On Sat, Apr 11, 2015 at 9:32 AM, Kevin Darbyshire-Bryant <[email protected]> wrote: > On 11/04/2015 16:03, Marc Petit-Huguenin wrote: >> On 03/30/2015 12:42 PM, Dave Taht wrote: >>> for cerowrt-3.10? Really wasn't planning on it. Didn't even know there >>> was a problem til today... >> So I suppose that means that Cerowrt is now unmaintained and that I should >> switch to something else, because my job requires near constant access to >> www.ietf.org and I will not disable DNSSEC. >> >> So, what would you recommend for my WNDR3800? >> >> Thanks. > > Openwrt chaos calmer trunk (latest) as of a day ago has dnsmasq 2.73rc4 > with suitable handling for DNSSEC. Certainly I've DNSSEC enabled and > can browse the site you mention without obvious problem.
I stand corrected. I still would really like people to pound dnsmasq flat with namebench or other dns stress tests (anyone know of any? dig in a loop would also help), using a native ipv6 dns server upstream. It used to take days to trigger the bug. It may only happen on networks that have issues with edns0. > The automatic determination of 'valid current time' and hence checking > signature timestamps has an issue: The startup script uses 'touch -t > 1970epoch timestampfile' to pre-create a timestamp file which slightly > defeats the inbuilt dnsmasq logic...not helped by the fact '-t' is an > invalid option. Well, it was a more elegant solution that dnsmasq ultimately came up with than what was in cerowrt, and I figure that single character fix is a single bug report to openwrt and patch away... if someone else not getting on a plane makes it. https://www.youtube.com/watch?v=J_GciXA-6Ag > > _______________________________________________ > Cerowrt-devel mailing list > [email protected] > https://lists.bufferbloat.net/listinfo/cerowrt-devel > -- Dave Täht Let's make wifi fast, less jittery and reliable again! https://plus.google.com/u/0/107942175615993706558/posts/TVX3o84jjmb _______________________________________________ Cerowrt-devel mailing list [email protected] https://lists.bufferbloat.net/listinfo/cerowrt-devel
