Having text files makes editing easier, but you still want to keep the
slaves the same - making the identical edit multiple times is some work,
but may not actually happen depending on circumstances (people make
mistakes)
I like to make all the servers 'masters' - so whoever has the highest
serial
On Wed, 20 May 2009 14:56:20 +1000 Mark Andrews wrote:
>
> In message <200905200158.n4k1wmzv006...@edge.twig.com>, Richard Doty writes:
> > I am running bind 9.5.0, and have a dynamic zone with two ZSK set
> > up in the pre-publish manner - one ZSK is "published"
I am running bind 9.5.0, and have a dynamic zone with two ZSK set
up in the pre-publish manner - one ZSK is "published" but not used
for signing, one ZSK is "active" and signs all records. That's
how I use them when I do a full re-sign with dnssec-signzone. But
when I make a dynamic update to the
Greetings,
I am wondering how folks handle keys for zones that are going
to be signed with nsupdate.
It appears that named wants the zone signing keys to be in the
location identified by the "directory" parameter, yes? Putting
all keys in one directory seems like a scaling issue, besides which
I
4 matches
Mail list logo
