Hello, NSD 4.7.0 running on FreeBSD 13.X and serving DNSSEC signed zone (say mydomain.org) to the world.
I've been approached by a customer with the request to include certain records into mydomain.org zone which will be resolvable only from their premises. I'm thinking to setup a pair of unbound instances, ask the customer to configure conditional forwarding for mydomain.org to those unbound instances, and serve requested records by unbound, while the rest of the zone will be handled by NSD. I think this will break DNSSEC for them -- do you think this is the right approach? Any ideas would be very much appreciated. Thank you. _______________________________________________ nsd-users mailing list nsd-users@lists.nlnetlabs.nl https://lists.nlnetlabs.nl/mailman/listinfo/nsd-users
