Date: 21 Jan 2019 12:01:02 -0500 From: "John Levine" <johnl@iecc.com> To: freebsd-questions@freebsd.org Subject: Re: DNS Flag Day Message-ID: <20190121170102.AA4FC200CFE59A@ary.qy> In-Reply-To: <157de54f-bf15-06ba-d47f-923dce0a716c@netfence.it>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <157de54f-bf15-06ba-d47f-923dce0a716c@netfence.it> you write: >On 1/21/19 12:40 AM, Jon Radel wrote: > >> Not enough details are provided by you in the above to have a clear >> answer. Are you using the FreeBSD 11.2 server as an authoritative >> server for one or more DNS zones? > >Sorry to step in. >What about authoritative servers for private zones? > >I.e. Are those who are serving local.xxxxx.xx to their LAN affected? Tes. DNS cache software will start rejecting bad EDNS, so unless you plan to never ever update any DNS software on your LAN, you should make it work. >> If you're running a reasonably recent version of NSD or BIND, like the ones in >> the packages, you should be fine. > >I've read an article that reports BIND 9.13.3 and 9.14.0 are ok, but we >start from dns/bind911. >Is that fine? I don't know, but why don't you upgrade to a more recent BIND? It's not hard.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20190121170102.AA4FC200CFE59A>