On 8/18/20 5:55 PM, Mark Andrews wrote:
> If you are getting RST responses check your firewall settings. RST is often
> forged
> when TCP is blocked. The root servers normally accept TCP connections.
>
> % dig +tcp gmail.com @a.root-servers.net +dnssec
Bingo. This query failed before adding a
Named will try TCP when the server returns TC=1 (TrunCated) in the UDP response.
If you are getting RST responses check your firewall settings. RST is often
forged
when TCP is blocked. The root servers normally accept TCP connections.
% dig +tcp gmail.com @a.root-servers.net +dnssec
; <<>> Di
bind 9.11.5.P4 on Debian 10
Greetings. I recently had to migrate a nameserver from FreeBSD to
Debian. It works fine most of the time but I've noticed a few
intermittent resolution failures.
After "gmail.com" failed to resolve I took a packet capture using
tcpdump to listen to the result of the co
3 matches
Mail list logo