Hello,
I use BIND 9.9.5 with inline-signing and noticed that the NSEC records
have different TTLs. I can't really explain why there is a difference.
A few of the NSEC records have TTL 300 which is my SOA minimum
(negative) TTL. This should be fine in regard to RFC4035 which states
that every NSEC
At Sun, 23 Nov 2014 21:00:15 -0800 (PST),
blrmaani wrote:
>
> Our nameservers take upto 10KQPS (mostly NOERROR type most of the time).
>
> Twice or thrice a week, I have seen upto 10% of the queries are
> SERVFAIL and we have started exceeding the default value of 2000 for
> recursive-clients se
At Sun, 23 Nov 2014 21:00:15 -0800 (PST),
blrmaani wrote:
>
> Our nameservers take upto 10KQPS (mostly NOERROR type most of the time).
>
> Twice or thrice a week, I have seen upto 10% of the queries are
> SERVFAIL and we have started exceeding the default value of 2000 for
> recursive-clients se
3 matches
Mail list logo
