On 06/02/2018 16:00, Matus UHLAR - fantomas wrote: > Hello, > > our customer uses a domain that is registered, but hidden > (doesn't exist in DNS). > > The domain is used by multiple organizations and we are required to forward > lookups for the domain to foreign internal servers. > > The problem is, that parent domain (.eu) indicates that the domain is to be > signed and since default bind installation validates DNSSEC, lookups are > refused:
The statements above are mutually contradictory. If the domain is in use by multiple organisations, which of them put the DS record in the .eu zone? If it doesn't exist in the DNS then there can be no DS record. Or is it the case that perhaps that the parent .eu zone is actually denying the existence of that zone? Ray _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users