On 18/04/2019 09:23, abubin wrote:
However, due to DNSSEC it is not resolving the zone. It will work if I
disable DNSSEC in bind.
You need to create a Negative Trust Anchor in your recursor for the
domain you are forwarding.
If you were using powerdns recursor, the instructions are here:
On Thu, Apr 18, 2019 at 11:18 AM abubin wrote:
> I have looked into Bind's negative trust anchor implementation. Seems like
> in Bind, this option cannot be specified to more than 1 week. After 1 week
> the negative trust will be removed.
>
The content you quote yourself seems to indicate
On Thu, Apr 18, 2019 at 6:44 AM Jackson Yap wrote:
> Hi all,
>
>
>
> We have a strange situation. Previously we are able to do a zone transfer
> of non-dnssec zones. But now, when we tried to transfer a dnssec zone, we
> have the error below.
>
>
>
> Zone is already activated dnssec on source
On Thu, Apr 18, 2019 at 10:24 AM abubin wrote:
> I have just installed pdns and pdns-recursor on a server in secondary
> site. The primary site is using CentOS 7 bind to host private DNS.
>
> I am trying to create a forwarding DNS from bind to pdns in primary site.
> For example, when I query
On 18/04/2019 11:30, abubin wrote:
I am sorry as I am very new at this. FYI, both the DNS servers are
PRIVATE. The domains they are hosting does not get published to the
internet. It is mainly only for internal usage.
Sure. But your cache is DNSSEC validating, and is rejecting the domain
as
On Thu, Apr 18, 2019 at 10:39 AM Jackson Yap wrote:
> Yes, I’m trying to do AXFR of DNSSEC zones from source powerdns (cpanel)
> to another powerdns server.
>
>
>
>1. Do you mean I just need it secured at source server that’s all?
>2. I’m using notify to send the DNSSEC zones to the
Thanks,
Yes, I’m trying to do AXFR of DNSSEC zones from source powerdns (cpanel) to
another powerdns server.
1. Do you mean I just need it secured at source server that’s all?
2. I’m using notify to send the DNSSEC zones to the destination powerdns
server. Is there still need to set
I have looked into Bind's negative trust anchor implementation. Seems like
in Bind, this option cannot be specified to more than 1 week. After 1 week
the negative trust will be removed.
https://ftp.isc.org/isc/bind/9.11.0a1/doc/arm/man.rndc.html
*nta [( -d | -f | -r | -l duration)] domain [view]*
Hi,
I have just installed pdns and pdns-recursor on a server in secondary site.
The primary site is using CentOS 7 bind to host private DNS.
I am trying to create a forwarding DNS from bind to pdns in primary site.
For example, when I query the primary DNS (1.2.3.4), it will forward
certain
Hi,
I am sorry as I am very new at this. FYI, both the DNS servers are PRIVATE.
The domains they are hosting does not get published to the internet. It is
mainly only for internal usage. Link between them is using a lease line. I
have no problem querying from secondary site (running pdns) to
On Thu, Apr 18, 2019 at 12:31 PM abubin wrote:
> I am sorry as I am very new at this.
>
That's okay! I was new to details on DNSSEC until a month ago too. :-)
> FYI, both the DNS servers are PRIVATE. The domains they are hosting does
> not get published to the internet. It is mainly only for
11 matches
Mail list logo
