[Opendnssec-user] Zones in different views with the same name
Jan Hugo Prins
jhp at jhprins.org
Thu Oct 3 20:57:37 UTC 2013
On 10/03/2013 10:25 AM, Havard Eidnes wrote:
>> For some zones I have multiple views with different content.
>>
>> How can I configure this in OpenDNSSec in combination with SoftHSM?
> My opinion: I think you are stretching the DNS model too far by
> trying to do this.
What do you mean by this? Creating views in DNS ?
> But ... if you really want the associated pain, I suspect you
> will have to operate with two different OpenDNSSEC instances, one
> signing the public version, one signing the "other (internal?)
> view".
>
> You do of course need to ensure that any validating resolvers are
> not exposed to a mixed world view, picking up data from both of
> the two distinct views.
This is a problem that is outside of the scope of DNSSEC.
When you are playing with views you always have to make
sure that you don't mix things up.
Jan Hugo
More information about the Opendnssec-user
mailing list