Strange BIND 9.4.1-P1 problem
Mark Andrews
Mark_Andrews at isc.org
Wed Aug 15 14:50:11 UTC 2007
> Are we saying that this issue only affects configurations with:
> dnssec-validation yes;
> ...or am I jumping to the wrong conclusion?
>
> Clarification appreciated.
> Thank you.
I'm trying to pin down the cirumstances that trigger this.
To do this I need to know whether "dnssec-validation yes;"
is set in your named.conf or not.
Mark
> Mark Andrews <Mark_Andrews at isc.org> wrote:
>
> > Mark Andrews skrev, on 14-08-2007 02:28:
> >
> > >> [...]
> > >>
> > >>> Upgrade now.
> > >>> When a fix is is available you will need to upgrade again.
> > >>>
> > >>> I do have a question for you.
> > >>> Does this resolver have DNS validation enabled?
> > >> How does a resolver do DNS validation? The MTA (Postfix latest stable)
> > >> on all the sites I administer does DNS validation for each message it
> > >> receives, and if an address isn't valid it gives an smtp 450 - till the
> > >> sending MTA gives up in the end - or adapts. But how does a resolver do
> > >> DNS validation?
> > >
> > > Named has a resolver built into it. It also has a server built into
> > > it. Let me rephrase the question.
> > >
> > > Does named have DNS validation enabled?
> >
> > This is a new one on me. I've looked through the admin doc and grep
> > -i'ed in the doc arm directory and all I can find is DNSsec validation,
> > which I can understand. Nor does Google turn anything up about any DNS
> > validation that I didn't know already.
> >
> > What's meant by "DNS validation" in this context?
>
> dnssec-validation yes;
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
>
>
>
>
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list