On May 5 2010, Lightner, Jeff wrote:
8:30 EDT 05/05/2010 and the world hasn't ended here yet.
The switchover of j.root-servers.net to "DURZ" is scheduled for
17:00-19:00 UTC (see http://www.root-dnssec.org/ - or just try
"dig dnskey . @j.root-servers.net"). We aren't there yet ...
We can cel
On 5/5/2010 1:32 PM, Lightner, Jeff wrote:
> 8:30 EDT 05/05/2010 and the world hasn't ended here yet.
>
> We can celebrate Cinco de Mayo in peace. If only I didn't detest
> tequila.
>
> Side note: I've actually been to Puebla Mexico which is where the
> battle that Cinco de Mayo commemorates to
rom: bind-users-bounces+jlightner=water@lists.isc.org
[mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf
Of Laws, Peter C.
Sent: Tuesday, May 04, 2010 6:09 PM
To: bind-us...@isc.org
Subject: RE: Preparing for upcoming DNSSEC changes on 5/5
> It may be the person that su
> It may be the person that suggested setting it was under the
> misapprehension that the two values would be the same but the quote from
> the Java testing tool made it clear that is NOT the case.
I think this is it exactly. But someone in the thread seemed pretty certain
that we needed to set
rk Andrews
Sent: Tuesday, May 04, 2010 12:01 AM
To: Laws, Peter C.
Cc: bind-us...@isc.org
Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
In message
<789398ea51916246a8016370ebc0231f0f3...@it-rome.sooner.net.ou.edu>,
"Laws, Peter C." writes:
> Yes, I get all that. But e
In message <789398ea51916246a8016370ebc0231f0f3...@it-rome.sooner.net.ou.edu>,
"Laws, Peter C." writes:
> Yes, I get all that. But earlier in the thread, I noted that:
>
> "Mine are all saying "x.x.x.x sent EDNS buffer size 4096" when I run the
> dns-oarc.net test, which I assume is the defau
t: Monday, May 03, 2010 20:19
To: Laws, Peter C.
Cc: bind-us...@isc.org
Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
In message <4bdf4b79.4050...@ou.edu>, Peter Laws writes:
> On 05/03/10 16:19, Mark Andrews wrote:
>
> > The test is a rough guide to the maximum packe
In message <4bdf4b79.4050...@ou.edu>, Peter Laws writes:
> On 05/03/10 16:19, Mark Andrews wrote:
>
> > The test is a rough guide to the maximum packet size supported by the path.
>
> So what would be the point of using edns-udp-size to something even
> smaller? None I can see ...
>
> What am
On 05/03/10 16:19, Mark Andrews wrote:
The test is a rough guide to the maximum packet size supported by the path.
So what would be the point of using edns-udp-size to something even
smaller? None I can see ...
What am I missing?
--
Peter Laws / N5UWY
National Weather Center / Network Op
In message <4bdf39f7.1060...@ou.edu>, Peter Laws writes:
> On 05/03/10 15:55, Lightner, Jeff wrote:
>
>
> > Also one of the links I sent earlier had a similar comment about less
> > than 300 bytes difference not being a problem. I had missed that.
> >
> > 4096 - 3843 = 153
> > It seems if I'd p
On 05/03/10 15:55, Lightner, Jeff wrote:
Also one of the links I sent earlier had a similar comment about less
than 300 bytes difference not being a problem. I had missed that.
4096 - 3843 = 153
It seems if I'd paid attention I'd not have posted my follow up
questions.
It's not on the dns-o
age-
From: bind-users-bounces+jlightner=water@lists.isc.org
[mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf
Of Peter Laws
Sent: Monday, May 03, 2010 4:29 PM
To: Kalman Feher
Cc: bind-us...@isc.org
Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
On 05/03/10
On 05/03/10 14:56, Kalman Feher wrote:
You probably should. Your resolver is saying its capable of handling 4096,
but apparently your network path may not support that. The changes on the
The network path to dns-oarc.net doesn't, but that doesn't really mean
anything. To some resolvers, the
ghtner=water@lists.isc.org] On
Behalf
> Of Alan Clegg
> Sent: Monday, May 03, 2010 12:23 PM
> To: bind-users@lists.isc.org
> Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
>
> On 5/3/2010 4:36 PM, Lightner, Jeff wrote:
>
>> It sounds as if he read an ar
Feher
Sent: Monday, May 03, 2010 4:10 PM
To: bind-us...@isc.org
Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
On 3/05/10 9:54 PM, "Lightner, Jeff" wrote:
> On doing that however, I now see the advertised value is 3839 but the
> "at least" value is 3828 on
On 3/05/10 9:54 PM, "Lightner, Jeff" wrote:
> On doing that however, I now see the advertised value is 3839 but the
> "at least" value is 3828 on one and 3827 on the other as shown below.
> Based on that it appears one should NOT set the edns-udp-size as it
> doesn't fix the problem.
This appe
tner=water@lists.isc.org] On Behalf
Of Peter Laws
Sent: Monday, May 03, 2010 1:16 PM
To: bind-us...@isc.org
Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
On 01/-10/37 13:59, Kalman Feher wrote:
>
> Second, make sure the tested effective size appears in your named.conf
in
> the
.org] On Behalf
> Of Alan Clegg
> Sent: Monday, May 03, 2010 12:23 PM
> To: bind-users@lists.isc.org
> Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
>
> On 5/3/2010 4:36 PM, Lightner, Jeff wrote:
>
>> It sounds as if he read an article saying we have to implem
ere other testing I need to do?
-Original Message-
From: bind-users-bounces+jlightner=water@lists.isc.org
[mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf
Of Alan Clegg
Sent: Monday, May 03, 2010 12:23 PM
To: bind-users@lists.isc.org
Subject: Re: Preparing for upcoming DNSSEC
On 01/-10/37 13:59, Kalman Feher wrote:
Second, make sure the tested effective size appears in your named.conf in
the options statement "edns-udp-size" on your resolver.
In your case:
edns-udp-size 3843;
Mine are all saying "x.x.x.x sent EDNS buffer size 4096" when I run the
dns-oarc.net
On 5/3/2010 4:36 PM, Lightner, Jeff wrote:
> It sounds as if he read an article saying we have to implement DNSSEC on
> our DNS servers or we'll quit working on 5/5? Is that the case?
>
> Also what is the drop dead date/time if so? 5/5 Midnight UTC? Some
> other time?
You don't need to do any
riginal Message-
From: bind-users-bounces+jlightner=water@lists.isc.org
[mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf
Of Kalman Feher
Sent: Monday, May 03, 2010 9:38 AM
To: BIND users
Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
On 1/05/10 7:10 PM, "
On 1/05/10 7:10 PM, "Server Administrator" wrote:
> I tried OARC's DNS Reply Size Test on two of my name servers, both on
> the same network, behind the same firewall & router.
>
> Both came back and reported "DNS reply size limit is at least 3843"
> (results below).
>
> Is 3843 close enough
On Sat, 2010-05-01 at 13:10 -0400, Server Administrator wrote:
> I tried OARC's DNS Reply Size Test on two of my name servers, both on
> the same network, behind the same firewall & router.
>
> Both came back and reported "DNS reply size limit is at least 3843"
> (results below).
>
I'd image s
I tried OARC's DNS Reply Size Test on two of my name servers, both on
the same network, behind the same firewall & router.
Both came back and reported "DNS reply size limit is at least 3843"
(results below).
Is 3843 close enough to 4096 to keep me safe next Wednesday (May 5th)?
If not, do the re
25 matches
Mail list logo
