Re: Refresh of the .signed DNSSEC file?
@lbutlr wrote: > Based having update-policy local; auto-dnssec maintain; in the zone, > when I make changed to example.com I was expecting that > example.com.signed will be refreshed. > > This doesn’t seem to be happening. Are you doing `rndc freeze` and `rndc thaw` before and after editing the unsigned zone file? How are you checking the signed zone? By querying the name server or by looking at the file directly? If the latter, are you using named-compilezone with the -j flag to include the journal, or are you using named-journalprint? Tony. -- f.anthony.n.finchhttp://dotat.at/ Shetland Isles: Southwesterly 5 or 6 at first in east, otherwise northwesterly 3 or 4, increasing 5 or 6 later, then veering northeasterly 3 or 4 later in east. Moderate or rough, but slight in sheltered east at first. Rain or showers. Good, occasionally moderate.___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Refresh of the .signed DNSSEC file?
On 02 Feb 2019, at 06:34, Alan Clegg wrote: > when you make changes with "nsupdate -l", does the right thing happen? Hmm. I don’t know, I’ve never done that. Trundles off to read the nsupdate man page. -- W is for WINNIE embedded in ice X is for XERXES devoured by mice ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Refresh of the .signed DNSSEC file?
On 2/2/19 7:54 AM, @lbutlr wrote: > Based having update-policy local; auto-dnssec maintain; in the zone, > when I make changed to example.com I was expecting that > example.com.signed will be refreshed. > > This doesn’t seem to be happening. > > I just went through several domains and changed the serial number and > removed an old subdomain (ftp) from them, did an rndc reload, and … > nothing. > Since you are using "update-policy local;", when you make changes with "nsupdate -l", does the right thing happen? AlanC ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Refresh of the .signed DNSSEC file?
Based having update-policy local; auto-dnssec maintain; in the zone, when I make changed to example.com I was expecting that example.com.signed will be refreshed. This doesn’t seem to be happening. I just went through several domains and changed the serial number and removed an old subdomain (ftp) from them, did an rndc reload, and … nothing. -- The Steve is seen, rightly or wrongly, as the visionary, the leader, the savant. Bill is the Boswell to The Steve's Johnson, but lacking Boswell's wit, charm, and dynamic personality. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users