[Yeti DNS Discuss] Yeti DNS resolver on a Turris Omnia

'Stephane Bortzmeyer' bortzmeyer at nic.fr
Mon Mar 13 08:26:44 UTC 2017


On Mon, Mar 13, 2017 at 11:39:53AM +0800,
 dbgong <dbgong at biigroup.cn> wrote 
 a message of 247 lines which said:

> Can you check the KSK status of the new resolver?

root at turris:~# cat /etc/kresd/yeti-root.keys 
. 3600 IN TYPE48 \# 264 0101030803010001B0349414F5683C70A0D97B77F7D7A85141B4BF95C012EA80E607800AAB9EF851BC7B3E1AB4D6659E6066EFF435E5F86065E6A2F4F59C6A58FFDA22DF4A43BDBCCF96E41738A4953FFC6BD4AC8B3E9F29C6256A19EF7BDC5E797D7E2240E50C0769F65577C8C52AF24CD60FCF8E1996DA5AD74580558CC7A72DE8C71D2A652783B1D3C730D07B626D2104C63DD9C89F5B241689F1DB7206C519FDA6A70174D2F00B97DDAA867BC83915590BF8A134D77B0EF42D30B754BD2A10D30A02FC486A7B15D0BF46CB94F906E79777EC9A1A55B58212758B67E093F847A2E54E150AA1FEC4212F3A34F8E5942DD247C1DCAE1BC1F87A0F910195E275DF3DE96D4C01CB45 ; Valid
; . 86390 IN TYPE48 \# 264 0101030803010001D659A8BEB94C0FE41E42EAD7E38DE5E4189BD3D40605795106CF710B510176DA77597A9BA474889220E3A222C85C9490487E1FB67DFE83CD9E433DCEE6F64E31623556544A7A725AD3EA543E671EB85439D4B7C96FC05E966E349DF35FD5C35D4A621277D33CE32B522669A4FD5FAB1FE39C00BD6032ECE0ADBAA1CA03C90A7EBA6BBE78EACFFD339A7116A0FBDAFD362433B15B971D09C2C293D8E0DC2503B41168E3A306223DB4D1030F6921544ED8CB973FB19622AE54CE4C405B5E477D97D595A918043BE8A46FC18C83B86039D76FAA3EC8B4166F05400241CDDCD0EA9A2E7119C7A0B0210A63C693CF61DCA211D292C07187DD5DD37D2F80110956F2E9 ; AddPend

Awful formatting, uh
<https://gitlab.labs.nic.cz/knot/resolver/issues/167>? :-)

Let's try from the Knot Resolver console:

root at turris:~# socat - UNIX-CONNECT:/tmp/kresd/tty/$(pidof kresd)
> trust_anchors.keyset()
[string "return table_print(trust_anchors.keyset())"]:1: attempt to call field 'keyset' (a table value)
> trust_anchors.keyset
[1] => {
    [owner] => \0
    [key_tag] => 19444
    [state] => Valid
    [type] => 48
    [ttl] => 3600
    [rdata] => \1\1\3\8\3\1\0\1\1764\148\20\245h<p\160\217{w\247\215\168QA\180\191\149\192\18\234\128\230\7\128\10\171\158\248Q\188{>\26\180\214e\158`f\239...
    [class] => 1
}
[2] => {
    [owner] => \0
    [key_tag] => 59302
    [rdata] => \1\1\3\8\3\1\0\1\214Y\168\190\185L\15\228\30B\234\215\227\141\229\228\24\155\211\212\6\5yQ\6\207q\11Q\1v\218wYz\155\164t\136\146 \227\162...
    [state] => AddPend
    [type] => 48
    [ttl] => 86390
    [timer] => 1491933912
    [class] => 1
}

So, it seems OK. 1491933912 = Tue Apr 11 20:05:12 CEST 2017


More information about the discuss mailing list