[Pdns-users] DNSSEC, pdns-recursor and libunbound
michael at stroeder.com
Fri Apr 24 15:04:37 UTC 2015
We're currently testing DNSSEC validation with libunbound 1.5.3 with all
retrieved through a pdns-recursor (also tested 3.7.2).
It seems that
1. libunbound does not explicitly retrieve the RRSIG RRs and
2. pdns-recursor does not return them when not explicitly request (qtype
(Explicitly requesting RRSIG works.)
=> validation in libunbound fails
Did anybody else try such a setup before? Did it work?
Most people doing DNSSEC validation simply use bind9 or unbound for
and as validating resolver but for now that's likely not an option in
Any hint is appreciated. Thanks in advance.
More information about the Pdns-users