Hi all,
We're running a PowerDNS 3.4.6 installation with the MySQL backend, and we’re
using pdnsutil secure-zone/set-nsec3/rectify-zone to automatically secure all
of our domains (the least-effort method, instead of manually signing
everything). It works great. Thanks for the excellent
Out of curiosity, what DOES PowerDNS do if it finds an both an A and an
RRSIG record for a.b.c.com in the database?
Nick
On Wed, Jan 6, 2016 at 12:33 PM, Aki Tuomi wrote:
> The code does not support this but you might be able to use postresolve
> Lua hook to break the reply
On Wed, Jan 06, 2016 at 12:46:38PM -0600, Nicholas Williams wrote:
> Out of curiosity, what DOES PowerDNS do if it finds an both an A and an
> RRSIG record for a.b.c.com in the database?
Hi Nicholas,
To answer both your messages in one go, if you run with 'presigned zones',
PowerDNS will use the
(inline)
On Wed, Jan 6, 2016 at 11:42 AM, Nicholas Williams
wrote:
> I'll look into that other script. Thanks, Bert.
>
>> How about a creating a separate sub-zone with a broken presigned DNSSEC
>
>> You can set presigned for just that single zone using the
On 2016-01-06 20:42, Nicholas Williams wrote:
I'll look into that other script. Thanks, Bert.
How about a creating a separate sub-zone with a broken presigned
DNSSEC
You can set presigned for just that single zone using the
PRESIGNED domain metadata[1] int your database.
I really like