Hello.
I don't think that bind trying to sign with non-existent key will do any
harm - probably just warning.
But it's simpler - change metadata of the key - set deletion time to the
time you want the key to be deleted (like DS deletion time+TTL).
Bind with auto-dnnsec allow re-reads the metadata
Hello Jeffry,
FWIW I'm not able to reproduce this using a BIND 9.9.1-P1 recursive resolver. On this system "dig @localhost vlasext.partners.extranet.microsoft.com a" returns the answer 70.42.230.20 and identifies dns11.one.microsoft.com (94.245.124.49) as one of four authoritative servers. "dig @
Hello Carsten,
At Men& Mice I've investigated this issue a few weeks ago for one of
our customers. At that point of time, we've seen NS records with
private addresses:
That's interesting but it still doesn't explain why BIND reports a
format error in the reply it receives.
The reply is nonsens
Hello Carsten,
Thanks for your reply!
about the FORMERR. This might be caused by a Firewall or other
middlebox that truncates the large answer containing the NS record set
for this domain.
I see the same if I try to fetch the delegation NS records from the
parent domain (microsoft.com) for part
I'm experimenting with rolling over my DNSKEYs from algorithm 7 to 8. The
Bv9ARM doesn't discuss this procedure explicitly as far as I can tell, but
section 4.9 presents some clues. I'd like to ask the experts on this list if
the following procedure might accomplish an algorithm rollover cleanly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Gabriele,
On 6/22/12 11:22 AM, Gabriele Paggi wrote:
> I'm a BIND novice and I'm trying to understand what causes my
> BIND9 resolver (bind97-9.7.0-10.P2) to return an error when queried
> for the A record of vlasext.partners.extranet.microsoft
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Gabriele,
On 6/22/12 11:22 AM, Gabriele Paggi wrote:
> I'm a BIND novice and I'm trying to understand what causes my
> BIND9 resolver (bind97-9.7.0-10.P2) to return an error when queried
> for the A record of vlasext.partners.extranet.microsoft.
7 matches
Mail list logo