[Pdns-users] Delegating a subdomain with DNSsec fails if child and parent zone are on same server
Jan-Piet Mens
jpmens.dns at gmail.com
Tue Apr 26 16:40:08 UTC 2011
> If both parent domain and child domain are hosted within the same instance of
> PowerDNS (with mysql backend), I fail because PowerDNS refuses to serve me the
> DS of the subzone.
[...]
> dig +multiline +dnssec ds sales.securename.nl @dnssec-auth-bis.mer-nm.internl.net -> Fails, only NSEC3 output
I can reproduce this with r2177: PowerDNS does not serve the DS record.
$ dig +norec @127.0.0.1 sales.p02.bb ds
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50473
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;sales.p02.bb. IN DS
;; AUTHORITY SECTION:
sales.p02.bb. 60 IN SOA localhost. me.localhost. 2156 7200 3600 86400 3600
with
SELECT * FROM records WHERE domain_id = 16 AND type = 'DS';
*************************** 1. row ***************************
id: 316609
domain_id: 16
name: sales.p02.bb
type: DS
content: 1894 8 1 245aa49deaf8748c9e82ded70b068a4168a1e6a5
ttl: 60
prio: 0
change_date: NULL
ordername: aaoh699ush9m2j205jb5kbb9nfgod1k5
auth: 0
*************************** 2. row ***************************
id: 316610
domain_id: 16
name: sales.p02.bb
type: DS
content: 1894 8 2 1da6d49bf6dd66c0cd81ba228bc661c20e46ed6e27b328d4cc34ed9d4581fa5c
ttl: 60
prio: 0
change_date: NULL
ordername: aaoh699ush9m2j205jb5kbb9nfgod1k5
auth: 0
2 rows in set (0.00 sec)
Regards,
-JP
More information about the Pdns-users
mailing list