On 2016-07-04 at 15:44:32 Tony Finch <[email protected]> wrote: > In most cases it is best to either use `nsupdate` exclusively, or > directly edit the master file, but not a mixture of the two. If you > are using `nsupdate` then there is no need for inline-signing.
>From the responses i received, it seems i completely misunderstood how automatic signing is supposed to work. If i'm now understanding correctly, there are 2 mutually exclusive ways to do things: 1) Maintain zone files with a text editor, and sign them manually. 2) Maintain zones with nsupdate, and let Bind sign them. It seems i was mixing the two and not getting the results i expected. I'll talk it over with our network administrators (they do most of our DNS updates) and see which way they'd prefer to maintain zones, and then provide appropriate instructions. Thanks everyone for clearing up my confusion! P.S.: Cool e-mail address. I first heard of [email protected] some years ago when a friend found out about it randomly. I never expected to communicate with the owner of that address though! __ Daniel A. Ramaley | Server Engineer 2 Information Technology Services (ITS) | Drake University T: +1 (515) 271-4540 F: +1 (515) 271-1938 E: [email protected] _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
