[Dnssec-trigger] DNSSEC trigger and v6 DNS servers
Stephan Lagerholm
stephan.lagerholm at secure64.com
Wed Dec 28 15:58:28 UTC 2011
Hi,
I can still access www.trasigdnssec.se (a deliberately DNSSEC broken
domain) with DNSSEC trigger 0.9 installed and running on my windows 7
laptop when using v6 capable applications such as firefox.
-----------------------------------------------
The probe results are:
results from probe at 2011-12-28 09:26:37
cache 64.92.220.220: OK
cache 208.67.222.222: error no RRSIGs in reply
DNSSEC results fetched from (DHCP) cache(s)
---------------------------------------------
What appears to happen is the firefox/IE is sending queries to the IPv6
DNS server 2001:5c0:1000:11::2 that I got provisioned via DHCPv6.
Shouldn't dnssec-trigger rewrite both the 'resolv.conf' for IPv4 and
IPv6 and start a local unbound on both ::1 and 127.0.0.1?
/S
More information about the dnssec-trigger
mailing list