Netdot-devel Digest, Vol 78, Issue 4

[netdot-devel-request]

Send Netdot-devel mailing list submissions to
        netdot-devel@osl.uoregon.edu

To subscribe or unsubscribe via the World Wide Web, visit
        https://osl.uoregon.edu/mailman/listinfo/netdot-devel
or, via email, send a message with subject or body 'help' to
        netdot-devel-requ...@osl.uoregon.edu

You can reach the person managing the list at
        netdot-devel-ow...@osl.uoregon.edu

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Netdot-devel digest..."


Today's Topics:

   1. [Netdot - Bug #1777] (New) DS records for DNSSEC
      (redm...@osl.uoregon.edu)


----------------------------------------------------------------------

Message: 1
Date: Wed, 25 Sep 2013 14:32:56 -0700
From: redm...@osl.uoregon.edu
Subject: [Netdot-devel] [Netdot - Bug #1777] (New) DS records for
        DNSSEC
To: a...@nsrc.org, netdot-devel@osl.uoregon.edu
Message-ID: <redmine.issue-1777.20130925143...@osl.uoregon.edu>
Content-Type: text/plain; charset=utf-8


Issue #1777 has been reported by Andy Linton.

----------------------------------------
Bug #1777: DS records for DNSSEC
https://osl.uoregon.edu/redmine/issues/1777

Author: Andy Linton
Status: New
Priority: Normal
Assignee: 
Category: DNS
Target version: 
Resolution: 


I want to add DS records for a subdomain in a DNSSEC domain I manage using 
Netdot. There appears to be support for DS records so that's good but when I 
try to add a record I have two problems:

1) I add a DS record with the values:

Key Tag:                34294
Algorithm:      5
Digest Type:    1
Digest:         18fafa1592ac30d743ffff98c82cec8f75e8e6c6
TTL:                    7200

When I try to export the relevant zone file this record is not included.

2) When I try to add a second DS record using the values:

Key Tag:                34294
Algorithm:      5
Digest Type:    2
Digest:         e41ed9134f5f9e211c7dd880e4dd22c2936f29d9255465852cb14f88fb6033d8
TTL:                    7200

Then I can't do it as there's an Index in the rrds table called rrds1 that 
enforces the rule that the rr,key-tag tuple should be unique. I think this is 
wrong. You need to be able to have at least two DS records with the same 
key-tag and a different digest/digest-type. See the output of 'dig ds org'

; ANSWER SECTION:
org.                    7416    IN      DS      21366 7 2 
96EEB2FFD9B00CD4694E78278B5EFDAB0A80446567B69F634DA078F0 D90F01BA
org.                    7416    IN      DS      21366 7 1 
E6C1716CFB6BDC84E84CE1AB5510DAC69173B5B2

This second problem can be fixed by altering the rrds1 Index definition.




-- 
You have received this notification because you have either subscribed to it, 
or are involved in it.
To change your notification preferences, please click here: 
http://osl.uoregon.edu/redmine/my/account


------------------------------

_______________________________________________
Netdot-devel mailing list
Netdot-devel@osl.uoregon.edu
https://osl.uoregon.edu/mailman/listinfo/netdot-devel


End of Netdot-devel Digest, Vol 78, Issue 4
*******************************************