On 2010/08/16 08:46, Nicholas Marriott wrote:
> cvsps is absolutely invaluable for this sort of stuff.
it is, but our changes to BIND are in areas which have seen quite
a few changes upstream.
>
> On Mon, Aug 16, 2010 at 08:12:53AM +0200, Denis Fondras wrote:
> > Hello,
> >
> > Following my pre
cvsps is absolutely invaluable for this sort of stuff.
On Mon, Aug 16, 2010 at 08:12:53AM +0200, Denis Fondras wrote:
> Hello,
>
> Following my previous message from July, 18th, I am back to BIND as
> my tests with nsd/unbound are not really conclusive (can't make both
> work with only one IP an
Hello,
Following my previous message from July, 18th, I am back to BIND as my
tests with nsd/unbound are not really conclusive (can't make both work
with only one IP and they don't support views).
So I rolled up my sleeves and started to port OpenBSD changes to
BIND-9.7.1-P2. Changing str-fu
Le 19/07/2010 19:43, Thordur I Bjornsson a icrit :
Have fun!
thib.
Thanks to all who respond on/off-list :)
I think I'll start to look at Unbind & nsd.
Denis
>> And if I use the DLV anchor, domains under .org TLD are not
>> reachable (because, if I understand correctly, the key is signed
>> with RSASHA1-NSEC3-SHA1 and Bind-9.4 doesn't support it).
You're lucky that an error raised for you. I had to stop using DNSSEC
because of misinterpretation NSEC3 t
On Sun, Jul 18, 2010 at 07:45:28PM +0200, Denis Fondras wrote:
> Hello all,
>
> I'm doing some testing with DNSSEC now that root are signed but it
> seems BIND-9.4.2-P2 (provided with OpenBSD 4.7) is not able to load
> the trust-anchor :
>
> Jul 18 19:35:22 rb600a named[11605]: loading configurat
Hello all,
I'm doing some testing with DNSSEC now that root are signed but it seems
BIND-9.4.2-P2 (provided with OpenBSD 4.7) is not able to load the
trust-anchor :
Jul 18 19:35:22 rb600a named[11605]: loading configuration from
'/etc/named.conf'
Jul 18 19:35:22 rb600a named[11605]: /etc/nam
