008e84e965
Implement support for NSEC3 in dnssec-policy. Store the configuration
in kasp objects. When configuring a zone, call 'dns_zone_setnsec3param'
to queue an nsec3param event. This will ensure that any previous
chains will be removed and a chain according to the dnssec-policy is
created.
Add tests for dnssec-policy zones that uses the new 'nsec3param'
option, as well as changing to new values, changing to NSEC, and
changing from NSEC.
(cherry picked from commit 114af58ee2)
26 lines
633 B
Plaintext
26 lines
633 B
Plaintext
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
;
|
|
; This Source Code Form is subject to the terms of the Mozilla Public
|
|
; License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
;
|
|
; See the COPYRIGHT file distributed with this work for additional
|
|
; information regarding copyright ownership.
|
|
|
|
$TTL 300
|
|
@ IN SOA mname1. . (
|
|
1 ; serial
|
|
20 ; refresh (20 seconds)
|
|
20 ; retry (20 seconds)
|
|
1814400 ; expire (3 weeks)
|
|
3600 ; minimum (1 hour)
|
|
)
|
|
|
|
NS ns3
|
|
ns3 A 10.53.0.3
|
|
|
|
a A 10.0.0.1
|
|
b A 10.0.0.2
|
|
c A 10.0.0.3
|
|
|