Algorithm 'When to use EDNS0'?
Mark Elkins
mje at posix.co.za
Wed Nov 30 21:39:11 UTC 2011
On Tue, 2011-11-29 at 15:36 +0200, Mark Elkins wrote:
> When does 'EDNS' get brought into the picture?
> A 'dig' with '+dnssec' works just fine (more than 512 bytes over udp) -
> but a dig without '+dnssec' and actually asking for the 'dnskey' records
> for a domain - which is over 512 bytes - does a "Truncated, retrying in
> TCP Mode" on me - even when asking "localhost".
Thanks for the private replies...
All this comes about as I had the expectation that DIG would run in a
similar way to any other 'dns lookup' - which it currently doesn't.
Neither does it have any form of config file. So adding '+dnssec'
obviously adds the '+edns=0' switch. I'm told that in a future software
release that '+edns=0' will be default behaviour - that sounds like a
reasonable thing to do.
--
. . ___. .__ Posix Systems - (South) Africa
/| /| / /__ mje at posix.co.za - Mark J Elkins, Cisco CCIE
/ |/ |ARK \_/ /__ LKINS Tel: +27 12 807 0590 Cell: +27 82 601 0496
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4007 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20111130/2afa86a7/attachment.bin>
More information about the bind-users
mailing list