I found this message:
May 8 16:41:18 tilapia named[1268]: zone ox.org/IN:
zone_rekey:dns_dnssec_keymgr failed: error occurred writing key to disk
It would be great if it could tell me the file name that failed to write, and
ideally what the error was (EPERM is my guess, but there could also be
I have moved from dnssec-tools to having bind9 do all the management itself.
There are a couple of things that I don't understand, and I find that the
FAQs and howtos I've read are rather too introductory for me.
I have been signing my zones since around 2004...
I will attempt to blog some of my e
On the closest server question it will prefer the closest but a certain
percentage will go to servers further away. Additionally depending on the
version of BIND and the distance it could lead to the servers further away
taking more traffic in high QPS situations.
If you are getting high QPS you c
Thanks for the answers. A couple more questions and then I'll stand down.
First, it's Ben Croswell. Just pointing that out.
Second, my reading of the definition of a static-stub zone in the Bvarm
indicates that its use is to allow a local copy of the NS list which may
differ from the primary zone
I would concur that internally Anycast is best for client facing edge nodes
to reduce client configuration complexity as well as reducing impact of a
first resolver outage.
On Sun, May 8, 2022, 7:59 AM Tony Finch wrote:
> Bob McDonald wrote:
> >
> > My question is this; how do the recursive ser
Bob McDonald wrote:
>
> My question is this; how do the recursive servers determine from
> the information in the stub zone which name server to query?
As well as what Bob Croswell said about SRTT (which is entirely correct),
there's a subtlety with stub zones in particular.
A stub zone works a
6 matches
Mail list logo