and the content of /var/named/keys are?
> On 11 Mar 2020, at 12:06, Alan Batie wrote:
>
> On 3/10/20 5:51 PM, Mark Andrews wrote:
>> So what do you still have related to the zone? Have you examined the
>> contents of those files? Some of them may be binary so grep won’t work.
>> Are you actual
> On 11 Mar 2020, at 00:54, Milan Jeskynka Kazatel wrote:
>
> Hello Community,
>
> I would like to figure out how to describe a Bind behavior when the zone is
> repeatedly resigned. The Bind continuously did a resign process and
> automatically increase the zone serial number which causes un
On 3/10/20 5:51 PM, Mark Andrews wrote:
> So what do you still have related to the zone? Have you examined the
> contents of those files? Some of them may be binary so grep won’t work.
> Are you actually looking in the right place. Are you running chroot?
> Did you really stop named? How is the
So what do you still have related to the zone? Have you examined the
contents of those files? Some of them may be binary so grep won’t work.
Are you actually looking in the right place. Are you running chroot?
Did you really stop named? How is the zone defined in named.conf?
Mark
> On 11 Mar
I'm trying to clear a zone's dnssec records, or at least some of them -
I removed the key files from the keys directory and removed the zone.*
files (signed, jbk, jnl, etc) and restarted named. I did a recursive
grep for the key id in question in /var/named and it's nowhere to be
found, yet, after
On 3/10/20 4:03 PM, Mark Andrews wrote:
> Firstly don’t blindly add DS records without first checking that the DNSKEYs
> they refer to are published. DNSSEC is less tolerant of operator error and
> sometimes things go wrong. There are lots of “wait until …” in managing
> DNSSEC
> and if you don’
Firstly don’t blindly add DS records without first checking that the DNSKEYs
they refer to are published. DNSSEC is less tolerant of operator error and
sometimes things go wrong. There are lots of “wait until …” in managing DNSSEC
and if you don’t wait DNSSEC validations will fail as a result as
I've got a test domain that I thought I had all working, but noticed the
key signing key was missing, so I generated one and did an rndc loadkeys
to get things updated, then generated a ds record for it and uploaded
that to the registrar, however, it still shows broken, and when I look,
I see that
Hello Community,
I would like to figure out how to describe a Bind behavior when the zone is
repeatedly resigned. The Bind continuously did a resign process and
automatically increase the zone serial number which causes unexpected AXFR/
IXFR traffic on slave servers.
The zone has 180 recor
Hello Community,
I tried to solve an issue with resign zone. Bind behavior shows in the log
an serial number of the zone is increased repeatedly in the row and in the
log is many records of
--
Smil Milan Jeskyňka Kazatel
___
Please visit https://lis
10 matches
Mail list logo
