DJB and root ns server dnssec signing

John R. Levine johnl at iecc.com
Mon Apr 19 16:18:09 UTC 2010 

> ok this is the bit that worries me

That looks perfectly normal, since .museum is a TLD and doesn't have an A 
record.  Try about.museum, which has these records in the TLD's zone file:

about.museum.        86400      IN      NS      nic.frd.se.
about.museum.        86400      IN      NS      nic.museum.
about.museum.        3600       IN      NSEC    academy.museum. NS RRSIG NSEC
about.museum.        3600       IN      RRSIG   NSEC 5 2 3600 
20100514183858 20100414183858 1290 museum. 
nuT/EvDH+akM3yzOLX3eNwMLsUpwOCoNWBl9HSqFZm1JqiGWOEw0/Bdl 
JgZkFOE648z8/scupZw6iRrh4tFLUQci8o4o09MvN88TI+rDpDLOFYy1 
DbqKYp2OSaKEUju9MBhDPdAEmZKFLw1nckg2ZQ4s3BeWoOEvgxcS2lqy U+Y=


>
> Bind server on public ip (not firewalled)
>
> #  /usr/local/bind-9.7.0-P1/bin/dig @127.0.0.1  museum
>
> ; <<>> DiG 9.7.0-P1 <<>> @127.0.0.1 museum
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33867
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;museum.                IN    A
>
> ;; AUTHORITY SECTION:
> museum.            3485    IN    SOA    nic.museum. hostmaster.nic.museum.
> 2010041637 28800 7200 1209600 3600
>
> ;; Query time: 3 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Mon Apr 19 16:51:17 2010
> ;; MSG SIZE  rcvd: 75
>
>
> querying the djb public server
>
>
> #  /usr/local/bind-9.7.0-P1/bin/dig @djbcache  museum
>
> ; <<>> DiG 9.7.0-P1 <<>> @mk-cache-7.ns.uk.tiscali.com museum
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10827
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;museum.                IN    A
>
> ;; Query time: 1 msec
> ;; SERVER: 212.139.132.43#53(212.139.132.43)
> ;; WHEN: Mon Apr 19 16:52:01 2010
> ;; MSG SIZE  rcvd: 24
>

Regards,
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
"More Wiener schnitzel, please", said Tom, revealingly.

More information about the freebsd-questions mailing list