Our main recursive nameservers are running BIND 9.6.1-P1 and are using DNSSEC validation via dlv.isc.org.
We had a report this morning that names under cern.ch were failing to resolve. I suspect that these were SERVFAILs, although unfortunately the situation had corrected itself by the time I was able to look at it. It is maybe not coincidental that a (perfectly correct) DLV record for ch.dlv.isc.org appeared today. Does 9.6.1-P1 have known problems with insecure->secure transitions of this sort? (I seem to recall similar problems being reported with substantially earlier versions.) -- Chris Thompson Email: c...@cam.ac.uk _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users