[Brmlab] Fwd: Re: Fwd: eDNS

Pavel Ruzicka ruza at ruza.eu
Wed Sep 28 13:53:59 CEST 2011


docasne jsem fungovani DNSSEC v brmlabu protlacil tak ze dotazy na
domenu czf jdou na czf root servery ktere jsou ochotne se DNSSECem
bavit, tedy koren.praha12 a gaia.nfx.

inspirovano http://www.nic.czf/

ruza

On 27/09/11 21:15, Pavel Ruzicka wrote:
> 
> -------- Original Message --------
> Date: Tue, 27 Sep 2011 20:31:49 +0200
> From: Petr Solnař - Spoje.NET <solnar at spoje.net>
> To: <ruza at ruza.eu>
> Subject: Re: Fwd: eDNS
> Organization: Spoje.NET s.r.o.
> In-Reply-To: <b0fa8943b22aff696d2f95128e226fb7 at spoje.net>
> 
> Zdravim,
> 
> problem pravdepodobne souvisi s tim, ze jeste nemame plne nasazen
> dnssec. Zkusim s tim neco udelat, aby to uz bylo co nejdriv plne
> nahozene.
> Diky za pochopeni a trpelivost
> 
> P.
> 
> On Thu, 22 Sep 2011 17:11:27 +0200, <helpdesk at spoje.net> wrote:
>> -------- Original Message --------
>> Subject: eDNS
>> Date: Thu, 22 Sep 2011 15:32:22 +0200
>> From: Pavel Ruzicka <ruza at ruza.eu>
>> To: helpdesk at spoje.net
>>
>> vazeni pratele spojari,
>>
>> obracim se na vas ve jmenu obcanskeho sdruzeni brmlab, ktere mate tu
>> cest sponzorovat :)
>>
>> Debuguju nejake veci kolem DNS a DNSSEC a kontrolou inspirovanou na teto
>> strance https://www.dns-oarc.net/oarc/services/replysizetest jsem dospel
>> k zaveru ze jeden z DNS serveru (konkretne 10.11.0.251), ktere pouzivame
>> na vase doporuceni jako DNS resolver, neumi nebo nema spravne nastavene
>> fungovani pres EDNS. Viz nasledujici vypisy.
>>
>> root at brmko:~# dig +short rs.dns-oarc.net txt @10.11.1.101
>> rst.x3827.rs.dns-oarc.net.
>> rst.x3837.x3827.rs.dns-oarc.net.
>> rst.x3843.x3837.x3827.rs.dns-oarc.net.
>> "Tested at 2011-09-22 13:28:50 UTC"
>> "77.87.241.251 sent EDNS buffer size 4096"
>> "77.87.241.251 DNS reply size limit is at least 3843"
>>
>> root at brmko:~# dig +short rs.dns-oarc.net txt @10.11.0.251
>> rst.x476.rs.dns-oarc.net.
>> rst.x485.x476.rs.dns-oarc.net.
>> rst.x490.x485.x476.rs.dns-oarc.net.
>> "Tested at 2011-09-22 13:28:57 UTC"
>> "212.24.132.132 lacks EDNS, defaults to 512"
>> "212.24.132.132 DNS reply size limit is at least 490"
>>
>>
>> Abych minimalizoval moznost ze ty pakety reze napr nas hranicni router,
>> pozadal jsem nahodneho klienta site CZF o provedeni stejnych testu a
>> vysledky byly naprosto stejne. Proto se domnivam ze je to veci
>> konfigurace tohoto konkretniho serveru nebo nejakeho filtru na nem nebo
>> pred nim a proto se k vam obracim s zadosti o napravu.
>>
>> Dekuji
>> Pavel Ruzicka aka ruza
> 


-- 
e-mail:  ruza at ruza.eu
www:   http://ruza.eu
     http://brmlab.cz



More information about the Brmlab mailing list