Hi folks, searched the docs, and list archives and have found only one
reference in the archive regarding implementing the automated
resigning of zones. From a listmail response by Mark Andrews dated Tue
Oct 14 23:39:45 UTC 2008 in response to Subject: Gritty details of
automatic resigining in 9.6? by Chris Thompson, in which Mark states:
Re-signing applies to secure dynamic zones. Named updates
the serial and generates ixfr's just like it would for a
UPDATE request. Think of it as a internally generated
UPDATE request to replace signatures that are scheduled to
re-generated. That generation is done when 1/4 of the
signature validity interval remains though it is tunable.
What is a "dynamic zone" in this context?
I assume the "secure" means the zone file has been signed at least once?
Does the named user also need write access to the zone files to
accomplish the resigning?
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
