[Cerowrt-devel] Problems with DNSsec on Comcast, with Cero 3.10.38-1/DNSmasq 4-26-2014
simon at thekelleys.org.uk
Sat Jan 10 10:37:07 EST 2015
-----BEGIN PGP SIGNED MESSAGE-----
OK, that's useful, but not good. The last thing DNSSEC/IPv6 needs is
yet another reason why network access which used to work now doesn't.
edns-packet-max=1280 seems to be working fine here. Please let me know
if you find anything more.
On 09/01/15 21:34, Dave Taht wrote:
> I strongly suspect an ipv6 fragmentation handling bug in the
> kernel version cerowrt uses. Have tons of evidence pointing to that
> now, starting with some tests run last year from iwl and also the
> tests that netalyzer was doing. And: I just locked up the box
> completely while doing some dnssec stuff.
> will go through kernel git logs and see what has happened there
> since 3.10.50.
> Turning on the edns-packet-max feature now, however, as I lack time
> to poke into this in more detail, and we're supposed to be testing
> dnssec as it is....
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the Cerowrt-devel