[Freeipa-users] DNSSEC & DNS zone "spoofing" (was: Problem adding DNS Zones)
Petr Spacek
pspacek at redhat.com
Mon Nov 19 09:15:02 UTC 2012
Hello,
On 11/16/2012 04:11 PM, Bret Wortman wrote:
> Using FreeIPA on a private network (where it's easier to just alias our own
> servers to these names than to edit config file after config file). Any idea
> what I'm doing wrong here?
>
> # ipa dnszone-add 0.pool.ntp.org <http://0.pool.ntp.org>
> --name-server=dns.project.net <http://dns.project.net>
> --admin-email=root at project.net <mailto:root at project.net>
I should mention another thing:
Resolution of "spoofed" zones could become broken when DNSSEC comes into the
game. NTP pool is not the case now, but please remember that possibility.
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list