@gertjan said in ET INFO Outbound RRSIG DNS Query Observed:
@stewart said in ET INFO Outbound RRSIG DNS Query Observed:
Spectrum uses have PUMA chipsets and fall apart
Oh .... that name does ring a bell. Isn't that chipset/modem part of the top ten on badmodens.org (or something like that).
Why yes. Yes it is. I believe PUMA chipsets is the sole reason that site exists.
@gertjan said in ET INFO Outbound RRSIG DNS Query Observed:
@stewart said in ET INFO Outbound RRSIG DNS Query Observed:
You can't just say
Well .....
Right, I admit : I say so, because it, pfSense, ships in a configuration that works out of the box. They choose this build-in setup because it's probably valid for most of us.
And that's valid for me.
( so extra true ^^)
I realize that there may be a bit of a language barrier if you're primary language is French. I realize if read a certain way it could be an argumentative statement. It wasn't meant to be so, so please don't take offense.
Don't worry, I live in France, so I know that there as as many exceptions as habitants.
Still .... using a modem that goes haywire because you throw some off the mill, plain vanilla DNS requests through it makes me wonder :
You pay your ISP - or your ISP pays you ? ;)
Do you have to use this type of modem ? (I've read somewhere, sometimes that you probably do not have any choice).
Residential customers can use an approved modem. Commercial customers must use the ones provided by the ISP.
IMHO : a more basic router/firewall a pfSense doesn't exist **. I guess it's even setting that reference right now.
What I should have said above :
On the Resolver settings page : un check the DNSSEC option, as it it worthless anyway.
The "ET INFO Outbound RRSIG DNS Query Observed" log line will go away.
@stewart said in ET INFO Outbound RRSIG DNS Query Observed:
modem buckles under the weight of simple DNS traffic
This intrigues me.
Dono what the ratio of "DNS traffic"/"All traffic is".
1 or 2 %, maybe ? I should investigate.
It's not the overall amount of bandwidth that's used. It's that DNS throws out a bunch of UDP packets in quick succession when doing the resolving and the modems become unresponsive during that time.
** with probably far to many bells and whistles.