[Opendnssec-user] Zones in different views with the same name

Jan Hugo Prins jhp at jhprins.org
Thu Oct 3 20:57:37 UTC 2013

On 10/03/2013 10:25 AM, Havard Eidnes wrote:
>> For some zones I have multiple views with different content.
>> How can I configure this in OpenDNSSec in combination with SoftHSM?
> My opinion: I think you are stretching the DNS model too far by
> trying to do this.
What do you mean by this? Creating views in DNS ?

> But ... if you really want the associated pain, I suspect you
> will have to operate with two different OpenDNSSEC instances, one
> signing the public version, one signing the "other (internal?)
> view".
> You do of course need to ensure that any validating resolvers are
> not exposed to a mixed world view, picking up data from both of
> the two distinct views.
This is a problem that is outside of the scope of DNSSEC.
When you are playing with views you always have to make
sure that you don't mix things up.

Jan Hugo

More information about the Opendnssec-user mailing list