News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Feature Requests
linktree Topic: DNSSEC support for M0n0wall
Pages: [1]
Topic: DNSSEC support for M0n0wall  (Read 2638 times)
« on: May 21, 2010, 18:09:39 »
joukahainen *
Posts: 4
Is there possibility to make M0n0wall support DNSSEC

If i run this test with latest 1.32 release results are no EDNS support

https://www.dns-oarc.net/oarc/services/replysizetest

DNSSEC has been activated lately in larger scale, more information here:

http://www.dnssec.net/
« Reply #1 on: May 21, 2010, 22:27:09 »
brushedmoss ****
Posts: 446
M0n0 uses dnsmasq which does support edns.  The version in mono defaults to edns size of 1280 but can be configured to 4096 which is the default in newest versions.
« Last Edit: May 21, 2010, 22:29:18 by brushedmoss »
« Reply #2 on: May 23, 2010, 14:19:43 »
joukahainen *
Posts: 4
Quote from: brushedmoss on May 21, 2010, 22:27:09
M0n0 uses dnsmasq which does support edns.  The version in mono defaults to edns size of 1280 but can be configured to 4096 which is the default in newest versions.
Ok, thanks. There must have been something strange with the test (or my configuration). When I did run the test a couple of days ago I got results saying "NOEDS support". Today when  I ran the same test again result where as they should be.
« Reply #3 on: May 24, 2010, 20:01:04 »
iridris ***
Posts: 145
I'm also getting inconsistent test results.  I'm using the Java tool from this site:

http://labs.ripe.net/content/testing-your-resolver-dns-reply-size-issues

Sometimes it gives me the following results:
Announced buffer size: 4096 bytes
Measured buffer size: 3839 bytes
EDNS enabled: yes
DNSSEC enabled: yes

And other times it gives me these results:
Announced buffer size: 512 bytes
Measured buffer size: 486 bytes
EDNS enabled: no
DNSSEC enabled: no

Is there something that could be causing this?
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines