dnssec enabled recursive server
Pamela Rock
prock111 at yahoo.com
Fri Oct 23 19:07:23 UTC 2009
This environment is in a lab.
I have a DNSSEC enabled server with a signed .TLD zone (again, in a lab). I have a client that can accurately run queries against the signed .TLD zone.
So this works...
DNSSEC Enabled Client => DNSSEC Enabled .TLD
I'm trying to put a recursive BIND 9.6.1-P1 server between .TLD and the client.
DNSSEC Enabled Client => Recursive BIND => DNSSEC Enabled .TLD
I setup the cache file on the recursive BIND to point all root servers to the DNSSEC Enabled .TLD. I enabled dnssec-enable and dnssec-validation in the named.conf. I pulled the keys from DNSSEC Enabled .TLD using dig +dnssec com @test.server.TLD and put them in the named.conf. Yet my recursive DNSSEC 9.6.1 server does not answer DNSSEC queries from the client.
Any hints or clues to how to make the recursive DNSSEC work would be appreciated. Thanks in advanced.
More information about the bind-users
mailing list