Hello,
I've looked at the messages with Wireshark and found the DNS portions are
byte-identical (other than transaction id). Everything else looks similar
other than source IP. Not sure where to go from here.
Thanks,
Aaron
On Mon, Jul 11, 2016 at 3:43 PM Albert ARIBAUD
wrote:
> Hi again Aaron
On 11-7-2016 23:08, Simon Kelley wrote:
I just tried all those domains using 2.76 and 8.8.8.8 upstream and all
behaved correctly. 194.109.9.99 won't talk to me, so I can't try that.
The upstream is clearly answering the direct question OK, but the
stalling of some of the DNSSEC queries needed to
Hi again Aaron,
Le Mon, 11 Jul 2016 21:53:21 +
Aaron Germuth a écrit:
> Hey Albert,
>
> Thanks for the reply and sorry about that. The dig command used is
>
> dig @100.108.108.176 b.local.example.com A.
>
> 100.108.108.176 is the IP of my dns server. This dns server has an
> entry in /etc
Hey Albert,
Thanks for the reply and sorry about that. The dig command used is
dig @100.108.108.176 b.local.example.com A.
100.108.108.176 is the IP of my dns server. This dns server has an entry in
/etc/hosts mapping
b.local.example.com -> 1.2.3.50.
My domain 'example.com' has a RR:
local.exam
Hi Aaron,
Le Mon, 11 Jul 2016 20:20:56 +
Aaron Germuth a écrit:
> Hey guys,
>
> I'm trying to run my own dnsmasq instance on a computer. I want it to
> be authoritative for my domain (local.example.com). However I am
> getting different results for the same query from different computers.
>
On 10/07/16 09:21, Marcel Mutter wrote:
> I have enabled a few weeks ago DNSSEC and all seems to be working.
> Yesterday I wanted to visit Mozilla.org and nothing happened. I see in
> that the request is being sent to the upstream nameserver however
> nothing is displayed by dnsmasq as response, I
Hey guys,
I'm trying to run my own dnsmasq instance on a computer. I want it to be
authoritative for my domain (local.example.com). However I am getting
different results for the same query from different computers.
dig @100.108.108.176 b.local.example.com. A
When I run this from the dns server
Ah yes, I see the problem. Patch applied. Sorry it took so long :-(
Cheers,
Simon.
On 11/07/16 08:54, Kevin Darbyshire-Bryant wrote:
>
>
> Hi Simon,
>
> Please could you consider the attached patch. It solves a problem that
> using dnssec-timestamp also effectively enabled dnssec-no-timeche
Great stuff. Thanks chasing this. Patch applied.
Cheers,
Simon.
On 11/07/16 13:17, Ivan Kokshaysky wrote:
> Hi Simon,
>
> as expected, the second patch works well for us. Please apply.
>
> Ivan.
>
> diff --git a/src/netlink.c b/src/netlink.c
> index 049247b..8cd51af 100644
> --- a/src/netl
Hi Simon,
as expected, the second patch works well for us. Please apply.
Ivan.
diff --git a/src/netlink.c b/src/netlink.c
index 049247b..8cd51af 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -188,11 +188,17 @@ int iface_enumerate(int family, void *parm, int
(*callback)())
}
Hi Simon,
Please could you consider the attached patch. It solves a problem that
using dnssec-timestamp also effectively enabled dnssec-no-timecheck.
The result of which is that an unfortunately timed SIGHUP could
accidentally enable dnssec timestamp checking. In combination with
dnssec-check
11 matches
Mail list logo