On 11/01/12 15:31, Howard Leadmon wrote:
Then I go to make a change to my DNS file, whoa was I in for a shock, as apparently BIND took my nice text file for DNS I have edited for ages, and
As you found out, you cannot do that. "auto-dnssec maintain" requires that updates to the zone by via dynamic DNS.
So I guess my million dollar question is, I want to use DNSSEC (it's actually working now), but I want to be able to edit my zone files the way I always have for many years, and just have BIND sign the zones with the keys and update as needed to keep DNS running smoothly. Is there some easy way to do this, some scripts someone has made, or some documentation to walk me through accomplishing this?
This is called "inline-signing" and is a new feature in Bind 9.9, which is in beta. There is some discussion of the limitations and early bugs in the list archive.
Google "bind 9.9 inline signing" for more info, and see the list archives. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
