On Fri, Feb 19, 2016 at 05:38:00PM +0100, l...@hosting.de wrote: > Dear PDNS-Devs, > > we use PowerDNS version 3.4 for our nameserver backend. Recently we > have added a signing server which signs zones with ldns. Ldns > creates both NSEC(3) and NSEC3PARAM records. As PowerDNS synthesizes > these records we have to throw them away and create record > ordernames and domain metadata to add the zone to our nameservers. > We couldn't find much documentation about how to add presigned zones > to a PowerDNS database, so it took a while to get this to work. Now > we have a signing server that is tightly coupled to our nameserver > even though both systems work completely independently. > > While looking through the PowerDNS code we found the calls to > UeberBackend::getDirectNSECx in PacketHandler::addNSEC and > PacketHandler::addNSEC3 and noticed that > UeberBackend::getDirectNSECx calls DNSBackend::getDirectNSECx for > every backend. However, that method isn't implemented in the > GSQLBackend, which we use. > > What we would like to do is implement GSQLBackend::getDirectNSECx to > fetch NSEC(3) records from the database, if they are stored there, > or else return false. > > Additionaly we would like to expand the PacketHandler::addNSEC3Param > method to try to fetch the NSEC3PARAM record from the database > before synthesizing one as well. > > What we would like to know is if you would be interested in those > changes and would be willing to accept a corresponding pull request? > > Best regards, > > Sebastian Melinat > hosting.de GmbH
Hi! Can you please open an issue at https://github.com/PowerDNS/pdns about this? It is not very difficult feature to implement, but it's best remembered if you open one. Aki _______________________________________________ Pdns-dev mailing list Pdns-dev@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-dev
