El 26/11/13 11:09, /dev/rob0 escribió:
On Tue, Nov 26, 2013 at 09:38:44AM -0500, Agustín Dixan Díaz Corrales wrote:
solved!
No, not solved ...
dnssec-enable no;
dnssec-validation no;
... That's a workaround, not a solution. If you read up on the
reasons for DNSSEC, you'll understand that you have fixed this
problem by opening yourself up to other ones.
Granted, DNSSEC usage involves a bit of pain these days, but I'm
hanging in there and continuing to validate. The only concession I
made was "dnssec-accept-expired yes;"
copy that, it a tested the last "solution" but the cost is
security...thanks agains..
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
