DNS Flag Day, Friday, Feb 1st, 2019

Mike Meredith mike.meredith at port.ac.uk
Thu Jan 24 10:02:18 UTC 2019


On Thu, 24 Jan 2019 11:22:44 +1100, Mark Andrews <marka at isc.org> may have
written:
> If you run a firewall in front of your DNS server you may be broken.

If you run a firewall in front of your DNS server and the firewall breaks
EDNS, then your firewall is broken. And has been a long, long time. I put a
firewall in place back in 2004, and EDNS compliance was one of the tests
back then.

-- 
Mike Meredith, University of Portsmouth
Chief Systems Engineer, Hostmaster, Security, and Timelord!
 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190124/bda6b0c8/attachment.sig>


More information about the NANOG mailing list