No Response to DNSSEC Requests
Curt Sampson
cjs at cynic.net
Tue Aug 21 16:43:07 UTC 2007
On Mon, 16 Apr 2007, Mark Andrews wrote:
> It does respond. I think you should look at your firewall.
> The UDP response will be fragmented (1813 bytes in total).
Well, my firewall, or some router between me and the Internet, is
borked, and simply will not return fragmented UDP responses. Now that
I'm trying to do a key rollover, I'm nailed by this again.
What can I do to fix this? Is there any way to convince my resolving
server to use TCP requests for the DNSSEC domains?
cjs
--
Curt Sampson <cjs at cynic.net> +81 90 7737 2974
http://www.starling-software.com
The power of accurate observation is commonly called cynicism
by those who have not got it. --George Bernard Shaw
More information about the bind-users
mailing list