>>>>> "PvD" == Peter van Dijk <peter.van.d...@netherlabs.nl> writes:
PvD> Rectify is 'pretty' cheap when you don't use NSEC3. However, it's not PvD> the kind of thing you'd want to run after every update to a big, busy PvD> zone. And yet, when using automatic serials and axfr replication, every change creates notifies which trigger axfrs which fail until rectify is done. And not just completely fail, but die part way through. (I get caught by that every so often, if I haven't made any changes in long enough that I forget at first that I have to do the rectify. Not every time, but every so often.) I've spent some time looking into a set of functions (I use pgsql) for making changes, which can do all of the necessary logic when adding, removing or changing an RR, but I haven't yet compiled a full list of what exactly is required for every case when dnssec is in use. Has anyone else? -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 1024D/ED7DAEA6 _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
