Re: lightweight "slave" DNS server, +DNSSEC?

From: Jorgen Grahn <grahn+nntp@xxxxxxxxxxxxxx>
Date: 11 Sep 2011 08:52:07 GMT

On Sat, 2011-09-10, Ivan Shmakov wrote:

I wonder, is there a lightweight DNS server to be used as a
???slave???? The zones to be served are DNSSEC-signed, so it should
check the signature on AXFR/IXFR and only accept the new data if
it's valid. (It isn't much an issue to prepare a list of
trusted keys for it, but DLV support will nevertheless be
handy.)

Will Maradns or PowerDNS fit?

Or is BIND 9.7 really the best possible solution for this task?

Is there any specific reason why you think bind won't do? Or do you
simply think it's overkill because it has lots of features which you
don't need?

/Jorgen

--
// Jorgen Grahn <grahn@ Oo o. . .
\X/ snipabacken.se> O o .
.

Follow-Ups:
- Re: lightweight "slave" DNS server, +DNSSEC?
  - From: Ivan Shmakov

References:
- lightweight "slave" DNS server, +DNSSEC?
  - From: Ivan Shmakov

Prev by Date: NIS client will not work through firewall, help please
Next by Date: Re: lightweight "slave" DNS server, +DNSSEC?
Previous by thread: lightweight "slave" DNS server, +DNSSEC?
Next by thread: Re: lightweight "slave" DNS server, +DNSSEC?
Index(es):
- Date
- Thread

Relevant Pages

Re: lightweight "slave" DNS server, +DNSSEC?
... The zones to be served are DNSSEC-signed, ... signature on AXFR/IXFR and only accept the new data if it's valid. ... resources (virtual memory, for instance), since this NS is going ...
(comp.os.linux.networking)
lightweight "slave" DNS server, +DNSSEC?
... is there a lightweight DNS server to be used as a ... The zones to be served are DNSSEC-signed, ... check the signature on AXFR/IXFR and only accept the new data if ... Or is BIND 9.7 really the best possible solution for this task? ...
(comp.os.linux.networking)
BIND 9.4-ESV-R3 is now available.
... BIND 9.4-ESV-R3 is now available. ... from insecure zones. ... API and glibc hides parts of the IPv6 Advanced Socket ... WARNING: API CHANGE: over memory callback ...
(comp.protocols.dns.bind)
BIND 9.7.2rc1 is now available.
... BIND 9.7.2rc1 is now available. ... The PGP signature of the binary kit for Windows XP and Window 2003 is at ... This fix prevents this problem from happening by ... allow dynamic addition and deletion of zones. ...
(comp.protocols.dns.bind)
BIND 9.7.5rc1 is now available
... BIND 9.7.5rc1 is the first release candidate of BIND 9.7.5. ... Corrects a problem validating root DS responses. ... Improves scalability by allocating one zone task per 100 zones ... Servers that received negative responses from a forwarder were ...
(comp.protocols.dns.bind)