FreeStone Blog What goes on at FreeStone …

4May/100

Test if your nameservers are ready for DNSSEC

DNSSEC replies are much bigger than traditional DNS answers. Typical DNS replies fit into the 512byte standard UDP DNS Packet. So if they get bigger we need EDNS Support. To test if your DNS Servers can succesfully forward bigger packages you can do this with the following command:

dig +short rs.dns-oarc.net txt

If should then output something like this:

rst.x3827.rs.dns-oarc.net.
rst.x3837.x3827.rs.dns-oarc.net.
rst.x3843.x3837.x3827.rs.dns-oarc.net.
"193.5.68.11 DNS reply size limit is at least 3843"
"193.5.68.11 sent EDNS buffer size 4096"
"Tested at 2010-05-04 00:08:52 UTC"

Tagged as: , No Comments
   

Recent Posts

Recent Comments

Blogroll

Tags

40D 6288 background canon Cisco desktop directory dns DNSSEC Dock firmware google Growl HardwareGrowler image images index IPv4 IPv6 iSync Linux Mac MacOS mount Nokia openbsd panorama Photography ping Porn RIPE search engine stitching time lapse traceroute twitter Update viewfinder wallpapers

Ad

Meta