[Cerowrt-devel] coping with ipv6 source routing and dns
toke at toke.dk
Wed Jan 29 17:30:34 EST 2014
Dave Taht <dave.taht at gmail.com> writes:
> Since most forwarders can't be trusted to return NXDOMAIN, an internal
> email box at several of my sites runs dns directly. A few dnsrbl
> providers offer ipv6 transport, so it's possible.
Ah, I see. I just run bind on cerowrt. Have to set an ntp server by IP
(or in /etc/hosts; I use an internal GPS-backed server) to bootstrap,
but otherwise it works well.
> One advantage of dnssec is we get NXDOMAIN working again, so a
> forwarder can be used...
Presumably only if the forwarder doesn't strip the dnssec stuff?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 489 bytes
Desc: not available
More information about the Cerowrt-devel