cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1113
Views
0
Helpful
2
Replies

test DNSSEC

stephane.roque
Level 1
Level 1

In july 2010, the servers DNS will be modify.

http://www.root-dnssec.org/

https://www.dns-oarc.net/oarc/services/replysizetest

On my LAN (PC win XP SP3 with firewall down and anti-virus down too), i tested this command:

nslookup -q=txt rs.dns-oarc.net

The answer is:

rst.x4001.rs.dns-oarc.net.
rst.x3985.x4001.rs.dns-oarc.net.
rst.x4023.x3985.x4001.rs.dns-oarc.net.
"192.168.1.1 sent EDNS buffer size 4096"
"192.168.1.1 DNS reply size limit is at least 3823 bytes"

How to know if my firewall on my cisco 851 is the cause. Normally, it must be upper to 4000 bytes and no 3823 bytes.

Yhank you for your answers.
2 Replies 2

Panos Kampanakis
Cisco Employee
Cisco Employee

I would check if I am inspecting dns on your 851.

I hope it helps.

PK

I found the answer.

My cisco is ok for the dnssec.

nslookup -q=txt rs.dns-oarc.net

The answer is:

rst.x4001.rs.dns-oarc.net.
rst.x3985.x4001.rs.dns-oarc.net.
rst.x4023.x3985.x4001.rs.dns-oarc.net.
"192.168.1.1 sent EDNS buffer size 4096"
"192.168.1.1 DNS reply size limit is at least 3823 bytes"

The DNS reply show an answer with 3823 bytes. It's the config DNS server for reply.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: