Looking at the journal in detail, it looks like old revisions are not
removed from the journal after being commited to the zone file. I see
old serials appear in signed.jnl, even after the signed file has long
got the new serial.
--
PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4
This might well be a bug in bind9 itself.
I do, however, have several BIND instances with the same inline signing
without dyndb-ldap working just fine.
-nik
--
PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296
Dominik George · Hundeshagenstr. 26 · 53225 Bonn
Mobile:
Package: bind9-dyndb-ldap
Version: 10.1-1
Severity: important
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
After configuring a basic setup with bind9-dyndb-ldap, I tried enabling
DNSSEC inline signing. It does seem to work, but only sporadically. Most
of the time, most zones fail to be signed
3 matches
Mail list logo
