Hi!
We use Bind with inline-signing as "bump-in-the-wire". We started with
Bind 9.9, used 9.10 (several versions) and recently we switched to
9.11.0-P2.
All of them showed the same 2 problems:
1. Bind is in a signing loop and consumes memory until killed by Linux'
OOM-killer
2. Bind produce
Seems like your requirements call for the classic, old-school "internal root"
setup. Define your own root zone that *only* has delegations for example.com
and whatever parts of the in-addr.arpa namespace you want to resolve. That way,
everything outside the example.com namespace and the in-addr.
2 matches
Mail list logo
