[Pdns-users] Questions on powerdnssec

Chris Russell Chris.Russell at knowledgeit.co.uk
Mon May 9 13:24:05 UTC 2011 

Hi All,

 Few questions on using PowerDNSsec - using the latest RPM build (20110509.2190-1) in our IPv6 labs. Fundamentally - PDNS auth, Bind Recursor and Win7 client behind router, all dual stacked.


 Firstly,  when using an external server as a recursor; can this be an IPv6 host ?   I have the auth server forwarding  to bind for any recursive queries, this works when I specify the bind IPv4 address, but not the IPv6 address. Both queries work fine if querying bind from the pdns server directly using dig on ipv4 or ipv6.


 Secondly, when using powerdns secure-zone and the gmysql backend, I`m guessing rectify-zone must be ran whenever any records are created to resign the zone.  This being the case, does this lead to having a hidden master (ie: non publicly accessable) host or db in order to be slightly more secure [making the running of the signing process hidden] ?

 Finally, Is there any documentation of the validity length of the keys, or do these rollover automatically ?


 Bert as you thought, this build this resolves the issue I had with mysql going away and the server taking a while to reconnect. Its serving records from the cache just fine.


Thanks

Chris


Knowledge I.T.
'Unifying Business Technology'
www.knowledgeit.co.uk

Knowledge Limited, Company Registration: 1554385
Registered Office: New Century House, Crowther Road, Washington, Tyne & Wear. NE38 0AQ
Leeds Office: Viscount Court, Leeds Road, Rothwell, Leeds. LS26 0GR

Tel: 0845 142 0020. Fax: 0845 142 0021

E-Mail Disclaimer: This e-mail message is intended to be received only by persons entitled to receive the confidential information it may contain. E-mail messages to clients of Knowledge IT may contain information that is confidential and legally privileged. Please do not read, copy, forward, or store this message unless you are an intended recipient of it. If you have received this message in error, please forward it to the sender and delete it completely from your computer system.

Please consider the environment before printing this email.

More information about the Pdns-users mailing list