NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: DNSSEC vs netbsd-8/sparc?

On Fri, 17 Apr 2020, John D. Baker wrote:

> A netbsd-9/sparc host produces identical output to your example.  When
> next I am able, I will boot the primary name server with netbsd-9 and
> run the test again.

Before doing that, I had occasion to build 8.99.34 (just before sparc
switched to GCC7--for testing something else) and updated a clone of
the netbsd-8 NFS root for the primary name server.

After the requisite 'etcupdate' and 'postinstall', running:

  $ dig +multi -t DNSKEY . > /tmp/tmp-root-keys
  $ dnssec-dsfromkey -f /tmp/tmp-root-keys .

produces the same output as your example and netbsd-9/{sparc,amd64}:

. IN DS 20326 8 1 AE1EA5B974D4C858B740BD03E3CED7EBFCBD1724
. IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D

The "bind.keys" file is the same as on up-to-date netbsd-{7,8,9,current}
aside from RCS IDs.

As such, DNSSEC works properly on NetBSD/sparc-8.99.34.

|/"\ John D. Baker, KN5UKS               NetBSD     Darwin/MacOS X
|\ / jdbaker[snail]consolidated[flyspeck]net  OpenBSD            FreeBSD
| X  No HTML/proprietary data in email.   BSD just sits there and works!
|/ \ GPGkeyID:  D703 4A7E 479F 63F8 D3F4  BD99 9572 8F23 E4AD 1645

Home | Main Index | Thread Index | Old Index