[Dnsmasq-discuss] dnssec queries with --bogus-priv
Simon Kelley
simon at thekelleys.org.uk
Sat Jun 2 14:52:18 BST 2018
Hi Kevin,
Can you include the context of these lines?
When I query x.y.168.192.in-addr-arpa without --bogus-priv I get
SERVFAIL, because Google public DNS returns an unsigned reply to
dnssec-query[DS] 168.192.in-addr.arpa
but with --bogus-priv I get a local answer which never gets validated,
as I'd expect.
Cheers,
Simon.
On 15/05/18 16:35, Kevin Darbyshire-Bryant wrote:
> Here’s another one of those innocent questions caused by looking at a logfile :-)
>
> I have ‘—bogus-priv’ set so in theory I’m not going to ask upstream questions about RFC1918 addresses, which I don’t, except I see these….
>
> dnssec-query[DS] 10.in-addr.arpa to 8.8.8.8
> dnssec-query[DS] 168.192.in-addr.arpa to 8.8.8.8
>
> You get the idea.
>
> So, should I?
>
>
> Cheers,
>
> Kevin D-B
>
> 012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20180602/fe0898c5/attachment.sig>
More information about the Dnsmasq-discuss
mailing list