DNSEC and Bin 9.12
@lbutlr
kremels at kreme.com
Mon Jan 21 19:32:19 UTC 2019
A couple of questions
First, guides on setting up DNSSEC say to add dnssec-lookaside auto; in the options, but bind repots an error:
/usr/local/etc/namedb/named.conf:35: dnssec-lookaside 'auto' is no longer supported
Does this mean the entire declaration is not supported, or that auto should be changed to something else?
Second, I’ve seen recommendations for " dnssec-validation auto;” and " dnssec-validation yes;” but no clear explanation on which should be used.
Third, what does “not at top of zone” mean in dnssec-verify?
--
Heisenberg's only uncertainty was what pub to vomit in next and Jung
fancied Freud's mother too. -- Jared Earle
More information about the bind-users
mailing list