Our main recursive nameservers are running BIND 9.6.1-P1 and are using
DNSSEC validation via dlv.isc.org.

We had a report this morning that names under cern.ch were failing to
resolve. I suspect that these were SERVFAILs, although unfortunately
the situation had corrected itself by the time I was able to look at it.

It is maybe not coincidental that a (perfectly correct) DLV record for
ch.dlv.isc.org appeared today. Does 9.6.1-P1 have known problems with
insecure->secure transitions of this sort? (I seem to recall similar
problems being reported with substantially earlier versions.)

--
Chris Thompson
Email: c...@cam.ac.uk
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to