[nsd-users] DLV
keiji.u0719 at gmail.com
keiji.u0719 at gmail.com
Tue Mar 2 06:13:08 UTC 2010
Thanks Stephane!
I had made a mistake NO.4 NO.5
I was able to confirm "Status=Good" by ISC's DLV Registry.
4.Write hoge.fuga.zone
----------------------------------
...
www.hoge.fuga IN A 127.0.0.1
...
hoge.fuga. IN DNSKEY 256 3 8 AwEAAaFC....aeM=
hoge.fuga. IN DNSKEY 257 3 8 AwEAAczT....i2k=
dlv.hoge.fuga. 0 IN TXT "DLV:1:*******"
----------------------------------
5. ZONE SIGNING.
$ dnssec-signzone -t -o hoge.fuga -l dlv.isc.org hoge.fuga.zone
--
<keiji.ue0719 at gmail.com>
> On Mon, Mar 01, 2010 at 10:34:02PM +0900,
> keiji.u0719 at gmail.com <keiji.u0719 at gmail.com> wrote
> a message of 50 lines which said:
>
> > 6. Write nsd.conf
> > -----------------------------------
> > key:
> > name: mskey
> > algorithm: ???????
> > secret: "???????"
>
> I'm not sure I understand your question. Once the zone file is signed,
> nsd has nothing more to do. (My personal zone is signed, inserted into
> ISC DLV and served with NSD 3.)
>
> The 'key:' block has nothing to do with DNSSEC and it is there just to
> describe TSIG keys (typically used to secure zone transfers).
More information about the nsd-users
mailing list