fixed...
---
David Hofstee
-Oorspronkelijk bericht-
Van: Yunhong Gu [mailto:g...@google.com]
Verzonden: donderdag 15 november 2012 18:29
Aan: Jay Ford
CC: MailPlus| David Hofstee; nanog@nanog.org
Onderwerp: Re: Dns sometimes fails using Google DNS / automatic dnssec
Hi,
We've been seeing automatic RRSIG records on Google DNS lately, the 8.8.8.8 en
8.8.4.4. They are not always provided. They cause problems for some of our
customers in a weird way I cannot explain. For them these records do not
resolve but I cannot reproduce it.
So when I run dig command
Hi, David
I work at Google Public DNS and will take a look at this issue. No
RRSIG should be returned unless the client set the DO bit to ask for
it.
Thanks
Yunhong
On Thu, Nov 15, 2012 at 9:12 AM, MailPlus| David Hofstee
da...@mailplus.nl wrote:
Hi,
We've been seeing automatic RRSIG records
-
Van: Yunhong Gu [mailto:g...@google.com]
Verzonden: donderdag 15 november 2012 15:47
Aan: MailPlus| David Hofstee
CC: nanog@nanog.org
Onderwerp: Re: Dns sometimes fails using Google DNS / automatic dnssec
Hi, David
I work at Google Public DNS and will take a look at this issue. No
RRSIG should
It looks like if the server has the RRSIG RR, it returns it. For example, a
query with +dnssec will cause it to cache the RRSIG, after which it returns
it even if +dnssec not specified.
Jay Ford, Network Engineering Group,
Hi, we have found the bug that caused this problem. It was introduced
in a very recent release. The fix is on its way.
Thanks very much for the report,
Yunhong
On Thu, Nov 15, 2012 at 12:26 PM, Jay Ford jay-f...@uiowa.edu wrote:
It looks like if the server has the RRSIG RR, it returns it. For
Jay Ford jay-f...@uiowa.edu wrote:
It looks like if the server has the RRSIG RR, it returns it. For example, a
query with +dnssec will cause it to cache the RRSIG, after which it returns
it even if +dnssec not specified.
It's weird. If you repeatedly query 8.8.4.4 without the DO bit, you get
7 matches
Mail list logo