Feature request for dig
Mark K. Pettit
pettit at yahoo-inc.com
Thu Mar 8 02:39:31 UTC 2012
On Mar 7, 2012, at 6:23 PM, Mark Andrews wrote:
> Compile in +sigchase support and give it a root key.
Evan Hunt told us (regarding +sigchase) "in its current state it's terrible and you really shouldn't use it."
I'm not sure who to believe.
> TCP has *never* been optional for DNS. Unfortunately there are lots
> of myths out there and your firewall administrators listened to them.
I didn't ask about TCP. I am very aware of the various firewall holes that need to be open for DNS to work. My firewall administrator is too.
In this case it was inadvertently left out of our firewall, and was quickly fixed once identified.
The issue in this case was that *identifying* it with dig was very difficult.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120307/903928e1/attachment.html>
More information about the bind-users
mailing list