disable dnssec in bind resolver
Evan Hunt
each at isc.org
Fri Jun 4 18:22:35 UTC 2010
> First, dns-validation is 'off' by default in all BIND versions. It's
> dnssec-enable that started defaulting to 'yes'.
Correct in the sense that there are no configured trust anchors, so
validation doesn't happen.
Incorrect in the sense that the "dnssec-validation" option *is* turned on
by default, from BIND 9.5.0 onward.
You're right that this isn't relevant to Jan's problem, though.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list