Facebook
Twitter
psxeu
Basic Pleskian
- Server operating system version
- Almalinux 9
- Plesk version and microupdate number
- Plesk Obsidian 18.0.67
Hi
I am setting DNSSEC up and are using a couple of online services to validate if everything is okay. One of the services are DNSViz | A DNS visualization tool - When I do it for a domain I get some errors:
RRSIG NSEC proving non-existence of MyDomain.tld/CDNSKEY alg 14, id 47160: The TTL of the RRset (10800) exceeds the value of the Original TTL field of the RRSIG RR covering it (7200). See RFC 4035, Sec. 2.2.
I can fix it by setting the Zone defaults TTL to 3 hours - but it seems more like a hack. Should the system not align the TTL for the RRset with the Zone defaults TTL?
I am setting DNSSEC up and are using a couple of online services to validate if everything is okay. One of the services are DNSViz | A DNS visualization tool - When I do it for a domain I get some errors:
RRSIG NSEC proving non-existence of MyDomain.tld/CDNSKEY alg 14, id 47160: The TTL of the RRset (10800) exceeds the value of the Original TTL field of the RRSIG RR covering it (7200). See RFC 4035, Sec. 2.2.
I can fix it by setting the Zone defaults TTL to 3 hours - but it seems more like a hack. Should the system not align the TTL for the RRset with the Zone defaults TTL?
