Hello I'm a student in my last year of the Master in Cybersecurity at ULB. As part of my thesis, I'm doing research to develop a DNS Amplification scenario that will eventually be deployed within a Cyber Range. I have to carry out various measurements and develop different attacks in a virtual environment. I've already been able to set up my entire environment in VirtualBox for DNS (i.e. without DNSSEC). Now I need to deploy DNSSEC on my server. I've managed to generate my key pairs and sign my DNS zones. However, when I try to do a dig from my client VM, I get a SERVFAIL. I think this is because the chain of trust can't be established, which in my case is perfectly normal as I'm in an isolated test environment. So how can I deploy DNSSEC correctly so that the chain of trust is not taken into account and it works in my virtual environment? I think I know how DNSSEC works, but if you also have any clarification to offer, I'd be delighted to hear from you. My BIND server runs on an Ubuntu22.04 Jammy Jellyfish VM.
Thanks in advance for your help.
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
