Hello,
I need to internaly forward domain to different nameserver:
zone "xxxxx.local" {
type forward;
forward only;
forwarders {
100.1.2.3;
};
};
when I do this with bind 9.11 (debian 10), I get these messages:
Dec 13 14:26:55 mail named[13112]: validating xxxxx.local/A: got insecure
response; parent indicates it should be secure
Dec 13 14:26:55 mail named[13112]: insecurity proof failed resolving
'xxxxx.local/ANY/IN': 100.1.2.3#53
Dec 13 14:26:55 mail named[13112]: validating xxxxx.local/NS: got insecure
response; parent indicates it should be secure
Dec 13 14:26:55 mail named[13112]: validating xxxxx.local/SOA: got insecure
response; parent indicates it should be secure
looks like I could avoig this by disabling dnssec but is there any way to
disable this checking only for domain "local" or "xxxxx.local"?
I have tried to create empty "local" domain but then I only received empty
responses for any requests.
(I know .local is for mdns, but I can't do anything with that).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Saving Private Ryan...
Private Ryan exists. Overwrite? (Y/N)
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
