Dnssec

[floyd]

Let me know if I am doing this properly:

dig @8.8.8.8 txt test.rs.ripe.net +short
rst.x477.rs.ripe.net.
rst.x481.x477.rs.ripe.net.
rst.x486.x481.x477.rs.ripe.net.
"64.233.168.94 DNS reply size limit is at least 486 bytes"
"64.233.168.94 lacks EDNS, defaults to 512"
"64.233.168.94 summary bs=512,rs=486,edns=0,do=0"

dig @4.2.2.1 txt test.rs.ripe.net +short
rst.x3828.rs.ripe.net.
rst.x3833.x3828.rs.ripe.net.
rst.x3839.x3833.x3828.rs.ripe.net.
"8.0.7.16 DNS reply size limit is at least 3839 bytes"
"8.0.7.16 sent EDNS buffer size 4096"
"8.0.7.16 summary bs=4096,rs=3839,edns=1,do=1"

It looks like there is a problem with 8.8.8.8 but 4.2.2.1 is ok. Am I reading that correctly?

 

[Invader Zim]

It would appear so.

No EDNS

The following result comes from a DSL router that does not support EDNS:

rst.x486.rs.dns-oarc.net.
rst.x454.x486.rs.dns-oarc.net.
rst.x384.x454.x486.rs.dns-oarc.net.
"X.X.X.X DNS reply size limit is at least 486 bytes"
"X.X.X.X lacks EDNS, defaults to 512"

https://www.dns-oarc.net/oarc/services/replysizetest

 

[floyd]

Its amazing that google would not be ready for this. 8.8.8.8 is google's open resolver.

 

[alexey.world]

+1 for DNSSEC support in DirectAdmin.)

 

[HageHosting]

+1 for DNSSEC support in DirectAdmin

 

[conconnl]

+1 for DNSSEC support in DirectAdmin
TLD NL now supports DNSSEC too (The Netherlands)

 

[remco30]

+1 for DNSSEC support in DirectAdmin

 

[Richard G]

You all should not bump ancient threads to do +1's.
This is the place to go:
http://www.directadmin.com/forum/showthread.php?t=36133&highlight=dnssec