>From what you posted, it appears when you query the recursive server NS1
(192.168.14.10), it returns no error, it gives back NXDOMAIN with the AD
flag. That would indicate DNSSEC worked. That does not match the log
messages you posted, that would indicate there's a DNSSEC validation error,
and you
Hi Josh,
Thanks for your answer, it made me go trough all the config again, just to
make sure that it wasnt pointing to the authoritative server anywhere but
in the configuration of the recursive server
I saw that "“recursion requested but not available" when i send the query
against the authorit
Your problem comes from the fact that BIND 9.14 has DNSSEC validation enabled
by default (unless disabled at configure time or in named.conf) and the answers
from the grafted on namespace (.home) fail DNSSEC validation as there is not a
insecure delegation for .home to break the DNSSEC chain of
3 matches
Mail list logo
