Public Nameservers with DNSSEC support

An authoritative list of public name servers supporting DNSSEC.

more ...

Bind9 Keys

Keys Used in DNSSEC

more ...

DNSSEC Testing

DNSSEC Testing

Domain DNSSEC

End-User DNSSEC

more ...

nsupdate Troubleshooting

nsupdate

Protocol/Port

Network port/protocol used: 53/udp or 53/tcp (using -v option)

Note: rndc uses:

953/udp with any key-file (defaults to rndc-key, or
named-generated file-based key in /var/lib/bind/session.key.

nsupdate commands

server

Using `server server-ip` will perform the following with unexpected result (if …

more ...

DNSSEC Keys, ZSK vs KSK

The table below summarizes the usage and frequency of use for each of the keys.:

ZSK vs. KSK Comparison

Key	Usage	Frequency of Use
ZSK	Private	Used by authoritative server to create RRSIG for zone data Used somewhat frequently depending on the zone, whenever authoritative zone data changes or re-signing …

more ...

DNSSEC HOWTO

DNSSEC Two Steps

Signing your domain with DNSSEC involves two components:

The registrar of your domain name needs to be able to accept what are called “Delegation Signor (DS)” records and be able to send those up to the Top-Level-Domain (TLD) for your domain (ex. .com, .org, .net).
The DNS …

more ...

Pages