36 lines
1.5 KiB
Markdown
36 lines
1.5 KiB
Markdown
|
---
|
|||
|
|
title: 'My Take on DNSSEC – Part 3: How to configure it in BIND (cancelled)'
|
|||
|
|
author: eNBeWe
|
|||
|
|
type: post
|
|||
|
|
date: 2017-01-30T14:29:37+00:00
|
|||
|
|
url: /2017/01/30/my-take-on-dnssec-part-3-how-to-configure-it-in-bind-cancelled/
|
|||
|
|
categories:
|
|||
|
|
- Allgemein
|
|||
|
|
- Internes
|
|||
|
|
- Serveradministration
|
|||
|
|
tags:
|
|||
|
|
- bind
|
|||
|
|
- DNS
|
|||
|
|
- DNSSEC
|
|||
|
|
- Knot DNS
|
|||
|
|
- yadifa
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
Just as a quick note here:
|
|||
|
|
|
|||
|
|
I originally planned to do my third part on DNSSEC with configuration hints using the popular DNS server [BIND][1]. At the moment I also use BIND for my setup.
|
|||
|
|
|
|||
|
|
Now I discovered the "Advanced Secuity Notifications" at ISC, which sells prior warnings about security issues in BIND. Personally, I don't want to support this model.
|
|||
|
|
|
|||
|
|
Instead I am currently migrating to another DNS server implemenation, [YADIFA][2], which I will then write about. But first I need to check my setup using this server.
|
|||
|
|
|
|||
|
|
<!--more-->
|
|||
|
|
|
|||
|
|
**Update:** Maybe I will switch to [Knot DNS][3] instead of YADIFA. They seem to be both fairly equal in features. To the outside spectator YADIFA seems to be a dead project, even though they published a release in mid-december. The development is done by EUnic, the guys behind maintaining the .eu-domain. They seem to have some internal development/issue tracking/etc. and they only send the releases to GitHub.
|
|||
|
|
|
|||
|
|
In contrast, Knot DNS, being maintained by cz.nic, is more open in their development.
|
|||
|
|
|
|||
|
|
[1]: https://www.isc.org/downloads/bind/
|
|||
|
|
[2]: http://www.yadifa.eu/
|
|||
|
|
[3]: https://www.knot-dns.cz
|