[126527] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Root Zone DNSSEC Deployment Technical Status Update

daemon@ATHENA.MIT.EDU (itservices88)
Thu May 20 12:19:01 2010

In-Reply-To: <4902.1274370793@localhost>
Date: Thu, 20 May 2010 09:18:46 -0700
From: itservices88 <itservices88@gmail.com>
To: Valdis.Kletnieks@vt.edu
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

I have these in named.conf

        dnssec-enable yes;
        dnssec-validation yes;
//      dnssec-lookaside "." trust-anchor "DLV.ISC.ORG";
With the trust-anchor uncommented, as soon as i enable and reload bind, dig
gives timeout, while dig has no issues with first two commands enabled.

-dani


On Thu, May 20, 2010 at 8:53 AM, <Valdis.Kletnieks@vt.edu> wrote:

> On Thu, 20 May 2010 08:33:47 PDT, itservices88 said:
> > I am having this problem now:
> >
> > # dnssec-signzone -N INCREMENT mydomain.org
> > Verifying the zone using the following algorithms: RSASHA1.
> > Missing RSASHA1 signature for . NSEC
>
> Missing trust anchor?
>
>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[126527] in North American Network Operators' Group

Re: Root Zone DNSSEC Deployment Technical Status Update

daemon@ATHENA.MIT.EDU (itservices88)Thu May 20 12:19:01 2010

daemon@ATHENA.MIT.EDU (itservices88)
Thu May 20 12:19:01 2010