Troubleshooting slow DNS lookup
Matus UHLAR - fantomas
uhlar at fantomas.sk
Wed Dec 8 08:09:45 UTC 2010
> > Standards Track.
> > RFC 2671 Extension Mechanisms for DNS (EDNS0)
> > RFC 3226 DNSSEC and IPv6 A6 aware server/resolver message size requirements
>
> Unfortunately RFC is not considered as good enough ... unless if we
> can find an actual proof that can be replicated :(
disable dnssec then. If the RFC above is not good enough, DNSSEC isn't as
well. Maybe you will be able to disable some other standards newer than 10
years (2671 is from August 1999) that will make them change their minds.
> > dig +dnssec dnskey .
On 08.12.10 17:51, Rianto Wahyudi wrote:
> This for some reason .... works without any problem :
Check carefully again, if the answer did not start with:
;; Truncated, retrying in TCP mode.
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> +dnssec dnskey .
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64905
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 14
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 512
> ;; QUESTION SECTION:
> ;. IN DNSKEY
[...]
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Due to unexpected conditions Windows 2000 will be released
in first quarter of year 1901
More information about the bind-users
mailing list