DNSSEC/unbound -> boingboing.net failures
Paul Wouters
paul at nohats.ca
Tue Jun 30 17:01:19 UTC 2015
With that many CNAMEs requiring validation and intermittent failure, my guess is your wifi is dropping a significant amount of queries.
This is a case where shorter negative cache lifetimes should help a lot. This should come into dnssec-trigger very soon.
What will also help is once edns-query-chain is implemented and supported by the upstream resolver, as that reduces the query to one tcp query
Sent from my iPhone
> On Jun 30, 2015, at 13:55, Matthew Miller <mattdm at fedoraproject.org> wrote:
>
>> On Tue, Jun 30, 2015 at 06:44:41PM +0200, Tomas Hozza wrote:
>> Please file a bug against dnssec-trigger. It will be better for
>> getting additional information. Also please see the reply by Paul
>> Wouters to your previous email.
>
> Oh hey. I forgot that I posted this already, and didn't see the reply.
> Ugh, time for a vacation!
>
> --
> Matthew Miller
> <mattdm at fedoraproject.org>
> Fedora Project Leader
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
More information about the devel
mailing list