Problems with resolving a local tld
Mark Andrews
marka at isc.org
Thu Feb 28 01:34:23 UTC 2013
In message <512E31CA.5030001 at htt-consult.com>, Robert Moskowitz writes:
> For various testing reasons, I have been running a tld here of htt. It
> has worked of old and continues to work on my new 9.8.2 Centos servers.
> Problem came up from a namecaching server that 'forwards only' to my
> internal server. It cannot resolve any hosts in this tld and on the
> server forwarded to I see:
Well one really shouldn't be creating one's own tlds. That said
sign the zone and add a trust anchor (managed-keys/trusted-keys)
for it. The validator won't ask the root zone for the DS records
from the zone once you do that.
Anything from 9.3.0 onwards can sign modern ones. If you want NSEC3
the 9.6.0 onwards.
> Feb 27 11:16:14 rigel named[9294]: error (chase DS servers) resolving
> 'htt-consult.com/DS/IN': 208.83.67.188#53
Something not fully dnssec aware in the resolution path?
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list