DNSSEC authentication and ad parameter
Gaurav kansal
gaurav.kansal at nic.in
Wed Jan 11 12:45:01 UTC 2012
Thanks Anand.
I have one more question.
Is there any option in bind which facilitates me to answer my clients for
that zone only which has DNSSEC enable??? For all other queries, it should
not answer.
Please don't print this e-mail until & unless you really need, it will save
Trees on Planet Earth.
IPv4 is Over,
Are your ready for new Network.
Thanks n Regards,
GAURAV KANSAL
9910118448
VoIP - 6259
Operation And Routing Unit
NIC , NEW DELHI
-----Original Message-----
From: Anand Buddhdev [mailto:anandb at ripe.net]
Sent: Wednesday, January 11, 2012 4:37 PM
To: Gaurav kansal
Cc: bind-users at lists.isc.org
Subject: Re: DNSSEC authentication and ad parameter
On 11/01/2012 11:13, Gaurav kansal wrote:
Hi Gaurav,
> Now, I understand why I was not getting my "AD" flag set in query
response.
>
> I tried from google dns (8.8.8.8) also but didn't get "AD" bit set.
> This may be because 8.8.8.8 might not be configured for DLV validation.
>
> Is there any open dns available from which I can check my domain for "AD"
> flag set?????????????
DNS OARC runs a pair of validating servers, open to the public. Here's a
page with more information about then:
https://www.dns-oarc.net/oarc/services/odvr
Regards,
Anand Buddhdev
RIPE NCC
More information about the bind-users
mailing list