Posts

Is multiple CAA DNS-records allowed? Yes!

A client was about to renew one of their SSL certificates and the provider requested them to add a CAA DNS-record for the provider. The client already had one CAA DNS-record for another provider in their domain, becuase they where using different providers of SSL certificates for different purposes in their organization.

The CAA DNS-record for the provider in question was added but the provider said they couldn’t issue the certificate as long as there was another CAA DNS-record present. The provider claimed there can only be one CAA DNS-record present in the domain.

The provider might be correct in the sense of that the provider’s system can’t handle multiple CAA records but multiple CAA records is not a violation of the RFC! It is just the provider who can’t handle it and makes it the customers problem.

This might be a simple way of obstructing the client in using the provider’s competitors but the provider is not correct in their statement. According to RFC8659 there are no limitations in the number of CAA DNS-records in one domain. The provider should just look for their CAA DNS-record in the client domain DNS-records and ignore competitors records.

Ubuntu eee: Intermittent DNS problems with Windows Vista Internet Connection Sharing (ICS)

When connecting an Asus EeePC 900/901 running Ubuntu eee 8.04 (‘Easy Peasy‘) to the Internet through a Windows Vista machine running Internet Connection Sharing (ICS) and you are experiencing intermittent DNS-problems, the problem can be related to IPv6 being enabled but there is no IPv6 Internet connection (only IPv4). In Firefox there is a DNS-error displayed, but hitting reload one or more times will bring up the desired web page. Internet access can also be experienced as slow or sluggish.

The problem can be that IPv6 is enabled in both the Windows Vista and the Ubuntu machine but there is no IPv6 Internet connection. The problem can be resolved by disabling IPv6 in Windows Vista running ICS. You can of course solve it by disabling IPv6 in the Ubuntu machine but then you have to disable it in every client inte network using the ICS, so it is more efficient to disable it in the Windows Vista running the ICS.

Instructions how to disable IPv6 in Windows Vista is found here. Don’t forget to enable it once you hook up your Windows Vista machine into an IPv6 enabled Internet connection Wink