1,760
edits
Changes
→Investigation 1: Performing queries using DNSSec
* For Investigation 3, you should do it on your VM2 in the Virtual Lab.
==Investigation 1: Performing queries using DNSSecDNSSEC==
Perform the following steps on your own pri-dns CentOS 8.x at home:
<ol>
</source>
*Notice the addition of the <b>flags: do</b> flag (<font color='blue'>DNSSec DNSSEC Ok</font>, that is the server we queried is willing to perform authentication), but no other difference in output. This information is '''not''' authenticated.
</li>
<li>Now we will run a query that does get authenticated:
</source>
*Notice that in addition to the <b>do</b> flag, the answer to this query also has an <b>ad</b> flag (<font color='blue'>Authenticated Data</font>), along with extra information in the answer itself (the <b>RRSIG</b> record). This result '''is''' authenticated.
*If you want to see this result without the DNSSec DNSSEC information, simply re-run the query without the +dnssec request.
</li>
</ol>