[dns-operations] Maximum TTL limits on public resolvers
Hi all, While doing some checks on records in my zones I noticed that two public resolvers limit maximum TTL values. Google Public DNS limits to six hours and Quad9 limits to twelve hours. I tested this with a freshly created A record to forgo the possibility of caching. The actual TTL of the record at the authoritative servers is twenty four hours. What is the technical or other reason(s) for such TTL limiting? -- Sadiq Saif https://sadiqsaif.com ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] [meta] some emails on this list being sent out as EML attachments
On Thu, 2 Apr 2020, at 18:40, Grant Taylor via dns-operations wrote: > It's how the dns-operations mailing list is configured to deal with >DMARC protected domains. > >Rather than alter the message as it passes through the mailing list, the >dns-operations list operators have chosen to have Mailman attach the >original message as an RFC standard eml message. > >I expect that my reply will behave this way. Ah, I see, thank you for the explanation! -- Sadiq Saif https://sadiqsaif.com/ ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
[dns-operations] [meta] some emails on this list being sent out as EML attachments
Hi all, Some messages to this list are sent out as EML attachments instead of the text being in the body of the email. It appears to be messages that have the sender name with "via dns-operations" suffixed. Can someone tell me what causes this? I've been on Mailman based mailing lists for a while and I've not seen this particular behaviour in so far as I can recall. -- Sadiq Saif https://sadiqsaif.com/ ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
[dns-operations] Fwd: [nznog] DNSSEC validation at Spark NZ
Forwarded Message Subject: [nznog] DNSSEC validation at Spark NZ Date: Tue, 10 Mar 2015 11:45:27 +1300 From: Sebastian Castro sebast...@nzrs.net.nz Organization: .nz Registry Services To: nz...@list.waikato.ac.nz nz...@list.waikato.ac.nz Hi: We'd like to share a short technical blog post from NZRS about Spark NZ enabling DNSSEC validation for part of their customers. In brief, DNSSEC related traffic coming from Spark NZ resolvers suffered a massive increase back on Dec 16th, Spark NZ also added new DNS backends for their service, and they are using load balancing to share the load. The article https://nzrs.net.nz/content/dnssec-validation-spark-nz Feedback and questions are welcomed! Cheers, -- Sebastian Castro Technical Research Manager NZRS Ltd. desk: +64 4 495 2337 mobile: +64 21 400535 ___ NZNOG mailing list nz...@list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
[dns-operations] Fwd: BIND DNSSEC Guide
FYI. Forwarded Message Subject: BIND DNSSEC Guide Date: Wed, 4 Mar 2015 07:04:04 -0600 (CST) From: Jeremy C. Reed jr...@isc.org To: bind-annou...@lists.isc.org ISC has new documentation introducing DNSSEC, configuring BIND for common DNSSEC features, and basic DNSSEC troubleshooting. ISC's BIND DNSSEC Guide, co-written with DeepDive Networking, covers DNSSEC requirements, setting up a validating resolver, maintaining signed authoritative zones, and analyzing DNSSEC-related problems (including using ISC's delv tool). It provides several step-by-step examples of DNSSEC solutions and answers frequently asked questions about DNSSEC. The BIND DNSSEC Guide is freely available in HTML and PDF formats: http://users.isc.org/~jreed/dnssec-guide/dnssec-guide.html http://users.isc.org/~jreed/dnssec-guide/dnssec-guide.pdf We would appreciate your feedback for this open source documentation. The docbook source for the guide is at GitHub and you may use GitHub to submit feedback or improvements: https://github.com/isc-projects/isc-dnssec-guide/ Or you may email our bind9-bugs@ ISC ticket tracker with your suggestions. ___ bind-announce mailing list bind-annou...@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-announce ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Mozilla Firefox and ANY queries
On 3/2/2015 07:11, KLaM Postmaster wrote: Did I miss something? But nobody is asking the fundamental question, why do they need this info in the first place? Here’s some background: The goal was to get accurate TTLs for DNS records to improve accuracy for hostname-to-IP resolution. This was added in Bug 820391, and enabled in Bug 1084645. It is only enabled for Windows currently. -- Sadiq Saif https://staticsafe.ca ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Mozilla Firefox and ANY queries
On 2/27/2015 00:02, Sadiq Saif wrote: Hi all, For those not following the bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1093983#c14 The comment explains everything about why it is implemented that way. -- Sadiq Saif https://staticsafe.ca ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
[dns-operations] Mozilla Firefox and ANY queries
Hi all, Checking local resolver logs and am seeing a large amount of ANY queries originating from Firefox, is anybody else seeing such behavior? Firefox version 36.0 on Windows 8.1 Local resolver is Unbound 1.4.22. Feb 27 04:57:54 unbound[1405:1] info: 10.0.0.100 googlemail.l.google.com. ANY IN Feb 27 04:57:54 unbound[1405:2] info: 10.0.0.100 googlemail.l.google.com. ANY IN Feb 27 04:58:05 unbound[1405:0] info: 10.0.0.100 clients.l.google.com. ANY IN Feb 27 04:58:05 unbound[1405:2] info: 10.0.0.100 googlemail.l.google.com. ANY IN Feb 27 04:58:15 unbound[1405:1] info: 10.0.0.100 googlemail.l.google.com. ANY IN Amongst others. -- Sadiq Saif https://staticsafe.ca ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs