Well after the various discussion a short while back, I decided to give
the inline-signing a run, and after setup I must say it did appear to do
what I expected. Of course anything that went that easy had to have a
snag, and it did, and at the moment I am wondering what I have missed so
I agree with you. I took your example and installed bind 9.9.0b2
I also updated my 'soa' in the unsigned...
Am getting the following in my log...
Jan 29...: zone test1.co.za/IN (unsigned): loaded serial 2012012901
Jan 29...: zone test1.co.za/IN (signed): loaded serial 200105
(DNSSEC signed)
After setting up a zone with DNSSEC using inline-signing, I have run into the
issue where if I do anything that updates the unsigned file that is input
into BIND, that it never seems to update the signed data it generated.
As an example, I had serial number of 2012012701 in the test zone
Hi Peter
Thanks a lot for your reply. I had enabled query-errors with debug level 2
in my bind logging, now i am able to log all SERVFAIL related error logs in
query-errors.log. But i am unable to log the NXDOMAIN error logs .
Referring to Bind documentation, i enabled delegation-only
In message canbtt6nxwb4fqygev4x8_jl+m5ho7wfenirxzg3pgvc-kzc...@mail.gmail.com
, Shiva Raman writes:
Hi Peter
Thanks a lot for your reply. I had enabled query-errors with debug level 2
in my bind logging, now i am able to log all SERVFAIL related error logs in
query-errors.log. But i am
Slept on this.
This morning 8+ hours later, no change.
Added a completely new record to the (unsigned) zone, updated the SOA
Serial and ran 'rndc reload':
Jan 30 09...: received control channel command 'reload'
Jan 30 09...: loading configuration from '/etc/bind/named.conf'
...
Jan 30 09...: zone
6 matches
Mail list logo
