Hi Mike,
> Anyone want to (gently) shoot me down?
not really.
Of course, the correct fix would be to fix the authoritative setup.
You could do some research on your end to see how many requests your
servers are doing towards the service provider. Maybe you run in some
sort of rate lim
So you want probably Bind's stale-answer-enable=yes?
Klaus
Gesendet über BlackBerry Work (www.blackberry.com)
Von: Mike via Pdns-users
Gesendet: 27.05.2020 22:33
An: pdns-users@mailman.powerdns.com
Betreff: [Pdns-users] retaining cache
Hi,
I already know I
Hi,
I already know Im going to get in trouble with the dns protocol
police, and probably shoot myself in the foot at the same time, however
I know of a large service provider that has foolishly put both
authoritative name servers for their domain on the same subnet, and for
which has
Hi,
>
> Thank you, that seems to work: importing the key and setting the zone
> to 'not presigned' leads to RRSIG records being produced on the slaves.
>
> However, when I edit the zone on the master and trigger a transfer to
> the slaves, the 'PRESIGNED' flag returns on the zone, which is
> docum
Hi!
Thank you, that seems to work: importing the key and setting the zone to
'not presigned' leads to RRSIG records being produced on the slaves.
However, when I edit the zone on the master and trigger a transfer to
the slaves, the 'PRESIGNED' flag returns on the zone, which is
documented behavio
Hi Martijn,
Native zones with replication might be the easiest from a management point of
view (remember to encrypt the replication data so that you don’t expose your
keys), but online signing should work fine with slave zones.
Use "pdnsutil export-zone-key” to export the private key on the mas
Hi,
We have a simple setup with a PowerDNS master and two PowerDNS slaves
(AXFR). Our zones are generally signed with DNSSEC and everything has
been working fine. Recently, I started experimenting with LUA records,
and for those, we're seeing problems (SERVFAIL) when we query them
through 3rd par
