Hi!
As far as see PDNS as slave has a poor logic when there are multiple
masters:
On incoming NOTIFY it queues the zone for refresh. The SOA query uses a
random master to get the master's serial. On timeout it does not try
another master.
If the SOA query was successful and the serial is increas
Hi Leen,
On Fri, 20 May 2016 10:08:51 +0200
l...@consolejunkie.net wrote:
> I've been wondering about this, I haven't tried the new recursor yet.
> So to make it more clear:
> If you enable DNSSEC-processing of the recursor and nothing is cached
> and you request something without DO-bit set do
Hi Leen and Michael,
On Fri, 20 May 2016 09:31:31 +0200
Leen Besselink wrote:
> I forgot to mention, when you query a recursor, the recursor can also
> indicate that the response is DNSSEC-validated, you need to look at the
> AD-bit.
For completeness, the recursor follows RFC 6840[1] ยง5.7 pret
On Fri, May 20, 2016 at 08:10:23AM +0200, Bit World Computing - Michael Mertel
wrote:
> Hi Leen,
>
> thanks for clearing this up. My approach was a bit to naive but my recursor
> is now returning whats expected.
>
> The +dnssec Parameter is the essential trick, and depending on dnssec=off or
>
