I suspect the problem is that the request does not have RD=1 and you are
talking to
recursive servers. The following should work except where the authoritative
server
does not implement DNS properly and rejects recursive queries rather than just
treating
the request as not recursive.
diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index eab42bf8c0e..5b62fa8dc95 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -20704,6 +20704,7 @@ checkds_createmessage(dns_zone_t *zone, dns_message_t
**messagep) {
message->opcode = dns_opcode_query;
message->rdclass = zone->rdclass;
+ message->flags |= DNS_MESSAGEFLAG_RD;
dns_message_gettempname(message, &tempname);
> On 8 Jan 2023, at 07:11, Anders Löwinger <and...@abundo.se> wrote:
>
> Hi
>
> I have some trouble with the parental-agents. Anyone seen this before/can
> give me a clue to get this working?
>
> Tried with my two recursive resolvers first, then localhost. No difference.
>
> From the log
>
> named[3420650]: zone lowinger.se/IN (signed): checkds: empty DS response from
> 2a00:f680:100:1501::32#53
> named[3420650]: zone lowinger.se/IN (signed): checkds: empty DS response from
> 2a00:f680:10:1501::33#53
> named[3428351]: zone lowinger.se/IN (signed): checkds: empty DS response from
> 127.0.0.1#53
>
> zone "lowinger.se" {
>
> type primary;
> file "lowinger.se";
> dnssec-policy lowinger-policy;
> inline-signing yes;
> // parental-agents {
> // 2a00:f680:100:1501::32;
> // 2a00:f680:100:1501::33;
> // };
>
> parental-agents { 127.0.0.1; };
> };
>
> BIND 9.18.10-1+ubuntu22.04.1+isc+1-Ubuntu (Stable Release) <id:>
>
>
> dig has no problem resolving the DS record.
>
> # dig @127.0.0.1 lowinger.se ds +short
> 59647 14 2 825E888C2FAA4F70241467A257C02C66AD5DAFDB818253B7FEB52DA4 BEB071CA
>
> # dig @2a00:f680:100:1501::32 lowinger.se ds +short
> 59647 14 2 825E888C2FAA4F70241467A257C02C66AD5DAFDB818253B7FEB52DA4 BEB071CA
>
> # dig @2a00:f680:100:1501::33 lowinger.se ds +short
> 59647 14 2 825E888C2FAA4F70241467A257C02C66AD5DAFDB818253B7FEB52DA4 BEB071CA
>
>
>
>
> --
> Regards / Med vänlig hälsning
> Anders Löwinger, CEO, Abundo AB, +46 72 206 0322
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
> this list
>
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
