[Pdns-users] PoerDNSSEC Slave
bert hubert
bert.hubert at netherlabs.nl
Wed Jan 12 18:55:10 UTC 2011
On Wed, Jan 12, 2011 at 04:52:20PM +0100, Matthias Cramer wrote:
> I was curious if it is able to use PowerDNSSEC as secundary DNS for a
> signed zone. I have not seen a hint in the documentation so far.
It is not right now.
> The Zones will be signed on the master, and transfered via axfr to the
> slaves.
>
> Is this possible ?
Right now, PowerDNS does all the DNSSEC stuff itself, so it will happily
slave a signed zone, but ignore all the DNSKEY, RRSIG and NSEC/NSEC3
records.
If you then tell PowerDNS about the private key, it will all work of course.
Serving pre-signed zones is something we are still thinking about,
especially on how to do it, and how much work it will be.
Bert
More information about the Pdns-users
mailing list