On 8/06/11 11:38 PM, "Christof Meerwald" <[email protected]> wrote:
>On Wed, 08 Jun 2011 18:21:14 +1200, Craig Whitmore wrote: >[...] >> Can someone help why the slave is failing=8A > >I think one of the DNSSEC records is being truncated on the slave as >it exceeds 256 bytes - you might need to update the database schema on >the slave to allow for longer records. Thank you. It works now. I used the default database from all the documentation set up so maybe (IMHO) the default needs to be increased to some thing larger. On the slave I did.. alter table records modify content varchar(512); updated the master and it transferred and now.. dig +dnssec +sigchase +trusted-key=./trusted-keys -t A spam.co.nz @114.23.33.130 ;; Ok this DNSKEY is a Trusted Key, DNSSEC validation is ok: SUCCESS dig +dnssec +sigchase +trusted-key=./trusted-keys -t A spam.co.nz @114.23.33.131 ;; Ok this DNSKEY is a Trusted Key, DNSSEC validation is ok: SUCCESS I must write up a how to on getting this working as the documentation for powerdnssec is a little lacking on this matter:-) There are a couple of gotya's > >> I cannot find any documentation on slaves and powerdnssec and how it >>should >> be done properly.. > >If you happen to have non-PowerDNS slaves, you might also want to set >"SOA-EDIT" to "INCREMENT-WEEKS" in the domainmetadata table for that >domain (this isn't needed if you only have PowerDNS slaves). I am using PowerDNSSec only. Thanks > _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
