На главную страницу  
+7 (499) 124-62-26
О компании Продукты Демо-версии Купить Цены Контакты Решения
OpenVPN-ГОСТ
КриптоСервер
КриптоТуннель
Защита RDP
КриптоПакет
"Вьюга"

MAGPRO DNS

Русский

You can enable DNSSEC with GOST cryptoalgorithms support (RFC5933). For this, you need to install and configure OpenSSL 1.0.0 and a DNS-server supporting GOST algorithms (either BIND of ISC or Unbound + LDNS + NSD of NLnet Labs).

If you are going to use Unbound + NSD + LDNS you should:
  1. Install LDNS, Unbound and NSD by following instructions on the page:
    Installing and using Unbound+LDNS+NSD with DNSSEC and GOST support
  2. Sign zone files by following instructions on the page:
    Signing zone with «ldns-signzone»
  3. Test DNSSEC with drill utility. Hints about testing you will find on the page:
    Checking DNSSEC with «drill» utility
If you are going to use BIND DNS-server you should:
  1. Install patched BIND with GOST cryptoalgorithms support by following instructions on the page:
    Installing and using BIND with DNSSEC and GOST support.
  2. Sign zone files by following instructions on the page:
    Signing zone with «dnssec-signzone».
  3. Test DNSSEC with dig utility. Hints about testing you will find on the page:
    Checking DNSSEC with «dig» utility.

You will find FAQ on the page:
DNSSEC FAQ


MagPro DNS

Installing and configuring OpenSSL 1.0.0

Installing and using BIND with DNSSEC and GOST support

Signing a zone with «dnssec-signzone»

Checking DNSSEC with the «dig» utility

Installing and using Unbound+LDNS+NSD with DNSSEC and GOST support

Signing a zone with «ldns-signzone»

Checking DNSSEC with the «drill» utility

DNSSEC FAQ

 
Copyright © ООО "Криптоком". 2001-2016. All Rights Reserved.