[Opendnssec-user] NSEC3 failure?
Havard Eidnes
he at uninett.no
Sun Apr 3 22:12:39 UTC 2016
>> ...and if I'm not terribly mistaken, the three zones which have been
>> flagged in this way (yep, two more popped up) so far have all been
>> added to our OpenDNSSEC setup after we upgraded to 1.4.9.
>
> I think there is a relation but no causation in this case. They are
> probably added around the same time and thus resalted at the same time.
> Though not entirely sure on that.
Could very well be. A couple of new zones came up with this
problem, and they didn't share the commonality with the others.
> I do have a possible fix ready.
> https://github.com/yschaeff/opendnssec/tree/double_nsec3param if you are
> feeling adventurous. It passes our regression tests but I wasn't able to
> reproduce the yet so I'm not 100 percent sure it is a fix.
Thanks! I'm now running with this patch, we'll see in a while if
it's helped.
Regards,
- Håvard
More information about the Opendnssec-user
mailing list