nanog mailing list archives
Re: DNSSEC & WIldcards
From: Matthew Pounsett <matt () conundrum com>
Date: Fri, 15 Mar 2024 13:35:58 -0400
On Fri, Mar 15, 2024 at 11:26 AM Dennis Burgess via NANOG <nanog () nanog org> wrote:
So have *.app.linktechs.net that I have been trying to get to work, we have DNSSEC on this, and its failing, but cannot for the life of me understand why. I think it may have something to do with proving it exists as a wildcard, but any DNSSEC experts want to take a stab at it ?
As others have mentioned, the DNS-operations list would be a better place to get help: <https://lists.dns-oarc.net/mailman/listinfo/dns-operations> But, right off the top I can see that your name server is returning the NSEC record in the wrong section of the response.
Current thread:
- DNSSEC & WIldcards Dennis Burgess via NANOG (Mar 15)
- Re: DNSSEC & WIldcards Niels Bakker (Mar 15)
- Re: DNSSEC & WIldcards John Levine (Mar 15)
- Re: DNSSEC & WIldcards Bjørn Mork (Mar 15)
- Re: DNSSEC & WIldcards Mark Andrews (Mar 15)
- Re: DNSSEC & WIldcards Matthew Pounsett (Mar 15)
- Re: DNSSEC & WIldcards Bjørn Mork (Mar 15)
- Re: DNSSEC & WIldcards Mark Andrews (Mar 15)
- Re: DNSSEC & WIldcards Bjørn Mork (Mar 15)
- RE: DNSSEC & WIldcards Dennis Burgess via NANOG (Mar 15)
- Re: DNSSEC & WIldcards Bjørn Mork (Mar 15)
- Re: DNSSEC & WIldcards Mark Andrews (Mar 15)
- RE: DNSSEC & WIldcards Dennis Burgess via NANOG (Mar 15)
- Re: DNSSEC & WIldcards Niels Bakker (Mar 15)