Re: DNSSEC and forwarding

2022-04-13 Thread Mark Andrews
> On 14 Apr 2022, at 01:02, Duchscher, Dave J via bind-users > wrote: > > >> On Apr 13, 2022, at 12:00 AM, Grant Taylor via bind-users >> wrote: >> >> This Message Is From an External Sender >> This message came from outside your organization. >> On 4/12/22 7:18 PM, Duchscher, Dave J via

Re: Question about missing bind.keys

2022-04-13 Thread Evan Hunt
On Tue, Apr 12, 2022 at 09:37:22PM -0400, J Doe wrote: > Apologies for my late reply. Thank you so much for the detailed > explanation of: dnssec-validation auto and what happens when: bind.keys > doesn't exist. > > With this setting in place in my: named.conf I then restarted BIND, gave > it

Re: DNSSEC and forwarding

2022-04-13 Thread Benny Pedersen
On 2022-04-13 17:08, Nicholas Miller wrote: I believe this is the option you are looking for: validate-except { domain.example; }; rndc nta domain.example remember to define nta ttl in named.conf -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this

Re: DNSSEC and forwarding

2022-04-13 Thread Duchscher, Dave J via bind-users
On Apr 13, 2022, at 10:08 AM, Nicholas Miller wrote: > > I believe this is the option you are looking for: > > validate-except { domain.example; }; Thanks but that doesn't fix our problem. We use it to fix the problematic domains for now but that is a temporary solution. There is always

Re: DNSSEC and forwarding

2022-04-13 Thread Nicholas Miller
I believe this is the option you are looking for: validate-except { domain.example; }; _ Nicholas Miller, OIT, University of Colorado at Boulder > On Apr 13, 2022, at 9:02 AM, Duchscher, Dave J via bind-users > wrote: > > >> On

Re: DNSSEC and forwarding

2022-04-13 Thread Duchscher, Dave J via bind-users
> On Apr 13, 2022, at 12:00 AM, Grant Taylor via bind-users > wrote: > > This Message Is From an External Sender > This message came from outside your organization. > On 4/12/22 7:18 PM, Duchscher, Dave J via bind-users wrote: > > We are dropping this configuration and looking at doing

Re: Supporting LOC RR's

2022-04-13 Thread Bjørn Mork
Timothe Litt writes: > Anyhow, it's not clear exactly what problem you're asking LOC (or > anything) to solve. Which problems do LOC solve? I remember adding LOC records for fun?() in the previous millennium when RFC 1876 was fresh out of the press. But even back then paranoia finally took

AW: all resource record types and examples

2022-04-13 Thread Klaus Darilion via bind-users
As I have such a zone I will paste it here. But fore sure it is not complete as it was created some time ago. regards Klaus $ cat types.test $TTL 60 ; 1 minute @ IN SOA sec1.rcode0.net. rcodezero.ipcom.at. ( 36 ; serial