Ignore my previous e-mail. My problem is not related. It appears to be an issue with setup not reading/writing /var/ipfire/dns/settings.something. I'm trying to track it down.
Rod
On 10/21/2014 08:11 AM, Michael Tremer wrote:
Hello fellow dnsmasq users,
there is a topic on the IPFire support forums I would like to point you to:
http://forum.ipfire.org/index.php?topic=11726.0
It appears that dnsmasq cannot verify resource records of a DNSSEC-enabled domain. That domain uses RSA/SHA1-NSEC3-SHA1 for its signatures. Although there is some code in dnsmasq that is supposed to handle this, it does not verify the records correctly.
Did anyone else experience this problem? Is it a bug with dnsmasq or the authoritative name servers of that domain?
Best, -Michael
Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development