DNSSEC auto-dnssec issue bind-9.7.2-P3
Hauke Lampe
lampe at hauke-lampe.de
Wed Jan 19 17:38:05 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 19.01.2011 15:59, Zbigniew Jasiński wrote:
> like i wrote in my previous email I've checked the journal file and
> there are updates with RRSIG records but still named is returning
> answers without signatures
Another thing you might check:
With "dnssec-enable no;" in named.conf, BIND still does its automatic
DNSSEC signing but won't add RRSIG to responses.
I ran across such a configuration lately. Your problem sounds similar.
Hauke.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk03IXIACgkQKIgAG9lfHFN0GgCfQssE0Gjl1iVH0EvX3K0RdXNQ
XUsAn1yeCOeolCfNmCEfOozhCKvgUOLW
=sDdG
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list