When does BIND send queries with DO flag enabled?
dot at dotat.at
Thu Sep 30 14:27:59 UTC 2010
On Thu, 30 Sep 2010, Taylor, Gord wrote:
> The business partner has already fixed their firewall
> (allow_dnssec_bit=1 on CheckPoint)
Just in case anyone else is worried about interop problems, I note that
allow_dnssec_bit=1 is the default setting. A CheckPoint firewall
administrator has to deliberately change a correct default in order to
cause this kind of serious breakage.
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
HUMBER THAMES DOVER WIGHT PORTLAND: NORTH BACKING WEST OR NORTHWEST, 5 TO 7,
DECREASING 4 OR 5, OCCASIONALLY 6 LATER IN HUMBER AND THAMES. MODERATE OR
ROUGH. RAIN THEN FAIR. GOOD.
More information about the bind-users