Dns dnssec help plz.
After going though some howtos that I found online I am still no closer to figureing this out. I created my zone keys, sigend my zone, copyed the key from the keyset file to the trusted-key section on the server. When I run dig +dnssec server.omega comeback with this
; <<>> DiG 9.4.1-P1 <<>> +dnssec server.omega
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61894
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;server.omega. IN A
;; ANSWER SECTION:
server.omega. 86400 IN A 192.168.4.1
server.omega. 86400 IN RRSIG A 5 2 86400 20071013155854 20070913155854 22143 omega. 51G7sxk2r93SQjdEOu/33oM36ON3cJKNycCBy51ylSNUJBlf7DWz4Hp
Z GJZFW0ZGGPLbOLcL8cNzumNbgwxmdA==
;; AUTHORITY SECTION:
omega. 86400 IN NS server.omega.
omega. 86400 IN NS server1.omega.
omega. 86400 IN RRSIG NS 5 1 86400 20071013155854 20070913155854 22143 omega. gAV4BrefL9G7deW0IegiWewJHzoaVqdguI9qh0pb9nVtI3G8iMkWBO
27 9AvaPHHJ5c+Cqn5HI4gNo5asL2JX7A==
;; ADDITIONAL SECTION:
server1.omega. 86400 IN A 192.168.4.2
server1.omega. 86400 IN RRSIG A 5 2 86400 20071013155854 20070913155854 22143 omega. eDrqTg3W8MgjlqNcb9w1ffEbEppq6pkvlc+sld9aCefiB07oCvmLHsc
u UsrUOISLQH9wpvchIIX1KogbqdJZyQ==
;; Query time: 0 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Thu Sep 13 12:15:41 2007
;; MSG SIZE rcvd: 412
I think from that I am sending sigend zones but, from everything I read the aa tag needs to be ad. Any one have any ideas, or maybe a howto that is easy to follow? I am using bind 9.4.1-p1.
JP
Last edited by joshp; 09-13-2007 at 12:41 PM.
|