DNS Flag Day, Friday, Feb 1st, 2019

• Previous message (by thread): DNS Flag Day, Friday, Feb 1st, 2019
• Next message (by thread): DNS Flag Day, Friday, Feb 1st, 2019
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Well you can go to https://ednscomp.isc.org and click on "Test Your Servers Here”
which is what https://dnsflagday.net calls behind the scenes.  You will just need
to interpret the results as they apply to DNS flag day.  If you don’t want to go
there you can go to https://gitlab.isc.org and down load and compile the DNS
compliance tester and then run “genreport -i bind11 -e”. which is the actual test
code being run.

But hey you did do proper acceptance testing when you installed your DNS servers
and firewalls to ensure that they implemented the DNS protocol correctly and they
your firewalls don’t block well formed DNS queries (lots of them do by default).

Mark

> On 24 Jan 2019, at 3:35 pm, Christopher Morrow <morrowc.lists at gmail.com> wrote:
> 
> 
> 
> On Wed, Jan 23, 2019 at 7:11 PM Brian Kantor <Brian at ampr.org> wrote:
> Quoting from the web site at https://dnsflagday.net/
> 
> 
> huh, from the 'dns illuminati' eh"
> 
> DNS hosted by gandi.net? resolves to 3 /32's on 3 adjacent /24's.. in github's ip space, routed by fastly.com ...
> I'm sure glad the  whois data for that domain is sensible too... :(
>  
> none of that particularly leaves me feeling like I should go put any data at all into the site.
> 
> -chris

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

• Previous message (by thread): DNS Flag Day, Friday, Feb 1st, 2019
• Next message (by thread): DNS Flag Day, Friday, Feb 1st, 2019
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]