Date: Fri, 7 May 2010 22:44:16 +1200 From: Jonathan Chen <jonc@chen.org.nz> To: Matthew Seaman <m.seaman@infracaninophile.co.uk> Cc: freebsd-questions@freebsd.org Subject: Re: DNS not working since May 6 2010 Message-ID: <20100507104416.GA35730@osiris.chen.org.nz> In-Reply-To: <4BE3C905.2000207@infracaninophile.co.uk> References: <3336_1273178399_4BE3291E_3336_4_1_4BE32922.4090608@solnetsolutions.co.nz> <4BE3C905.2000207@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, May 07, 2010 at 09:02:13AM +0100, Matthew Seaman wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 06/05/2010 21:40:02, Jonathan Chen wrote: > > > I've got a small DNS server on my home network, and ever since May 6, > > 2010 (co-incidentally DNSSEC root sign day), lookups on freebsd.org have > > started failing. eg: > > Uh, the DURZ was installed on j.root; the last one of the root servers > to get it. Besides, .org was DNSSEC signed way back in June 2009. That > is not causing your problem here. > Hmm, I ran across an DNSSEC article in The Register, which lead me to: http://labs.ripe.net/content/testing-your-resolver-dns-reply-size-issues Working thru' it, I tweaked my named.conf's edns-udp-size option and it started working again. So it looks like it was related to the final set of root servers being enabled. Cheers. -- Jonathan Chen <jonc@chen.org.nz> ---------------------------------------------------------------------- When all else fails, RTFM
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100507104416.GA35730>