Hi,
Does BIND9 allow per zone dnssec setting? I wanted to forward requests for
certain zone to remote resolvers which doesn't support DNSSEC and also disable
dnssec validation for that particular zone because forward-only resolver will
return SERVFAIL to the client when the remote resolves don't support DNSSEC.
I was hoping I could configure dnssec on the zone level but that didn't appear
to be supported (snippet from my test config):
zone "isc.org" { type forward; dnssec-validation no; forward only;
forwarders { 208.67.220.220; };}
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
