DNSSEC & WIldcards

• Previous message (by thread): DNSSEC & WIldcards
• Next message (by thread): DNSSEC & WIldcards
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It appears that Niels Bakker <niels=nanog at bakker.net> said:
>* nanog at nanog.org (Dennis Burgess via NANOG) [Fri 15 Mar 2024, 16:26 CET]:
>>So have *.app.linktechs.net that I have been trying to get to work, 
>>we have DNSSEC on this, and its failing, but cannot for the life of 
>>me understand why.  I think it may have something to do with proving 
>>it exists as a wildcard, but any DNSSEC experts want to take a stab 
>>at it ?
>
>There are better mailing lists to ask this question (like 
>dns-operations at dns-oarc.net) but have you checked 
>https://dnsviz.net/d/www.app.linktechs.net/dnssec/ ?

I agree there are better places to ask, but here's a quick
diagnosis: your nameserver is returning the wrong answer.

What kind of server is it? Any modern nameserver should automatically
return the correct DNSSEC stuff for wildcard responses.

R's,
John

• Previous message (by thread): DNSSEC & WIldcards
• Next message (by thread): DNSSEC & WIldcards
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]