Raymond Drew Walker <ray.wal...@nau.edu> wrote: > In testing, this pipe sets up the following for nsupdate which fails:
Sorry, I forgot the TTL command. Adjust its value as you require... dig +noall +answer dnskey $child | dnssec-dsfromkey -f /dev/stdin $child | (echo "zone $parent"; echo "ttl 3600"; sed 's/^/update add /'; echo "send") | nsupdate -l > Am I also missing somewhere in the RFC where NS records of children zones > need be populated in the parent? Is this something that has changed with > the addition of DNSSEC? No, it has always been an error. See RFC 2181 section 6. DNSSEC just makes the breakage more obvious. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Fisher: Southwesterly 5 to 7, occasionally gale 8. Rough or very rough. Showers then rain. Moderate or good. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
