said by CBLMorphis:Well I have a Linksys befsr41, it's old, so will it affect me?
I couldn't tell you, I don't have one to test it with. I fixed mine with unchecking DNSmasq inside dd-wrt. most of my DNS queries will go right to the servers I am assuming.
As DNSguy stated yesterday:
said by DNSguy:That Register article was nothing but a bunch of FUD.
The only thing that is changing on May 5th is that the root name servers will start replying with signed DNSSEC answers if and only if the downstream resolver
ASKS for them.
If the downstream resolver does not ask, things will continue to work as they do today.
There is a second issue to this in that a lot of firewalls and home routers restrict a UDP DNS response to a 512 byte packet.
When you include DNSSEC information, most DNS responses will be larger that that. If the packet size is restricted, the query will be performed over TCP which has more overhead due to handshaking. This, in turn, could slow down your DNS resolution times.
Our corporate network would be affected, customers are on the production network are typically and as DNSguy stated... not affected.
If it makes you feel warm and fuzzy both at&t's anycast are ready for the DNSSEC should they come down to it.
Test results
for resolver: 68.94.157.1
Announced buffer size:
4096 bytes
Measured buffer size:
3839 bytes
EDNS enabled:
yes
DNSSEC enabled:
yes
Your resolver announced a buffer size bigger than the largest packet that it can receive.
Note: There will always be a difference between the announced and measured buffer size because of the algorithm used. However this difference should not exceed 300 bytes.
for resolver: 68.94.156.1
Announced buffer size:
4096 bytes
Measured buffer size:
3839 bytes
EDNS enabled:
yes
DNSSEC enabled:
yes
Your resolver announced a buffer size bigger than the largest packet that it can receive.
Note: There will always be a difference between the announced and measured buffer size because of the algorithm used. However this difference should not exceed 300 bytes.