Date: 19 Apr 2010 12:18:06 -0400 From: "John R. Levine" <johnl@iecc.com> To: "krad" <kraduk@googlemail.com> Cc: freebsd-questions@freebsd.org Subject: Re: DJB and root ns server dnssec signing Message-ID: <alpine.BSF.2.00.1004191215140.48413@joyce.lan> In-Reply-To: <i2pd36406631004190852q7e1204d1z8b10ab7cd5bb7274@mail.gmail.com> References: <n2rd36406631004190412k9fea6e71i2b61d411fd7948@mail.gmail.com> <20100419145615.48204.qmail@joyce.lan> <m2yd36406631004190759g4f1da008gc13d0c250ffde539@mail.gmail.com> <alpine.BSF.2.00.1004191105450.48244@joyce.lan> <i2pd36406631004190852q7e1204d1z8b10ab7cd5bb7274@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> ok this is the bit that worries me That looks perfectly normal, since .museum is a TLD and doesn't have an A record. Try about.museum, which has these records in the TLD's zone file: about.museum. 86400 IN NS nic.frd.se. about.museum. 86400 IN NS nic.museum. about.museum. 3600 IN NSEC academy.museum. NS RRSIG NSEC about.museum. 3600 IN RRSIG NSEC 5 2 3600 20100514183858 20100414183858 1290 museum. nuT/EvDH+akM3yzOLX3eNwMLsUpwOCoNWBl9HSqFZm1JqiGWOEw0/Bdl JgZkFOE648z8/scupZw6iRrh4tFLUQci8o4o09MvN88TI+rDpDLOFYy1 DbqKYp2OSaKEUju9MBhDPdAEmZKFLw1nckg2ZQ4s3BeWoOEvgxcS2lqy U+Y= > > Bind server on public ip (not firewalled) > > # /usr/local/bind-9.7.0-P1/bin/dig @127.0.0.1 museum > > ; <<>> DiG 9.7.0-P1 <<>> @127.0.0.1 museum > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33867 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;museum. IN A > > ;; AUTHORITY SECTION: > museum. 3485 IN SOA nic.museum. hostmaster.nic.museum. > 2010041637 28800 7200 1209600 3600 > > ;; Query time: 3 msec > ;; SERVER: 127.0.0.1#53(127.0.0.1) > ;; WHEN: Mon Apr 19 16:51:17 2010 > ;; MSG SIZE rcvd: 75 > > > querying the djb public server > > > # /usr/local/bind-9.7.0-P1/bin/dig @djbcache museum > > ; <<>> DiG 9.7.0-P1 <<>> @mk-cache-7.ns.uk.tiscali.com museum > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10827 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;museum. IN A > > ;; Query time: 1 msec > ;; SERVER: 212.139.132.43#53(212.139.132.43) > ;; WHEN: Mon Apr 19 16:52:01 2010 > ;; MSG SIZE rcvd: 24 > Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1004191215140.48413>