Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.



Recursion enabled is required for DNSSEC ?

[ Edited ]
Posts: 1
874     0

Hello, I have a question regarding DNSSEC.

Do we need to enable recursion on the Name Servers used to host a signed zone (DNSSEC)?


I'm asking as the below PDF doc says recursion must be enabled as a Pre-requisite for DNSSEC Validation.


DNSSEC validation
1. EDNS0 must be enabled and supported by your networking equipment.
a. Check the section Troubleshooting for a quick method on how to test if your environment
supports EDNS0.
2. Recursion must be enabled


Also, we have tested DNSSEC in one Lab server with recursion disable and as per output everything is green.


So, I'm not sure why the Name servers must to have Recursion enabled or what it means.


Let me know your comments.


Thanks in Advance.




Re: Recursion enabled is required for DNSSEC ?

Posts: 2
875     0

DNSSEC validation is when your server is querying other servers.  It's unrelated to signing zones on your authoritative servers.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You