Need guidance on configuring DNSSEC
Vishal Gandhi
vgandhi at fdu.edu
Fri Oct 11 14:32:22 UTC 2013
Hi,
We are using BIND v9.8.2.
Currently, we are setting up AD infrastructure for internal/local network. We've configured one controller to be the primary for this local zone (fdu.local) for DNS queries. Our primary DNS server (which indeed is a different server) is configured to hold this as a slave. We would like configure DNSSEC and I am wondering where can we get this started from.
We are planning to sign local zone (fdu.local). Is it required to sign the parent zone (fdu.edu) as well or we can live with it unsigned?
What are pros and cons of signing parent zone (fdu.edu)?
We've found information on signing zones on AD at least. Can some one provide us steps to enable and configure DNSSEC for our domains.
Thanks in advance.
Vishal K. Gandhi
Systems Analyst/E-Mail Specialist
University Systems and Security
1000 River Road, Teaneck NJ 07666
Mail Stop: T-BH1-01
: 201-692-2414 | : 201-692-2494 | : vgandhi at fdu.edu
"Fairleigh Dickinson University will never
ask for your password. Please do not share it with others!"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20131011/3dfd3dde/attachment.html>
More information about the bind-users
mailing list