On 06/02/2018 16:00, Matus UHLAR - fantomas wrote:
our customer uses a domain that is registered, but hidden
(doesn't exist in DNS).
The domain is used by multiple organizations and we are required to forward
lookups for the domain to foreign internal servers.
The problem is, that parent domain (.eu) indicates that the domain is to be
signed and since default bind installation validates DNSSEC, lookups are
refused:
On 06.02.18 16:08, Ray Bellis wrote:
The statements above are mutually contradictory.
If the domain is in use by multiple organisations, which of them put the
DS record in the .eu zone? If it doesn't exist in the DNS then there
can be no DS record.
Or is it the case that perhaps that the parent .eu zone is actually
denying the existence of that zone?
yes - as I stated above, it's hidden from the world.
I was apparently wrong with saying about it to be signed.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I drive way too fast to worry about cholesterol.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
