On 02/13/12 18:57, Spain, Dr. Jeffry A. wrote:
Ok, thanks a lot. I thought it was a client process. Now I can query
for the DS, DNSKEY records from isc.org.
Final question -- bind.odvr.dns-oarc.net is a cache right? Does bind
has such a caching program? Do we have a DNSSEC capable resolver in BIND?
Bind *is* a caching program.
Yes, bind is a DNSSEC-capable resolver.
Given your interest in the internals of the DNSSEC validation process, you
should consider building your own bind recursive resolver. You could use
wireshark to see all the information flow between it and the various
authoritative servers it queries following a 'dig @localhost ...' command. You
could use 'rndc flush' between queries so that the cache does not obscure what
is happening. Jeff.
Yes, that's on the way. DNS server/cache using BIND tools. I already
know how to do it with djbdns.
Thanks for all the help!! :-)
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
