Text only | Text with Images

IDNetters Forums

Technical News & Discussion => Broadband, Internet & General Computer News & Discussion => Topic started by: Bill on Apr 14, 2010, 20:17:44

Title: DNSSEC
Post by: Bill on Apr 14, 2010, 20:17:44
Article in El Reg, seen referred to on tbb:

Internet users face the risk of losing their internet connections on 5 May when the domain name system switches over to a new, more secure protocol. (http://www.theregister.co.uk/2010/04/13/dnssec/)

IDNet passes the test OK, seems that OpenDNS doesn't. Yet.
Title: Re: DNSSEC
Post by: Inkblot on Apr 14, 2010, 20:20:27
I was looking at this yesterday, I have an SBS2003 server here and that has problems - not so bad for me as it's my network, I can just point the clients at either OpenDNS (When it's been fixed) or IDNET DNS but I have clients who have servers with modified DNS Zones, that might be more of a problem :(
Title: Re: DNSSEC
Post by: Rik on Apr 15, 2010, 10:00:42
Odd, when I run the RIPE test, it says IDNet are not configured. Time to get on the phone...
Title: Re: DNSSEC
Post by: Simon on Apr 15, 2010, 12:24:00
I get this:

Test results
for resolver: 192.168.1.254

Announced buffer size:
4096 bytes
Measured buffer size:
3839 bytes
EDNS enabled:
yes
DNSSEC enabled:
no

Your resolver does not have DNSSEC enabled.
Note: There will always be a difference between the announced and measured buffer size because of the algorithm used. However this difference should not exceed 300 bytes.
For detailed explanations about these messages see: http://k.root-servers.org/replysizetest

:dunno:
Title: Re: DNSSEC
Post by: Rik on Apr 15, 2010, 12:26:59
IDNet are aware of this, but say it's an issue to do with router firewalls and the test, and will not impact on the service when DNSSEC is introduced.
Title: Re: DNSSEC
Post by: Ted on Apr 15, 2010, 14:51:59
I found this on the Open DNS forums.

http://forums.opendns.com/comments.php?DiscussionID=6595&page=1#Item_0

Seems as if it shouldn't be a problem, but worth keeping an eye on.
Title: Re: DNSSEC
Post by: Rik on Apr 15, 2010, 15:04:31
If the forum goes very quiet on May 5, we all know why. ;D
Title: Re: DNSSEC
Post by: Terryphi on Apr 16, 2010, 07:27:28
My Thomson TG585 v7 gives a correct result to the test.
Title: Re: DNSSEC
Post by: Rik on Apr 16, 2010, 08:30:10
Anyone want to buy a few 2700s, cheap? ;D
Title: Re: DNSSEC
Post by: Inkblot on Apr 16, 2010, 08:37:11
Always been happy with whatever I've used - Belkin, Netgear etc. so have never really followed the 2700 threads but I have just seen a BT supplied router at work - 2700HGV, is this the one people buy from eBay? Looks quite nice for the price people pay! Currently not having problems with my current Belkin but when the time comes I'll definately look at the 2700 if it's still available.
Title: Re: DNSSEC
Post by: Rik on Apr 16, 2010, 08:38:27
It is, Inky, and for many of us with longer lines, the 2700 has brought higher speeds or greater stability or both.
Title: Re: DNSSEC
Post by: Inkblot on Apr 16, 2010, 08:46:38
According to Google Maps my exchange is pretty much exactly 1 mile as the crow flies from where I live and my sync speed is currently 11880 so probably no gains to be had for me.
Title: Re: DNSSEC
Post by: Rik on Apr 16, 2010, 08:47:50
Probably not, but may be worth trying if there's ever one laying around.
Text only | Text with Images