Paul Wouters: Re: [dnssec-deployment] DNS cache issue
Adam Tkac
atkac at redhat.com
Fri Nov 23 08:30:59 UTC 2007
On Thu, Nov 22, 2007 at 12:15:29PM -0500, Michael Richardson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> >>>>> "Adam" == Adam Tkac <atkac at redhat.com> writes:
>
> Adam> Yes. I'm keeping short patch downstream which adds global edns
> Adam> option. This option was discussed on bind-workers and ISC
> Adam> don't want that option. Our users has problem that log is
> Adam> flooded with "..disabling EDNS.." messages. Of course, EDNS is
>
> Then just turn off that message, or limit it to saying it once.
> Bind9 turns off EDNS on it's own, right?
Turn off message is nasty hack. BIND turns off EDNS after 3
unsuccessful queries (I think :) ) but this takes time. If you know you have
problems related to ENDS you could fix your network or stop using
EDNS.
Adam
>
> - --
> ] Bear: "Me, I'm just the shape of a bear." | firewalls [
> ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
> ] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
> ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Finger me for keys
>
> iQEVAwUBR0W5K4CLcPvd0N1lAQIiagf/ZZtghcPsKOD7jEwB7LaLSVIUZrDuvF5/
> Xzr3Uh7bcvmlOqWoXmoFBbqHteaDSLh5Q6HcF1Gu2ic3tPHDC4DaQ+u81QY7sR6F
> vVsE0Pir2LAB+J4Nf6+78YQ8xfSMN7VcLJuTE/XvoCerIO7DXBQ81r85aK0PlkiL
> p0ffmxfP++yv5bWHo40h7Ur1wWJGXFv4EYkSUMRpQrim+u6DzHUinU3NydoSWkuJ
> G5mUsJ8MpA9auowg8O6OcBtrYcfnfQ+1kQqP50+K6wbqylDRxukQscu7cSGXxK9j
> qDv8REg+IyCLYAgHCV5vr75lrTER2SI4iNmyx0rSK9K8SmHOCBf5Aw==
> =qMTK
> -----END PGP SIGNATURE-----
--
Adam Tkac, Red Hat, Inc.
More information about the bind-workers
mailing list