DNSSEC and forward zone

Darren Ankney darren.ankney at gmail.com
Wed Apr 19 09:27:29 UTC 2023 

Hi David,

You can disable validation on one or more domains using "validate-except" -
https://bind9.readthedocs.io/en/latest/reference.html#namedconf-statement-validate-except

Thank you,

Darren Ankney

On Wed, Apr 19, 2023 at 5:05 AM David Carvalho via bind-users <
bind-users at lists.isc.org> wrote:

> Hello guys
>
> Asking for your help, again.
>
>
>
> So after setting up DNSSEC I’ve found I couldn’t reach some internal sites
> on my top domain, served by internal DNS servers
>
> There’s no need in hiding domains as my e-mail is shown here.
>
>
>
> Top domain
>
>
>
>
>
> ubi.pt (external DNS Servers authoritative)
>
>
>
>           Internal DNS servers (windows, Active directory - Recursive)
>
>     Internalsite1.ubi.pt
>
>                    Internalsite2.ubi.pt
>
>>
>
>
>
>
> di.ubi.pt
>
> (both authoritative and recursive for my networks)
>
>
>
> Previously I had the following to get internal sites resolved, but now it
> seems it is completely discarded by dnssec.
>
>
>
> zone "ubi.pt" IN {
>
>         type forward;
>
>         forwarders { 192.168.100.1; 192.168.100.2; };
>
> }
>
>
>
> Is there any configuration to allow me  to be able to access internal
> sites served by internal dns servers, I guess not using DNSSEC?
>
> Can this only be accomplished by adding these entries to my parent domain?
>
> Thanks!
>
>
>
> Kind regards
>
> David Carvalho
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20230419/89fe0ac1/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 252 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20230419/89fe0ac1/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 4514 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20230419/89fe0ac1/attachment-0003.png>

More information about the bind-users mailing list