On Fri, May 07, 2010 at 09:02:13AM +0100, Matthew Seaman wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 06/05/2010 21:40:02, Jonathan Chen wrote: > > > I've got a small DNS server on my home network, and ever since May 6, > > 2010 (co-incidentally DNSSEC root sign day), lookups on freebsd.org have > > started failing. eg: > > Uh, the DURZ was installed on j.root; the last one of the root servers > to get it. Besides, .org was DNSSEC signed way back in June 2009. That > is not causing your problem here. >
Hmm, I ran across an DNSSEC article in The Register, which lead me to: http://labs.ripe.net/content/testing-your-resolver-dns-reply-size-issues Working thru' it, I tweaked my named.conf's edns-udp-size option and it started working again. So it looks like it was related to the final set of root servers being enabled. Cheers. -- Jonathan Chen <j...@chen.org.nz> ---------------------------------------------------------------------- When all else fails, RTFM _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"