I've got a few zones I slave for a friend. He presigns some of those zones on bind and I AXFR them as a slave.
Log entries don't indicate detecting presigned zones on AXFR. Dig with +dnssec doesn't return anything either. dnsviz is showing me as being a problem nameserver for him now. I've got the bind-dnssec-db set, and created the dnssec-db with pdnsutil (and chowned it to pdns:pdns even) I've tried pdnsutil set-presigned <zone> I've been googling this for about an hour and I can't find something wrong with what I'm doing. I did find the following command, which outputs many lines like the following: pdnsutil check-all-zones Aug 12 06:49:30 [bindbackend] Done parsing domains, 0 rejected, 19 new, 0 removed [Warning] Parsed and original record content are not equal: fudo.ca IN RRSIG 'SOA 8 2 3600 20140614060342 20131216060342 17133 fudo.ca. gXArdDSbIIFjFn7fjj4h8MnT2ZQYwKuCWOKDXTn+da5MnmCkp7KXM+PA78Bm2Z2Lo8boU5mJd49pTdEOrSMUFd9/gNi7PW3a5PPc0v9XHvM+1zTqrRrvch8PzWieiIlOiHjupH5JsDVznKlRDPRmjHerbddr3++PR0OPWPAXy6I=' (Content parsed as 'SOA 8 2 3600 20140614060342 20131216060342 17133 fudo.ca gXArdDSbIIFjFn7fjj4h8MnT2ZQYwKuCWOKDXTn+da5MnmCkp7KXM+PA78Bm2Z2Lo8boU5mJd49pTdEOrSMUFd9/gNi7PW3a5PPc0v9XHvM+1zTqrRrvch8PzWieiIlOiHjupH5JsDVznKlRDPRmjHerbddr3++PR0OPWPAXy6I=') [Error] RRSIG found at 'fudo.ca' in non-presigned zone. These do not belong in the database. Theodore Baschak - AS395089 - Hextet Systems https://ciscodude.net/ - https://hextet.systems/ http://mbix.ca/
_______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
