DNSKEY failure
Matthijs Mekking
matthijs at isc.org
Mon Feb 8 08:30:01 UTC 2021
Hi,
On 05-02-2021 10:23, @lbutlr wrote:
> So, with my test domain that is using dsnssec-policy default dnsviz reports
>
> "DNSKEY: No response was received from the server over UDP"
>
> But:
>
> dig +norec +dnssec +bufsize=512 +ignore dnskey
>
> Shows a DNSKEY record.
It would be useful to also provide the dig output, and what domain it is
about.
Compare the output with the response you get when you dig your name servers.
Best regards,
Matthijs
> (There is no DNSKEY record shown on the domains still using auto-dnssec maintain; with alg-7 keys, but I think that is expected).
>
> Is this a propagation issue, or is there something I need to do for "192.112.36.4, UDP_-_EDNS0_512_D_KN" to see the DNSKEY record?
>
> example.com. 3600 IN RRSIG DNSKEY 13 2 3600 20210217190645 20210203180645 18434 example.com. {blah blah blah}
>
>
More information about the bind-users
mailing list