Re: BIND DNS problem after upgrading from Wheezy to Squeeze

2017-12-30 Thread Bernhard Schmidt
Pascal Hambourg wrote: > Le 29/12/2017 à 18:27, Andrew W a écrit : >> >> On 27/12/2017 13:18, Bernhard Schmidt wrote: >>> Current BIND9 defaults to doing DNSSEC verification. DNSSEC needs large >>> packets. You might have an issue with UDP fragments being dropped at >>> your firewall/NAT Gateway?

Re: BIND DNS problem after upgrading from Wheezy to Squeeze

2017-12-29 Thread Pascal Hambourg
Le 29/12/2017 à 18:27, Andrew W a écrit : On 27/12/2017 13:18, Bernhard Schmidt wrote: Current BIND9 defaults to doing DNSSEC verification. DNSSEC needs large packets. You might have an issue with UDP fragments being dropped at your firewall/NAT Gateway? Thanks for this tip. Looking into it I

Re: BIND DNS problem after upgrading from Wheezy to Squeeze

2017-12-29 Thread Andrew W
On 27/12/2017 13:18, Bernhard Schmidt wrote: Current BIND9 defaults to doing DNSSEC verification. DNSSEC needs large packets. You might have an issue with UDP fragments being dropped at your firewall/NAT Gateway? Thanks for this tip. Looking into it I discovered TCP seems to be recommened fo

Re: BIND DNS problem after upgrading from Wheezy to Squeeze

2017-12-27 Thread Bernhard Schmidt
Andrew Wood wrote: Hi, > I have a server which acts as a DNS server for our LAN. All our internal > servers have A records on it using a .local domain and it forwards all > other requests out to the root servers using the in built list provided > with BIND. All clients on the LAN have this ma

Re: BIND DNS problem after upgrading from Wheezy to Squeeze

2017-12-26 Thread deloptes
Andrew W wrote: > > > Does anyone have any ideas please? > I had the same experience - I think (after trying this and that) the solution was ntp (time was behind on the server), but I am not really 100%. I was thinking first it has something to do with ipv6 or firewall, but after updating the

BIND DNS problem after upgrading from Wheezy to Squeeze

2017-12-26 Thread Andrew Wood
I have a server which acts as a DNS server for our LAN. All our internal servers have A records on it using a .local domain and it forwards all other requests out to the root servers using the in built list provided with BIND. All clients on the LAN have this machine set as their only DNS serve

BIND DNS problem after upgrading from Wheezy to Squeeze

2017-12-26 Thread Andrew W
I have a server which acts as a DNS server for our LAN. All our internal servers have A records on it using a .local domain and it forwards all other requests out to the root servers using the in built list provided with BIND. All clients on the LAN have this machine set as their only DNS serve