Right, it looks a bit dirty but makes sense. Thanks.
On 20 November 2017 at 15:13, Mark Andrews wrote:
> The simplest way is to slave the zone. Named won’t attempt to validate
> zone
> content it serves. If you have other applications that validate zone
> content
> sign your own zone and distr
The simplest way is to slave the zone. Named won’t attempt to validate zone
content it serves. If you have other applications that validate zone content
sign your own zone and distribute trust anchors for them.
Mark
On 20 Nov 2017, at 12:45 pm, Ivan Kurnosov wrote:
>
>
> Found it. It's cause
err: a typo in the last email `s/enable/disable/`
On 20 November 2017 at 14:45, Ivan Kurnosov wrote:
> Found it. It's caused by `dnssec`. If I enable it - the root servers are
> not being touched.
>
> Then the question is - can I still have `dnssec` and somehow
> internet-availability-tolerant c
Found it. It's caused by `dnssec`. If I enable it - the root servers are
not being touched.
Then the question is - can I still have `dnssec` and somehow
internet-availability-tolerant configuration?
On 20 November 2017 at 14:36, Ivan Kurnosov wrote:
> I'm having a really simple recursive DNS fo
I'm having a really simple recursive DNS for a small office, that has a
forwarded zone (being resolved by another local server).
The config looks like
options {
directory "/var/cache/bind";
dnssec-validation auto;
auth-nxdomain no;
listen-on-v6 { none; };
recursion yes;
5 matches
Mail list logo