DNSSEC and forward zones

Phil Mayers p.mayers at imperial.ac.uk
Tue Nov 1 20:00:35 UTC 2011

On 11/01/2011 06:24 PM, Lyle Giese wrote:

> A work-around (and it has some side effects and could be undesirable,
> just be aware of the side effects of doing this) is to declare .internal
> as a master zone in your DNS servers and then delegate
> policydomain.internal to your Windows AD servers in your .internal zone.

I was about to suggest trying that, but wasn't sure how it would 
interact with DNSSEC; any ideas?

More information about the bind-users mailing list