<div dir="ltr">Hi Amaury.<div>You should be able to do this by defining your own trust anchors. This should explain what you need:</div><div><a href="https://bind9.readthedocs.io/en/latest/dnssec-guide.html#trusted-keys-and-managed-keys">https://bind9.readthedocs.io/en/latest/dnssec-guide.html#trusted-keys-and-managed-keys</a><br></div><div><br></div><div>Have fun.</div><div>Greg</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, 16 Mar 2024 at 13:38, Amaury Van Pevenaeyge <<a href="mailto:avanpevenaeyge@outlook.fr">avanpevenaeyge@outlook.fr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="msg6875118989778282140">
<div dir="ltr">
<div style="font-family:Calibri,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
<span style="color:rgb(0,0,0);background-color:rgb(255,255,255);display:inline">Hello I'm a student in my last year of the Master in Cybersecurity at ULB. As part of my thesis, I'm doing research to develop a DNS
Amplification scenario that will eventually be deployed within a Cyber Range. I have to carry out various measurements and develop different attacks in a virtual environment. I've already been able to set up my entire environment in VirtualBox for DNS (i.e.
without DNSSEC). Now I need to deploy DNSSEC on my server. I've managed to generate my key pairs and sign my DNS zones. However, when I try to do a dig from my client VM, I get a SERVFAIL. I think this is because the chain of trust can't be established, which
in my case is perfectly normal as I'm in an isolated test environment. So how can I deploy DNSSEC correctly so that the chain of trust is not taken into account and it works in my virtual environment? I think I know how DNSSEC works, but if you also have any
clarification to offer, I'd be delighted to hear from you. My BIND server runs on an Ubuntu22.04 Jammy Jellyfish VM.</span>
<div style="margin:0px;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="margin:0px;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Thanks in advance for your help.</div>
</div>
</div>
-- <br>
Visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" rel="noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
<br>
ISC funds the development of this software with paid support subscriptions. Contact us at <a href="https://www.isc.org/contact/" rel="noreferrer" target="_blank">https://www.isc.org/contact/</a> for more information.<br>
<br>
<br>
bind-users mailing list<br>
<a href="mailto:bind-users@lists.isc.org" target="_blank">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" rel="noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</div></blockquote></div>