disable dnssec for particular domain
Matus UHLAR - fantomas
uhlar at fantomas.sk
Tue Feb 6 16:12:11 UTC 2018
>On 06/02/2018 16:00, Matus UHLAR - fantomas wrote:
>> our customer uses a domain that is registered, but hidden
>> (doesn't exist in DNS).
>>
>> The domain is used by multiple organizations and we are required to forward
>> lookups for the domain to foreign internal servers.
>>
>> The problem is, that parent domain (.eu) indicates that the domain is to be
>> signed and since default bind installation validates DNSSEC, lookups are
>> refused:
On 06.02.18 16:08, Ray Bellis wrote:
>The statements above are mutually contradictory.
>
>If the domain is in use by multiple organisations, which of them put the
>DS record in the .eu zone? If it doesn't exist in the DNS then there
>can be no DS record.
>
>Or is it the case that perhaps that the parent .eu zone is actually
>denying the existence of that zone?
yes - as I stated above, it's hidden from the world.
I was apparently wrong with saying about it to be signed.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I drive way too fast to worry about cholesterol.
More information about the bind-users
mailing list