DNS
Table of Contents
The Setup
Authoritative DNS with DNSSEC and 0 on-disk signing keys.
Overview
Devices, Services and Software Used
| Device | Description | Software |
|---|---|---|
| HSM | SmartCard-HSM 4k USB-Token | OpenSC |
| NUC | Intel NUC | Knot DNS |
| NS1 | Vultr VPS | NSD |
| NS2 | Vultr VPS | NSD |
| NS3 | OpenBSD Amsterdam VPS | NSD |
| NS4 | RackNerd VPS | NSD |
Knot DNS
Kont is a feature packed DNS server that allows one to very easily configure DNSSEC.
It provides automatic DNSSEC key management on disk OR on a HSM like the one mentioned here, automatic handling of the serial number for a given zone and many other awesome features!
Glossary
Defenitions
- AXFR
- DNS zone transfer.
- HSM
- Hardware Security Module.