I don't understand that. Are you saying that "dnsec-validation no;" is in your named.conf or are you saying you don't believe it is necessary to set it there because by default validation is off? If the latter what does it hurt to try it? Obviously something isn't working the way you expect or you wouldn't have asked.
-----Original Message----- From: bind-users-bounces+jlightner=water....@lists.isc.org [mailto:bind-users-bounces+jlightner=water....@lists.isc.org] On Behalf Of Jan Buchholz Sent: Friday, June 04, 2010 10:50 AM To: Paul Wouters Cc: bind-users@lists.isc.org Subject: Re: disable dnssec in bind resolver 2010/6/4 Paul Wouters <p...@xelerance.com>: > On Fri, 4 Jun 2010, Jan Buchholz wrote: > >> how i can disable dnssec in the bind resolver ? My firewall don´t let >> packets with D0 flag through. I´ve tried 'dnssec-enable no;' , but >> this don´t fix the problem. > > I believe that only disables *serving* DNSSEC records. > > I think you want 'dnssec-validation no;' > > Paul > sorry, 'dnssec-validation no;' is already configured, because that´s the default. Jan _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Proud partner. Susan G. Komen for the Cure. Please consider our environment before printing this e-mail or attachments. ---------------------------------- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. ---------------------------------- _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
