[Pdns-dev] PowerDNSSEC Progress: packages & production use
bert.hubert at netherlabs.nl
Tue Jan 11 23:23:04 CET 2011
On Tue, Jan 11, 2011 at 11:07:01PM +0100, Christof Meerwald wrote:
> @ IN SOA ns.cmeerw.net. domain.cmeerw.net. (
> 2010080601 ; Serial Number: YYYYYMMDDxx
> 1h ; Refresh time
> 900 ; Retry Time
> 21d ; Expire Time
> 1h ; Minimum TTL
> IN NS ns.cmeerw.net.
> IN NS ns2.cmeerw.net.
This is actually a fascinating zone! It has only 1 name, which confuses the
NSEC3 logic. I'm studying how to deal with this, probably by returning an
NSEC3 with the same beginning and end, but it sure looks weird.
To solve, add another record or move to NSEC3 narrow.
Meanwhile, looking into this.
More information about the Pdns-dev