DLV dnssec setup
Mark Andrews
marka at isc.org
Thu Jul 10 23:32:51 UTC 2014
In message <CALm7FAcLUvwF5Jq1JCXxqw6LpzzqT4MTb-BHXu0syNjHGcxMEw at mail.gmail.com>
, Wolfgang Rosenauer writes:
> ok, sorry for the confusion but I think what's more relevant is that
>
> s15418965:~ # dig @127.0.0.1 +short rs.dns-oarc.net txt
> rst.x3827.rs.dns-oarc.net.
> rst.x3837.x3827.rs.dns-oarc.net.
> rst.x3843.x3837.x3827.rs.dns-oarc.net.
> "87.106.30.170 DNS reply size limit is at least 3843 bytes"
> "87.106.30.170 sent EDNS buffer size 4096"
>
> This is what I get when I turn off DNSSEC and ask the server I'm
> trying to set up.
> When I enable DNSSEC again there is no response at all. So please tell
> me if that still is is a problem.
>
>
> Thanks,
> Wolfgang
Then all of the following should succeed. Please let the
list know how you go.
dig soa . @198.41.0.4 +norec
dig soa . @198.41.0.4 +dnssec +norec
dig dnskey . @198.41.0.4 +dnssec +norec
dig ds com @198.41.0.4 +dnssec +norec
dig com @198.41.0.4 +dnssec +norec
dig soa . @198.41.0.4 +tcp +norec
dig soa . @198.41.0.4 +dnssec +tcp +norec
dig dnskey . @198.41.0.4 +dnssec +tcp +norec
dig ds com @198.41.0.4 +dnssec +tcp +norec
dig com @198.41.0.4 +dnssec +tcp +norec
dig dnskey org +dnssec @199.19.56.1 +ignore +norec
dig dnskey org +dnssec @199.19.56.1 +tcp +norec
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list