RE: FW: Bind9.11: dnssec inline signing, cds records and catalog zones

Hi Daniel Thanks for your answer. It's your "fault" that I'm doing dnssec stuff and posting here, I saw your speech at SwiNOG 😊 >If your keys have appropriate timing metadata, then the CDS/CDNSKEY >records are published for your zones automatically: > >See man dnssec-keygen >... >Timing option

Re: FW: Bind9.11: dnssec inline signing, cds records and catalog zones

Hello Philippe, > Is there a direct way to set the NSEC3PARAM? No idea. > Switch, the registry for .ch and .li domains is using/testing CDS > records. Can I tell named, to create the CDS Records for me? If your keys have appropriate timing metadata, then the CDS/CDNSKEY records are published fo

RE: Bind9.11: dnssec inline signing, cds records and catalog zones

regarding my OT question for dnssec-keymgmr: I found it 😊 I had to enable the python option (Build with python utilities) when building the port /BR Philippe From: bind-users On Behalf Of Philippe Maechler Sent: Friday, December 21, 2018 2:33 PM To: bind-users@lists.isc.org Sub

FW: Bind9.11: dnssec inline signing, cds records and catalog zones

Hello bind-users The previous mail was sent from a foreign address and need the approval of a moderator. Therefor I cancelled the submission and resending this mail with the correct address. Since a few years I'd like to activate dnssec for our zones but didn't made the changes, because

Re: Cached negative responses

On Dec 20 2018, Marc Richter wrote: When checking the BIND XML statistics I see the following in the "Cache DB RRsets" section, which I think could be the reason for the high memory usage: ! 18446744073709551559 !A6 18446744073709551607 Is this an overflow on the counter for these ne