Is it possible to disable DNSSEC for specific forward zones ?

Solution Unverified - Updated -

Issue

  • Recently we tried to enable DNSSEC validation within our DNS infrastructure. Unfortunately there is no possibility to enable DNSSEC based on DNS zones. The only way to enable DNSSEC is on a global level.
  • Within our DNS infrastructure we have to use forward zone statements. Those zones are internal zones not available within the public Internet. The master zone is located on customer site and is not DNSSEC enabled. So we have to disable DNSSEC for those DNS zones. Otherwise bind tries to validate those zones and fails.

Environment

  • Red Hat Enterprise Linux (RHEL)
  • Bind (version < 10)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.