Tag Archives: SOA

DNS Test Names & Resource Records

2017-12-18DNS/DNSSECAPL, CAA, CNAME, dig, DNS, dnseval, DNSViz, HINFO, host, LOC, NSEC, NSEC3, NSEC3PARAM, OPENPGPKEY, Resource Record, RP, RRSIG, SOA, SSHFP, Subdomain, Test, TLSA, TTL, UmlautJohannes Weber

I am testing a lot with my own DNS servers as well as with third-party DNS implementations such as DNS proxies on firewalls, DNSSEC validation on resolvers, etc. While there are a number of free DNS online tools around the Internet I was lacking some DNS test names with certain properties or resource records. Hence I configured a couple of them on my own authoritative DNS servers and its zone weberdns.de.

For example, we encountered a bug on the Palo Alto DNS proxy that has not stored the TTL value correctly – hence some test names with different TTL values. Or we had some problems when a single DNS name has more than 15 IPv4/IPv6 addresses – hence some test names with lots of addresses. And many more: Continue reading DNS Test Names & Resource Records →

BIND Inline-Signing Serial Numbers Cruncher

2016-12-27DNS/DNSSECBIND, DNS, DNSSEC, serial number, SOAJohannes Weber

I know that BIND correctly changes the serial numbers of zones when it is enabled with inline signing and auto-dnssec. However, I got confused one more time as I looked at some of my SOA records. So, just for the record, here is an example of how the serial numbers increase while the admin has not changed anything manually on the zone files.

Continue reading BIND Inline-Signing Serial Numbers Cruncher →

Weberblog.net

IT-Security, Networks, IPv6, VPN, DNSSEC, NTP

Tag Archives: SOA

DNS Test Names & Resource Records

BIND Inline-Signing Serial Numbers Cruncher