201907-b...@planhack.com wrote:
>> My solution is not to mix dynamic update with other access. Instead,
>> I put in CNAMEs in the signed zone to a sub-zone (or other zone) where
>> I do exclusive dynamic update. This isn't perfect, but it works well
>> enough to allow dns-01
Paul van der Vlis via bind-users wrote:
> But how could I refresh the key without loosing the IP?
I was in a similar situation. I managed my zone files mostly manually,
but a few records needed to be updated automatically. Either manual
changes would obliterate automatically updated records, as
> My solution is not to mix dynamic update with other access.
> Instead, I put in CNAMEs in the signed zone to a sub-zone (or other zone)
> where I do exclusive dynamic update. This isn't perfect, but it works
> well enough to allow dns-01 (certbot/LetsEncrypt) to be able to refresh my
>
In general, you don't want to mix dynamic update zones with ones that you
want to edit by hand. I see that you are doing manual DNSSEC signing in your
cron job.
Your choices are:
a) do everything with dynamic update, and turn on automatic DNSSEC management
in bind9.
b) do your DNSSEC
Just configure named to sign the zone.
--
Mark Andrews
> On 6 Oct 2023, at 22:30, Paul van der Vlis wrote:
>
> Op 06-10-2023 om 10:39 schreef Mark Andrews:
>> You need to figure out what is updating the zone. This isn’t named.
>
> Thanks for your answer.
> It makes me find the reason. See
Op 06-10-2023 om 10:39 schreef Mark Andrews:
You need to figure out what is updating the zone. This isn’t named.
Thanks for your answer.
It makes me find the reason. See my other message.
With regards,
Paul
--
Paul van der Vlis Linux systeembeheer Groningen
https://vandervlis.nl/
--
Visit
Op 06-10-2023 om 10:28 schreef Paul van der Vlis via bind-users:
Hello,
I try to give a dynamic IP to a name, using nsupdate. This works fine,
but after some hours the IP is gone from the master (which I update).
Something like this:
Host home.customer.nl not found: 3(NXDOMAIN)
The IP is
You need to figure out what is updating the zone. This isn’t named.
--
Mark Andrews
> On 6 Oct 2023, at 19:28, Paul van der Vlis via bind-users
> wrote:
>
> Hello,
>
> I try to give a dynamic IP to a name, using nsupdate. This works fine, but
> after some hours the IP is gone from the
Hello,
I try to give a dynamic IP to a name, using nsupdate. This works fine,
but after some hours the IP is gone from the master (which I update).
Something like this:
Host home.customer.nl not found: 3(NXDOMAIN)
The IP is then still available from the slaves, what gets it from the
master.
9 matches
Mail list logo
