Forum Discussion

Anoop_Dharan_20

Icon for Nimbostratus rank

Nimbostratus

Jul 06, 2018

DNSSEC setup questions

Hello Folks,

We have two sites. Each site has two F5 DNS appliances that configured as cluster mode.

If we configure DNSSEC in Site1 - DNS1 (active) appliance, how the DNSSEC KSK, ZSK and DS record sync with other 3 appliances. How long does it take?
If Site1 - DNS1 (active) appliance failed down, any impact to the DNSSEC zone? Need re-gen the keys and re-sign the zone after RMA?
If we change the "Rollover Time" and "Expiration Time" of the KSK and ZSK, any detail procedures to make it active and when to upload the new DS record to my parent zone? Follow old rollover period or new rollover period?

application delivery

No RepliesBe the first to reply

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

DevCentral News

F5 Academies Are Back – And We’re Coming to a City Near You

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5