[Openswan Users] Opportunistic Encryption and djbdns
Jack Byer
ojbyer at usa.net
Sat Dec 2 19:33:59 EST 2006
I'm attempting to try out Opportunistic Encryption on my local network.
I have a dns server set up running djbdns with what I thought was all
the TXT records I would need. The output of ipsec verify however is a
little confusing:
Opportunistic Encryption DNS checks:
Looking for TXT in forward dns zone: lithium [OK]
Does the machine have at least one non-private address? [OK]
Looking for TXT in reverse dns zone: d.c.b.a.in-addr.arpa. [OK]
Looking for TXT in reverse dns zone: net\. at mydomain.in-addr.arpa.
[MISSING]
What is that fourth check looking for exactly? I have a TXT record for
c.b.a.in-addr.arpa, I tried inserting a record for
net\. at mydomain.in-addr.arpa, but that didn't work either.
More information about the Users
mailing list