Pascal Hambourg wrote:
> Le 29/12/2017 à 18:27, Andrew W a écrit :
>>
>> On 27/12/2017 13:18, Bernhard Schmidt wrote:
>>> Current BIND9 defaults to doing DNSSEC verification. DNSSEC needs large
>>> packets. You might have an issue with UDP fragments being dropped at
>>> your firewall/NAT Gateway?
Le 29/12/2017 à 18:27, Andrew W a écrit :
On 27/12/2017 13:18, Bernhard Schmidt wrote:
Current BIND9 defaults to doing DNSSEC verification. DNSSEC needs large
packets. You might have an issue with UDP fragments being dropped at
your firewall/NAT Gateway?
Thanks for this tip. Looking into it I
On 27/12/2017 13:18, Bernhard Schmidt wrote:
Current BIND9 defaults to doing DNSSEC verification. DNSSEC needs large
packets. You might have an issue with UDP fragments being dropped at
your firewall/NAT Gateway?
Thanks for this tip. Looking into it I discovered TCP seems to be
recommened fo
Andrew Wood wrote:
Hi,
> I have a server which acts as a DNS server for our LAN. All our internal
> servers have A records on it using a .local domain and it forwards all
> other requests out to the root servers using the in built list provided
> with BIND. All clients on the LAN have this ma
Andrew W wrote:
>
>
> Does anyone have any ideas please?
>
I had the same experience - I think (after trying this and that) the
solution was ntp (time was behind on the server), but I am not really 100%.
I was thinking first it has something to do with ipv6 or firewall, but after
updating the
5 matches
Mail list logo
