DNSSEC setup hint
This may be obvious to everyone else, and it may be documented somewhere in large letters with circles and arrows, but it was a surprise to me. key-directory in named.conf refers to the location for the .private key files, the .key files need to go with the domain conf files. (At least if there is a way around this, it alluded me). Also, though this is more obvious, make sure you set the owner to bind for akk the key files, as when you create them they will almost certainly be owned by root. -- U is for UNA who slipped down a drain V is for VICTOR squashed by a train ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Dnssec setting resolving weird
On 30 Jan 2019, at 14:21, Ismael Suarez wrote: > This is puzzling me big time. Maybe I’m missing something obvious. Don’t know. There must be something in the logs? -- 'I don't see why everyone depends on me. I'm not dependable. Even I don't depend on me, and I'm me.’ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Dnssec setting resolving weird
Hi all Having a weird scenario here With “dnssec-validation auto” sites with .tv (flingo.tv) stop resolving and if I run manually “rndc flushtree flingo.tv” it starts resolving for a while (like 15 min) then happens again. This is a caching server setup. Also if i comment out “// dnssec-validation auto” it runs fine but other sites start acting out weird. Like for example secure.ciapr.org that stops resolving until I run the flushtree command. Any thoughts? This is puzzling me big time. Maybe I’m missing something obvious. Don’t know. Ismael This email was scanned by Bitdefender ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users