On Sun, 24 Aug 2014 09:12:26 Jay Daley wrote:
Is there any particular reason you are using DLV and
not ordinary root DNSSEC?
I'm just using the default dnssec config for Bind 9.8 on RHEL 6, under the assumption
that the defaults would be safe.
On 24/08/2014, at 9:00 am, Jean-Francois Pirus <jfp(a)clearfield.com> wrote:
Unless I'm missing something, looks like my internal dns stopped working because
there were issues with the link to the US.
All because dnssec is enabled in bind.
Namely queries from a resolver server would timeout looking up
before it got to querying my authoritative server.
It's been a while but I thought it was myhost.mydomain.dlv.isc.org
(i.e. no .com)
Is there any way to work around that?
Don't use DLV?
Seems like a single point of failure, where resolvers will fail if there are any issues
Jean-Francois Pirus | Technical Manager
francois(a)clearfield.com | Mob +64 21 640 779 | DDI +64 9 282 3401
Clearfield Software Ltd | Ph +64 9 358 2081 | www.clearfield.com