Open main menu

CDOT Wiki β

Changes

OPS535-online-L8

1,190 bytes added, 14:58, 30 March 2021
Investigation 2: Configuring DNSSec on a Recursive Server
<li>Run the following command from one of your other VMs (making sure to use the ip address of your own DNS server):
<source>
[rchan@pri-dns vm2 labs]$ dig +tcp +dnssec @192.168.49.3 www.53 isc.org
; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8_3.1 <<>> +tcp +dnssec @192.168.49.3 www.53 isc.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3601052005;; flags: qr rd raad; QUERY: 1, ANSWER: 32, AUTHORITY: 45, ADDITIONAL: 513
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
; COOKIE: b1f53c789d90ba0859c27899606380f06b6af5f84015fff0 8bfb94819923d7d0e71b5f5b6063828c7a5aa6d3baaf88b4 (good)
;; QUESTION SECTION:
;www.isc.org. IN A
;; ANSWER SECTION:
www.isc.org. 60 IN CNAME dualstackA 149.osff220.map.fastly.net1.66www.isc.org. 60 IN RRSIG CNAME A 13 3 2 60 20210411023511 20210312021301 20210414183037 20210315174752 27566 isc.org. aFeIoEG41LGZbImJRBoefQpEWLab52AZ5YwvzWDrRhdQlTVVxyVOiRcT fnaq1mZluXtGjMhSwnXA/Bbtg1varpQwaxENwkfw6IP3mlRBFNz9TDt/ldecEixafcdUiPMay+4mUQ8D8vUF0 gm1MauongXELJ/Z7F2zv/2nqBmxeEg==dualstack.osff2.map.fastly.net. 30 IN A 151.101.126.217
;; AUTHORITY SECTION:
fastlyisc.netorg. 172800 7131 IN NS ns3ns.isc.fastlyafilias-nst.netinfo.fastlyisc.netorg. 172800 7131 IN NS ns4ns1.fastlyisc.netorg.fastlyisc.netorg. 172800 7131 IN NS ns1ns2.fastlyisc.netorg.fastlyisc.netorg. 172800 7131 IN NS ns2ns3.isc.org.isc.org.fastly 7131 IN RRSIG NS 13 2 7200 20210418013614 20210319004124 27566 isc.netorg.ReJ5eOi0Rr+UGwmh6rZ4+nLApVAxVWOzx4FFlSDkRIMc+bKoMJb7SnGd tE+ccLm6gqwalSLxyuBhTR4IW3+g+w==
;; ADDITIONAL SECTION:
ns1.fastlyisc.netorg. 172800 7131 IN A 23149.23520.321.3273ns2.fastlyisc.netorg. 172800 7131 IN A 104199.1566.801.3252ns3.fastlyisc.netorg. 172800 7131 IN A 2351.23575.3679.32143ns4ns1.fastlyisc.netorg. 172800 7131 IN AAAA 2001:4f8:1:f::73ns2.isc.org. 7131 IN AAAA 2001:500:60:d::52ns3.isc.org. 7131 IN AAAA 2001:41d0:701:1100::2c92ns1.isc.org. 7131 IN RRSIG A 10413 3 7200 20210417095734 20210318094252 27566 isc.org. YCa/4JN/UBy0sE1ZwfdGxRfN5zpwchZUVjND7olME8SjPgjkHi8o/ipu kqsJX46yVxm01RYppC2oSl/kMwyONw==ns1.isc.org. 7131 IN RRSIG AAAA 13 3 7200 20210420021727 20210321015317 27566 isc.org. fHPego6Su9b6sZnyw4i+7nviQDLkxjPNCL7ZKOKqGDtRcjlweTLqYBcv API02wN+HtU9ztyQf/m4ZOSbnlxl7w==ns2.156isc.org. 7131 IN RRSIG A 13 3 7200 20210418124611 20210319123514 27566 isc.org. L4Lhc6OGZs7rZUFSwYEerC/Jy2OEWx4sCv5ukBKcv13TdrM37oBj5p4/ sayRB7Y/luRnOCjnSfOIadpTy2mBBg==ns2.isc.org. 7131 IN RRSIG AAAA 13 3 7200 20210420021727 20210321015317 27566 isc.org. 3x6UYIlixFiQW6Yfqo3EedvTHW1H4/5leZwGLBHHc4OamE8k4aE35vd2 pCNi1/cugzbFGhUGDHroBzoRbND9zg==ns3.isc.org. 7131 IN RRSIG A 13 3 7200 20210420025339 20210321020638 27566 isc.org. Tj7v8c4CkATUMYYg7FUlwyAMQUKLLbWFD+XcrteO4ySF5mO9kDoYNceP CiR3W2EPAZnYWLe91+Uy1mzjmZjqGQ==ns3.isc.org. 7131 IN RRSIG AAAA 13 3 7200 20210413142738 20210314141409 27566 isc.84org.32mTNp2I5wcUm1WPPmSsL01Yh5eMSJzgO/1Sd1nvrX+uOgsbMuyozpROYR jYWaYKg9yJCdMV8gGTgkedwE0EoF0A==
;; Query time: 1259 91 msec;; SERVER: 192.168.49.353#53(192.168.49.353);; WHEN: Tue Mar 30 15:5057:08 00 EDT 2021;; MSG SIZE rcvd: 3671127
</source>
1,760
edits