Hello! Recently upgraded a master server to bind-9.9.7-P2, in order to take advantage of automated inline signing as detailed here:
https://kb.isc.org/article/AA-00626/0/Inline-Signing-in-ISC-BIND-9.9.0-Examples.html One thing I've noticing is that it appears that the zones are resigned or checked every hour: Aug 22 06:43:59 svr7 named[3507]: zone speedyiguana.com/IN (signed): reconfiguring zone keys Aug 22 06:43:59 svr7 named[3507]: zone speedyiguana.com/IN (signed): next key event: 22-Aug-2015 07:43:59.648 [snip] Aug 22 07:43:59 svr7 named[3507]: zone speedyiguana.com/IN (signed): reconfiguring zone keys Aug 22 07:43:59 svr7 named[3507]: zone speedyiguana.com/IN (signed): next key event: 22-Aug-2015 08:43:59.648 [snip] Aug 22 08:43:59 svr7 named[3507]: zone speedyiguana.com/IN (signed): reconfiguring zone keys Aug 22 08:43:59 svr7 named[3507]: zone speedyiguana.com/IN (signed): next key event: 22-Aug-2015 09:43:59.648 Is the zone being signed every hour, or is it just a check? FWIW, the .signed and .jnl are not being modified every hour, so I suspect that log entry is just a periodic check.. but I'm not sure. All in all, this inline signing is awesome compared to the alternative. :-) -Jim P. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users