> AD is set when authentication is successful by the server
> to whom you
> are sending the query. The "+noadflag" says don't set
> the AD bit in the
> outbound query (which is the default).
>
> AlanC
>
Thanks. Based on that, the following:
dig +adflag gov
produces:
flags: qr rd ra ad;
Doe
The following dig query
dig gov +dnssec +noadflag @10.10.10.1
produces the following flags in the header section:
;; flags: qr rd ra ad;
Question - what is the relation with the +dnssec and +noadflag options in the
query. I would think the query would produce a signed response with no ad bit
> I suspect your error has more to do with the value of the
> IPv6
> address and sanity checks in the Linux kernel than with
> anything
> else. Use a allocated address or generate a ULA
> prefix for testing
> and use that.
>
Mark - you are right on the money!! I changed my IPv6 address, now eve
--- On Tue, 12/29/09, Alan Clegg wrote:
> From: Alan Clegg
> Subject: Re: IPv6 TCP
> To: "Pamela Rock"
> Date: Tuesday, December 29, 2009, 9:34 AM
> Pamela Rock wrote:
>
> > [r...@test /]# dig ip6.test.com @bind6 +tcp
> +short s
--- On Mon, 12/28/09, Kevin Oberman wrote:
> From: Kevin Oberman
> Subject: Re: IPv6 TCP
> To: "Pamela Rock"
> Cc: "Mark Andrews" , "Chuck Anderson" ,
> bind-users@lists.isc.org
> Date: Monday, December 28, 2009, 10:08 PM
> > Date: Mo
--- On Mon, 12/28/09, Mark Andrews wrote:
> From: Mark Andrews
> Subject: Re: IPv6 TCP
> To: "Pamela Rock"
> Cc: "Kevin Oberman" , "Chuck Anderson" ,
> bind-users@lists.isc.org
> Date: Monday, December 28, 2009, 8:22 PM
>
> In
--- On Mon, 12/28/09, Kevin Oberman wrote:
> From: Kevin Oberman
> Subject: Re: IPv6 TCP
> To: "Pamela Rock"
> Cc: bind-users@lists.isc.org, "Chuck Anderson"
> Date: Monday, December 28, 2009, 6:07 PM
> > Date: Mon, 28 Dec 2009 13:31:50
> -0800 (
--- On Mon, 12/28/09, Chuck Anderson wrote:
> From: Chuck Anderson
> Subject: Re: IPv6 TCP
> To: bind-users@lists.isc.org
> Date: Monday, December 28, 2009, 3:58 PM
> On Mon, Dec 28, 2009 at 07:56:56AM
> -0800, Pamela Rock wrote:
> > I posted this query a while a
IPTables and IP6Tables are turned off and not running. There is no other
firewalls or filtering routers between DNS clients and servers.
--- On Mon, 12/28/09, Rick Dicaire wrote:
> From: Rick Dicaire
> Subject: Re: IPv6 TCP
> To: "Pamela Rock"
> Cc: bind-users@lists.
I posted this query a while ago but have not yet been able to resolve the
issue...
I have a DNS server and client that can ping each other using ping6. The
following query works:
dig -6 test.com +notcp
When I query TCP with IPv6 I get the following error:
r...@test:/home/janderson/bind-9.6.
--- On Sun, 12/20/09, Barry Margolin wrote:
> From: Barry Margolin
> Subject: Re: strange dig behavior
> To: comp-protocols-dns-b...@isc.org
> Date: Sunday, December 20, 2009, 10:59 PM
> In article ,
> Pamela Rock
> wrote:
>
> > I've got the following
I've got the following three scenarios
The client can query a domain A residing on a recursive name server.
The client can query a domain B on an authratative name server.
When client queries domain B through the RNS, a Status: refused results.
I don't know what is causing the refused. IP tabl
For all it's worth, using wireshark, I can see IPv6 UDP queries successfully
traversing in/out. Ping6 works successfully. There is no firewall running
anywhere(IPv4 or 6). Still get
[r...@dig-client ~]# dig -6 a test.domain @bindserver6 +tcp
socket.c:4922: 22/Invalid argument
dig: isc_so
> > I've got a closed lab testing BIND and I've got an
> interesting problem with IPv6 queries. Now I have 3
> systems all running IPv4 and IPv6. IPv4 queries work
> fine across all systems. IPv6 UDP queries work fine as
> well. When I test IPv6 TCP queries I get the following
> failure:
> >
>
Hit the wrong key, sorry about that...
I've got a closed lab testing BIND and I've got an interesting problem with
IPv6 queries. Now I have 3 systems all running IPv4 and IPv6. IPv4 queries
work fine across all systems. IPv6 UDP queries work fine as well. When I test
IPv6 TCP queries I get
I've got closed lab testing BIND and I've got an interesting problem with IPv6
queries. Now I have 3 systems all running IPv4 and IPv6. IPv4 queries work
fine across all systems. IPv6 UDP queries
___
bind-users mailing list
bind-users@lists.
ient
> 10.10.10.10#56597: query
> 23-Oct-2009 16:47:28.802 security: debug 3: client
> 10.10.10.10#56597: query (cache) 'TLD/DNSKEY/IN' approved
> 23-Oct-2009 16:47:28.802 client: debug 3: client
> 10.10.10.10#56597: send
> 23-Oct-2009 16:47:28.802 client: debug 3: client
>
This environment is in a lab.
I have a DNSSEC enabled server with a signed .TLD zone (again, in a lab). I
have a client that can accurately run queries against the signed .TLD zone.
So this works...
DNSSEC Enabled Client => DNSSEC Enabled .TLD
I'm trying to put a recursive BIND 9.6.1-P1 s
18 matches
Mail list logo