Hi Matthijs,
I'm testing signing large zone(20Mb) with trunk and the signed zone in /signed
directory is always has a .tmp suffix, say example4.tmp, and the example4.tmp
is signed. And in the syslog I can get some information like :
Jul 13 10:00:32 CST-BJ-104 ods-signerd: [tools] unable to write zone example4:
adapter failed (Assertion error)
If I don't use XFR I can rename the file to example4 and let BIND reload it.
But, the XFR funcation is my priority, so when I configured the example4's
adapter to DNS, the same log occured, and you know there would no signed zone
in /signed directory, but I have found something similar in /var/opendnssec/tmp
directory:
[root@CST-BJ-104:202.173.9.19 :/var/opendnssec/tmp]$ll
total 39492
-rw-r--r-- 1 root root 9900 Jul 17 11:36 example2.axfr
-rw-r--r-- 1 root root 11881 Jul 17 11:36 example2.backup2
-rw-r--r-- 1 root root 10626 Jul 17 11:36 example2.ixfr
-rw-r--r-- 1 root root 9900 Jul 17 11:36 example3.axfr
-rw-r--r-- 1 root root 11881 Jul 17 11:36 example3.backup2
-rw-r--r-- 1 root root 9192 Jul 17 11:36 example3.ixfr
-rw-r--r-- 1 root root 40325915 Jul 17 11:34 example4.axfr.tmp
-rw-r--r-- 1 root root 9819 Jul 17 11:36 example.axfr
-rw-r--r-- 1 root root 11800 Jul 17 11:36 example.backup2
-rw-r--r-- 1 root root 12264 Jul 17 11:36 example.ixfr
You see example4.axfr.tmp? there is a .tmp suffix,too. And the hidden master
did not receive any notify signal about example4, but received example,example2
and example3, because they are all small zone just less than 1Kb.
So I think the problem may be caused by the .tmp suffixed, it affected
OpenDNSSEC's normal logical process and then made the XFR failed.
Any ideas?
Best regards,
Stuart
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
