Re: [Dnsmasq-discuss] dnssec queries with --bogus-priv

[Simon Kelley]

Hi Kevin,


Can you include the context of these lines?


When I query x.y.168.192.in-addr-arpa without --bogus-priv I get
SERVFAIL, because Google public DNS returns an unsigned reply to

dnssec-query[DS] 168.192.in-addr.arpa

but with --bogus-priv I get a local answer which never gets validated,
as I'd expect.


Cheers,

Simon.


On 15/05/18 16:35, Kevin Darbyshire-Bryant wrote:
> Here’s another one of those innocent questions caused by looking at a logfile 
> :-)
> 
> I have ‘—bogus-priv’ set so in theory I’m not going to ask upstream questions 
> about RFC1918 addresses, which I don’t, except I see these….
> 
> dnssec-query[DS] 10.in-addr.arpa to 8.8.8.8
> dnssec-query[DS] 168.192.in-addr.arpa to 8.8.8.8
> 
> You get the idea.
> 
> So, should I?
> 
> 
> Cheers,
> 
> Kevin D-B
> 
> 012C ACB2 28C6 C53E 9775  9123 B3A2 389B 9DE2 334A
> 
> 
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 




signature.asc
Description: OpenPGP digital signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] dnssec queries with --bogus-priv

[Kevin Darbyshire-Bryant]

Here’s another one of those innocent questions caused by looking at a logfile 
:-)

I have ‘—bogus-priv’ set so in theory I’m not going to ask upstream questions 
about RFC1918 addresses, which I don’t, except I see these….

dnssec-query[DS] 10.in-addr.arpa to 8.8.8.8
dnssec-query[DS] 168.192.in-addr.arpa to 8.8.8.8

You get the idea.

So, should I?


Cheers,

Kevin D-B

012C ACB2 28C6 C53E 9775  9123 B3A2 389B 9DE2 334A



signature.asc
Description: Message signed with OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss