diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 18:37:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 18:37:14 +0000 |
commit | ea648e70a989cca190cd7403fe892fd2dcc290b4 (patch) | |
tree | e2b6b1c647da68b0d4d66082835e256eb30970e8 /bin/tests/system/mkeys/README | |
parent | Initial commit. (diff) | |
download | bind9-upstream.tar.xz bind9-upstream.zip |
Adding upstream version 1:9.11.5.P4+dfsg.upstream/1%9.11.5.P4+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/mkeys/README')
-rw-r--r-- | bin/tests/system/mkeys/README | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/bin/tests/system/mkeys/README b/bin/tests/system/mkeys/README new file mode 100644 index 0000000..700e6c2 --- /dev/null +++ b/bin/tests/system/mkeys/README @@ -0,0 +1,18 @@ +Copyright (C) Internet Systems Consortium, Inc. ("ISC") + +See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. + +This is for testing managed-keys, in particular with problems +with RFC 5011 Automated Updates of DNSSEC Trust Anchors. + +ns1 is the root server that offers new KSKs and hosts one record for +testing. The TTL for the zone's records is 2 seconds. + +ns2 is a validator that uses managed-keys. "-T mkeytimers=2/20/40" +is used so it will attempt do automated updates frequently. "-T tat=1" +is used so it will send TAT queries once per second. + +ns3 is a validator with a broken key in managed-keys. + +ns5 is a validator which is prevented from getting a response from the +root server, causing key refresh queries to fail. |