dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
17
share rss forum feed

andyross
Premium,MVM
join:2003-05-04
Schaumburg, IL
reply to NetFixer

Re: [DNS] Comcast DNS connectivity issues

It should be mentioned that some .gov sites have occasional issues. It's not Comcast's fault, though. The keys for the .gov sites are regularly updated, but they don't broadcast the proper TTL or something like that, so Comcast tries to use expired ones.



NetFixer
Freedom is NOT free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast

said by andyross:

It should be mentioned that some .gov sites have occasional issues. It's not Comcast's fault, though. The keys for the .gov sites are regularly updated, but they don't broadcast the proper TTL or something like that, so Comcast tries to use expired ones.

Yep, sometimes being on the leading edge (in this case strict adherence to DNSSEC) sometimes means being on the bleeding edge. I know that I had to make changes in some of my DNS records in order for DNSSEC servers (and Comcast's servers in particular) to properly resolve them.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


jlivingood
Premium,VIP
join:2007-10-28
Philadelphia, PA
kudos:2
reply to andyross

said by andyross:

It should be mentioned that some .gov sites have occasional issues. It's not Comcast's fault, though. The keys for the .gov sites are regularly updated, but they don't broadcast the proper TTL or something like that, so Comcast tries to use expired ones.

Right on. See also section 5 of this doc -- »tools.ietf.org/html/draft-living···ection-5
--
JL
Comcast