: michoski micho...@cisco.com
To: Steve Arntzen i...@arntzen.us, bind-users@lists.isc.org
Subject: Re: dnssec question. confused.
On 9/28/11 5:32 AM, Steve Arntzen i...@arntzen.us wrote:
Is your firewall Cisco based?
There is a known default setting in Cisco with respect to
packet size for DNS
-users@lists.isc.org
Subject: dnssec question. confused.
When trying the DNSSEC check command from:
https://www.dns-oarc.net/oarc/services/replysizetest
behind our corporate firewall, I get:
rst.x476.rs.dns-oarc.net.
rst.x485.x476.rs.dns-oarc.net.
rst.x490.x485.x476.rs.dns-oarc.net.
Tested at 2011-09
Is your firewall Cisco based?
There is a known default setting in Cisco with respect to packet size
for DNS. Our network guys run into this anytime they do an upgrade,
etc. and have to go in and update the setting.
Steve.
On Tue, 2011-09-27 at 15:45 -0500, Brad Bendily wrote:
When trying
On 9/28/11 5:32 AM, Steve Arntzen i...@arntzen.us wrote:
Is your firewall Cisco based?
There is a known default setting in Cisco with respect to packet size
for DNS. Our network guys run into this anytime they do an upgrade,
etc. and have to go in and update the setting.
This bit me the
On 9/28/11 5:32 AM, Steve Arntzen i...@arntzen.us wrote:
Is your firewall Cisco based?
Yes. The firewall is Cisco based.
However, the main problem there is, there are several firewalls before
leaving our network and my dept doesn't manage all of them.
There is a known default setting in
When trying the DNSSEC check command from:
https://www.dns-oarc.net/oarc/services/replysizetest
behind our corporate firewall, I get:
rst.x476.rs.dns-oarc.net.
rst.x485.x476.rs.dns-oarc.net.
rst.x490.x485.x476.rs.dns-oarc.net.
Tested at 2011-09-27 20:32:34 UTC
205.172.49.177 sent EDNS buffer
On 09/27/2011 13:45, Brad Bendily wrote:
dig +dnssec eeoc.gov
Try that again with +notcp.
FYI, on a clean network the response I get to that query is 3,918 bytes.
hth,
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth
In message 798e3caf2fcc264481d8f75fb3d0bfd91b538...@mailmbx10.mail.la.gov, Br
ad Bendily writes:
When trying the DNSSEC check command from:
https://www.dns-oarc.net/oarc/services/replysizetest
behind our corporate firewall, I get:
rst.x476.rs.dns-oarc.net.
rst.x485.x476.rs.dns-oarc.net.
8 matches
Mail list logo