Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Forward zone for private TLD doesn't work with DNSsec validation #30

Open
nprbsg opened this issue Apr 14, 2015 · 2 comments
Open

Forward zone for private TLD doesn't work with DNSsec validation #30

nprbsg opened this issue Apr 14, 2015 · 2 comments

Comments

@nprbsg
Copy link
Contributor

nprbsg commented Apr 14, 2015

The default values for the bind class configure a server with DNSsec enabled and validation enabled. This causes ServFail responses in forward zones for private TLDs due to the lack of proper delegation from the root zone.
@beddari
Copy link
Contributor

beddari commented Oct 13, 2015

Hmm. I think this should be documented, but not sure about changing the defaults. Any suggestions @nprbsg ?

@nerdlich
Copy link
Contributor

nerdlich commented Feb 9, 2016

Not an issue of this module, imho, rather a limitation of your setup. Ways around this (without deactivating DNSSEC):

  • slave the private zone locally
  • sign the private zone and install key as trust anchor in local recursor
  • host the private TLD locally and delegate the actual zone to localhost (which then forwards)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@beddari @nerdlich @nprbsg