Hi, DNSmasq indeed works quite well:
(in Dutch) https://www.sidnlabs.nl/laatste-berichten/nieuwsdetail/article/dnssec-validatie-op-de-client-met-behulp-van-dnsmasq/ Speaking of client-side validation, Bloodhound might also proof to be worthwhile. I like it: https://www.dnssec-tools.org/wiki/index.php/Bloodhound And then there is also DNSSEC-trigger: http://www.nlnetlabs.nl/projects/dnssec-trigger/ (personally not one of my favorites, but I haven't played with it recently, so my experience is probably outdated). If you use Linux and like to try out things, you might be interested in this: https://github.com/edmonds/nss-ubdns. Not sure if that qualifies as 'production-quality' though. Regards, -- Marco On 11/08/14 18:45, David Conrad wrote: > Hi, > > I’m trying to collect an exhaustive list of (production-quality) DNSSEC > validating resolvers. The ones I know of so far are: > > BIND > Unbound > Nominum Vantio > Google Public DNS > > Any others? > > (From looking at the website, PowerDNS Recursor doesn’t appear to validate > but I might be missing the obvious…) > > Thanks, > -drc >
smime.p7s
Description: S/MIME Cryptographic Signature
