I am new to both unbound and DNSSEC.
Trying to deploy unbound as local(127.0.0.1) recursive resolver on the CentOS 6.9 hosts.
These hosts are in company's internal network, with limited outbound access to internet on ports 80, 443 and 25.
Authoritative DNS servers for internal zone "example.local" are of type Active Directory DNS.
Before unbound, /etc/resolv.conf was pointing to these AD DNS servers.
With unbound, I am now using 127.0.0.1 as my recursive resolver on CentOS hosts.
I configured /etc/unbound/keys.d/trusted-key.key file with keys from AD DNS.
I also configured /etc/unbound/conf.d/example.local.conf to forward queries for "example.local" to
AD DNS servers.
With this I still have issues with respect to performing DNSSEC enabled lookups for outside hosts.
Can some one point me in the right direction on how to implement DNSSEC in such a scenario?
All in all, I want to be able to utilize unbound and DNSSEC for internal AD zone and external internet lookups.