DNS not working since May 6 2010
Jonathan Chen
jonc at chen.org.nz
Fri May 7 10:44:20 UTC 2010
On Fri, May 07, 2010 at 09:02:13AM +0100, Matthew Seaman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 06/05/2010 21:40:02, Jonathan Chen wrote:
>
> > I've got a small DNS server on my home network, and ever since May 6,
> > 2010 (co-incidentally DNSSEC root sign day), lookups on freebsd.org have
> > started failing. eg:
>
> Uh, the DURZ was installed on j.root; the last one of the root servers
> to get it. Besides, .org was DNSSEC signed way back in June 2009. That
> is not causing your problem here.
>
Hmm, I ran across an DNSSEC article in The Register, which lead me to:
http://labs.ripe.net/content/testing-your-resolver-dns-reply-size-issues
Working thru' it, I tweaked my named.conf's edns-udp-size option and
it started working again. So it looks like it was related to the final
set of root servers being enabled.
Cheers.
--
Jonathan Chen <jonc at chen.org.nz>
----------------------------------------------------------------------
When all else fails, RTFM
More information about the freebsd-questions
mailing list