nanog mailing list archives
Re: in-addr.arpa server problems for europe?
From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 15 Feb 2010 19:55:05 +0100
* Stephane Bortzmeyer:
It is highly improbable that all these name servers are unreachable from you. Therefore, I suspect that *content* is the issue. RIPE-NCC zones are signed with DNSSEC. Are you sure you do not have a broken middlebox which deletes DNSSEC-signed answers?
Ahem. dig's +trace doesn't use EDNS by default, so no signatures and (usually) no large responses. For extra realism, you need to add +dnssec +norecurse, and +all for usefulness.
Current thread:
- Re: in-addr.arpa server problems for europe?, (continued)
- Re: in-addr.arpa server problems for europe? Stephane Bortzmeyer (Feb 15)
- RE: in-addr.arpa server problems for europe? Mark Scholten (Feb 15)
- RE: in-addr.arpa server problems for europe? Tony Finch (Feb 15)
- Re: in-addr.arpa server problems for europe? Seth Mattinen (Feb 15)
- Re: in-addr.arpa server problems for europe? Steven Bellovin (Feb 15)
- RE: in-addr.arpa server problems for europe? Mark Scholten (Feb 15)
- Re: in-addr.arpa server problems for europe? Mark Andrews (Feb 15)
- RE: in-addr.arpa server problems for europe? Mark Scholten (Feb 15)
- Re: in-addr.arpa server problems for europe? Mark Andrews (Feb 15)
- Re: in-addr.arpa server problems for europe? Joly MacFie (Feb 15)
- Re: in-addr.arpa server problems for europe? Mark Andrews (Feb 15)
- Re: in-addr.arpa server problems for europe? Mark Andrews (Feb 15)
- Re: in-addr.arpa server problems for europe? Michelle Sullivan (Feb 15)