Differences

This shows you the differences between two versions of the page.

--- bdnog11:netsec:bind-implementing-dnssec [2020/01/13 15:12]
Muhammad Moinur Rahman [B.Signing the zone]
+++ bdnog11:netsec:bind-implementing-dnssec [2020/01/13 15:14]
Muhammad Moinur Rahman [C.Publishing the zone]
@@ Line 69: / Line 69: @@
  file “db.groupXX.net.signed”;
 };</code>Change the file to point to the signed zone.
-  - Start/Reload named service. Check if for the DNSKEY record using dig on the same server.<code>dig DNSKEY groupXX.net. @localhost +multiline</code>Check for the presence of RRSIG records.<code>dig groupXX.net. @localhost +multiline +dnssec A</code>
+  - Start/Reload named service. Check if for the DNSKEY record using dig on the same server.<code>dig DNSKEY groupXX.net. @localhost +multiline</code>Check for the presence of RRSIG records.<code>dig ns.groupXX.net. @localhost +multiline +dnssec A</code>
   - When we ran the ''dnssec-signzone'' command apart from the ''.signed'' zone file, a file named ''dsset-groupXX.net'' was also created, this contains the DS records. Push the DS record up to your parent domain. Open the file ''dsset-<yourdomain>'' (ex: ''dsset-groupXX.net''). This contains your DS records (see example below).<code>
 groupXX.net. IN DS 4297 5 1 C5A8C518B2208463F87CB30E35F247DD7EACCDB1

Bangladesh Network Operators Group (bdNOG)