this whole discussion so much fun. There don't seem
to be any yes/no answers.
Based on my reading yesterday and consistent with our findings here it
seems the most likely issue is somewhere in the network path rather than
the name server itself. You should check your internal
r
The point in my "anecdote" and the quote from the test was to say that
you do NOT need to set the value if you're getting something within 300
bytes of the advertised value. You are as I was so do not need to set
it.
It may be the person that suggested setting it was under the
misapprehension th
the only working solution for me was to configure inside ns.cr.test.com
a slave zone
for domain test.com. I wanted to avoid this but it is the only working
solution
thanks
Barry Margolin wrote:
In article ,
Gregory Hicks wrote:
Date: Mon, 03 May 2010 17:37:46 +0200
From: fddi
To: Bin
2010/5/4 Mark Andrews :
>
> In message ,
> Je
> ff Pang writes:
>>
>> Does this mean our ISP's filrewall block EDNS query/response?
>
Thanks Mark.
Firstly I was very afraid DNSSEC deployment for root DNS will affect
our DNS application (we are a mobile email provider in China), but now
it seems
In message , Li
nux Addict writes:
>
> Hello Binders! I run bind 9.5.0-P2, but I cant seem to get more than
> 512bytes. Any ideas? I read the Admin Guide which says default edns udp
> size is 4096bytes. Should I change the edns udp size on
> named.conf explicitly?
No. You should fix whatever
On Tue, May 04, 2010 at 10:27:25AM -0400,
Linux Addict wrote
a message of 89 lines which said:
> lacks EDNS, defaults to 512"
> DNS reply size limit is at least 490"
> "Tested at 2010-05-04 14:21:02 UTC"
You edited the responses (which includes an IP address). Is it the IP
address of your res
On Tue, May 4, 2010 at 10:43 AM, Stephane Bortzmeyer wrote:
> On Tue, May 04, 2010 at 10:27:25AM -0400,
> Linux Addict wrote
> a message of 89 lines which said:
>
> > lacks EDNS, defaults to 512"
> > DNS reply size limit is at least 490"
> > "Tested at 2010-05-04 14:21:02 UTC"
>
> You edited th
Has anybody else seen this before?
I operate a large distributed farm of DNS caching resolvers
for my customers, with many public addresses and behind SLB.
Recently I began seeing a large number of malformed queries
coming from a handful of machines in Europe, targeting
one particular public res
On Tue, May 04, 2010 at 11:01:24AM -0400,
Linux Addict wrote
a message of 94 lines which said:
> One information I neglected to mention is bind forwards to a tinydns
> appliance
>
> So what are my options now?
1) Drop this piece of crap
2) Do nothing
> Will the internet work for me tomorr
> It may be the person that suggested setting it was under the
> misapprehension that the two values would be the same but the quote from
> the Java testing tool made it clear that is NOT the case.
I think this is it exactly. But someone in the thread seemed pretty certain
that we needed to set
Hi,
could you please explain me, how to create DS and DLV records into my zone.
Thanks & Regards,
Ramesh
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
In message , ram
s writes:
>
> Hi,
> could you please explain me, how to create DS and DLV records into my zone.
>
> Thanks & Regards,
> Ramesh
Firstly DS and DLV records go into the parent and dlv zones respectively.
dnssec-signzone will produce them when you sign your zone.
dnssec-dsfromkey w
> dnssec-signzone will produce them when you sign your zone.
Note, by default it only creates the DS records. To make the DLV records
you have to add a -l argument, such as "-l dlv.isc.org." The records get
parked in a file called either dsset- or dlvset-.
> dnssec-dsfromkey will produce produc
13 matches
Mail list logo
