problem with ixfr
Carl Byington
carl at five-ten-sg.com
Sun Jun 4 16:37:19 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 02 Jun 2006 23:23:50 -0400, Kevin Darcy wrote:
> It should look somewhat similar. The only potential difference that comes
> to mind immediately is the use/non-use of EDNS0 and/or the EDNS0 buffer
> size that is negotiated between the master and slave. Potentially that
> might result in a different packet size, one that might be more likely to
> be dropped/truncated/corrupted by intermediary firewalls, routers or
> other
> network devices. You could try turning off EDNS0 completely in respective
> "server" statements, to see if that has any effect on the behavior.
The firewall near ns.five-ten-sg.com does not report blocking anything
from ns1, and the same for the firewall near ns1.
I added:
server 205.147.60.192 { edns no; };
server 205.147.40.34 { edns no; };
in the view containing these zones, and 'rndc reconfig' to make that take
effect. ns1 still does AXFR only. Next time I update these, I will run
tcpdump on both sides.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFEgwwvL6j7milTFsERAse4AJ4tQGsQuJJl/sNzgSzp3r0u4p3aTgCePFC6
um5Qh6U7mm14N7b6SfP2ihM=
=XLE+
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list