Dears, i use a customs dnsmasq confirguration in which dnsmasq uses my local DNS Server for unqualified hostnames and hostnames with custom domain dw.internal
Configuration looks like this: # Add other name servers here, with domain specs if they are for # non-public domains. servers-file=/var/run/NetworkManager/local-net-dns-servers.conf /var/run/NetworkManager/local-net-dns-servers.conf server=/dw.internal/10.24.64.3@eth0 server=//10.24.64.3@eth0 i have DNSSEC Validation enabled, an now when querying a local hostname: dig router1.dw.internal dnsmasq tries to validate the response even if this local zone is not signed.validation router1.dw.internal is ABANDONED i fixed this by including trust-anchor=internal in the global dnsmasq.conf But maybe we can AUTOMATICALLY exclude any custom non-public domain from dsnssec validation? If not possible , does the logic allow including the trust-anchor statement in the servers-file ? Prior v2.92 Validation for internal domain just went fine Expecting any advise-- Secured with Tuta Mail: https://tuta.com/free-email _______________________________________________ Dnsmasq-discuss mailing list [email protected] https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
