[dns-operations] dnssec via dynamic updates

bert hubert bert.hubert at powerdns.com
Fri Mar 18 16:19:43 UTC 2016

On Fri, Mar 18, 2016 at 03:51:44PM +0300, Peter Andreev wrote:
> BIND doesn't allow adding of NSEC* and DNSKEYs without supplying a private key;
> Knot doesn't allow any dnssec-related records in update query;
> Yadifa's documentation looks like it was abandoned long ago.

Have you looked at PowerDNS? For a pre-signed zone, we may just pass on your
records via dynamic updates.  Or you could use our HTTP API which would
definitely not care about your record type for pre-signed zones.

https://doc.powerdns.com/md/authoritative/dnsupdate/ and

Or would the hypothetical "push-AXFR" work for you?


More information about the dns-operations mailing list