 |
|
|
|
|
|
 |
|
||||
 |
 |
 |
|
||
 |
|
||||
|
|
|
|
|
|
|
|
||||
|
|
|
|
||
|
|
||||
DNSSEC - Recursive DNS Server ConfigurationTo enable DNSSEC on your resolver, here it is an example of configuration for BIND9 DNS server. Please note that BIND version 9.3 or newer, compiled with SSL support is requiered for DNSSEC to work properly. You need to insert the following configuration in the named.conf.
options {
...
...
dnssec-enable yes;
};
trusted-keys {
"pr." 256 3 5
"BQEAAAABvS8Q64q8v62DW3y4EtUmsHr0dpU9Mizo63NXFMlEA4UaO88s B5il79Mb
J0dzmRZ7M+j/E5pVSTTazJsK6LMnncBF3bwMWo4/nVVB0d9E 6CsClsJFU+A0a8kWI
Z+aXuqUHO7QZ88qG7cwLbTNwHeo1X+ArvXgXmU6 OaemL3v5+eU=";
"pr." 257 3 5
"AwEAAc6SkFSHw00wJFUWd1Td/efsxhfX+UTrxrzqQXNuZ8Qj2PiP6p/m BxysJt06
XgSCB41CPhkgvgqrtdaJ/hXKG81xNXUcGfqvV9wYMJnN+oBB /lLaQU/39fWaNc4fB
GiRI2dNDVKPry2YX6y04YrEGRM+wf6HWHVdW1Js xuMuDOSr";
};
Ones you have done this, restart your bind server with the following command: /etc/init.d/named restart |
Gauss Research Laboratory, Inc.
© All Rights Reserved 1986 - 2010