Cc: bind-users@lists.isc.org
Sent: Monday, November 22, 2021 3:49:30 PM
Subject: Re: DNSSEC implementation on IPv6 PTR Zones
How to create DS for 2409::/28
With Regards
Divya Parashar
From: m...@posix.co.za
To: bind-users@lists.isc.org
Cc: "Divya"
Sent: Thursday, November
Divya wrote:
> How to create DS for 2409::/28
The fun / maddening part of managing reverse DNS is getting to know how
your RIR handles it, and the weird differences from common-or-garden
forward domain registrations. In your case, 2409::/28 is allocated by
APNIC. They have a bit of document
How to create DS for 2409::/28
With Regards
Divya Parashar
From: m...@posix.co.za
To: bind-users@lists.isc.org
Cc: "Divya"
Sent: Thursday, November 18, 2021 3:44:56 PM
Subject: Re: DNSSEC implementation on IPv6 PTR Zones
And I can testify that this works. I have 2001
On Thu, Nov 18, 2021 at 09:47:03AM -0700, Grant Taylor via bind-users
wrote:
> On 11/18/21 3:14 AM, Mark Elkins wrote:
> > With IPv6 - you might want to use NSEC3 - as there can be huge holes in
> > the reverse zone. Make the bad guy work at guessing what is in the zone.
>
> Be mindful of curre
On 11/18/21 3:14 AM, Mark Elkins wrote:
With IPv6 - you might want to use NSEC3 - as there can be huge holes in
the reverse zone. Make the bad guy work at guessing what is in the zone.
Be mindful of current efforts for minimizing NSEC3 rounds / iterations
which purportedly have a diminishing R
Hello
št 18. 11. 2021 o 10:28 Divya napísal(a):
> Dear Admin,
>
> Has anybody implemented DNSSEC on IPv6 reverse zones?
> Kindly help us to configure DNSSEC on reverse zones of IPV6 segment with
> BIND 9.17.16+CentOS 7.9.
>
> With Thanks & Regards
> Divya
>
I can confirm working DNSSEC for I
And I can testify that this works. I have 2001:42a0::/32 signed via AFRINIC.
One suggestion though. When one signs an IPv4 reverse - use NSEC - as
everyone can guess what is there anyway.
With IPv6 - you might want to use NSEC3 - as there can be huge holes in
the reverse zone. Make the bad guy
You do it exactly the same as any other zone. You create DNSKEYs. You sign the
zone. You add DS records to the parent zone.
--
Mark Andrews
> On 18 Nov 2021, at 20:28, Divya wrote:
>
>
> Dear Admin,
>
> Has anybody implemented DNSSEC on IPv6 reverse zones?
> Kindly help us to configure
Dear Admin,
Has anybody implemented DNSSEC on IPv6 reverse zones?
Kindly help us to configure DNSSEC on reverse zones of IPV6 segment with BIND
9.17.16+CentOS 7.9.
With Thanks & Regards
Divya
___
Please visit https://lists.isc.org/mailman/listi
9 matches
Mail list logo