Create DS and DLV records

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed May 5 06:59:48 UTC 2010


On Wed, May 05, 2010 at 11:59:23AM +0530,
 rams <bramesh80 at gmail.com> wrote 
 a message of 36 lines which said:

> could you please explain me, how to create DS and DLV records into my zone.

If you want to add DS or DLV records in _your_ zone, you typically never
create them. Managers of child zones do it and they send it to you and
you just include them.

However, I believe your question is not phrased properly and you want
to create DS and DLV records to be included, not in your zone but in
the _parent_ zone. Correct?

If so, it depends on the signer you use. With BIND's dnssec-signzone,
a file containing the DS (and named from the zone) is created by
default:

% cat dsset-example.org.  
example.org.		IN DS 38078 7 1 48DC6B209ABB716549F833852141890DC99D4BCA
example.org.		IN DS 38078 7 2 30CC4B8F36687D3C2B7FD64448C167295875DE5486BBCCE4E36CDA52 6656C547

With option '-l dlv.isc.org', you can create DLV records as well:

% cat dlvset-example.org. 
example.org.dlv.isc.org. IN DLV	38078 7 1 48DC6B209ABB716549F833852141890DC99D4BCA
example.org.dlv.isc.org. IN DLV	38078 7 2 30CC4B8F36687D3C2B7FD64448C167295875DE5486BBCCE4E36CDA52 6656C547

(Note they have the same syntax so you could use an editor to create
them as well...)



More information about the bind-users mailing list