RE: bind 9.9 & inline-signing issue..

Mon, 30 Jan 2012 12:53:13 -0800 

  Nope, granted you would think that should work, but I really do have two
different views in different files, as I use it to support both my internal
IPv4 RFC1918 space, and my external view for what the rest of the world
should see.

 Here is what my config looks like:

// Internal View
zone "leadmon.org" {
        type master;
        file "master/leadmon.org/db.leadmon.org-internal";
        key-directory "mkeys/leadmon.org";
        allow-transfer { 
                primary_servers;
        };
        auto-dnssec maintain;
        inline-signing yes;
}

// External View
zone "leadmon.org" {
        type master;
        file "master/leadmon.org/db.leadmon.org-external";
        key-directory "mkeys/leadmon.org";
        allow-transfer {        
                primary_servers;
                absnet_servers;
                puck_servers;
        };
        auto-dnssec maintain;
        inline-signing yes;
};


 As stated in a prior message, just the signed zone is not being updated,
when I make an update to the unsigned zone file.   The earlier posting
suggesting that I do a "rndc reload <zone>" does indeed cause the signed
zones to update, but you must specify the zone, just doing a "rndc reload"
to reload everything results in no update being performed on the signed
zone, and even a hard restart of the named process doesn't cause an update.


---
Howard Leadmon 

> -----Original Message-----
> From: bind-users-bounces+howard=leadmon....@lists.isc.org [mailto:bind-
> users-bounces+howard=leadmon....@lists.isc.org] On Behalf Of Alan Clegg
> Sent: Monday, January 30, 2012 8:00 AM
> To: bind-users@lists.isc.org
> Subject: Re: bind 9.9 & inline-signing issue..
> 
> On 1/30/2012 5:28 AM, Howard Leadmon wrote:
> 
> > Jan 30 05:23:26 minbari named[30332]: zone leadmon.org/IN/external
> > (unsigned): loaded serial 2012012901
> > Jan 30 05:23:26 minbari named[30332]: zone leadmon.org/IN/external
> (signed):
> > serial 2012012901 (unsigned 2012012901) Jan 30 05:23:26 minbari
> > named[30332]: zone leadmon.org/IN/external (signed):
> > sending notifies (serial 2012012901)
> 
> Are you, by any chance, using the same FILE for the zone definition of
both
> the internal and external views?
> 
> You may have done this upstream in the thread, but can you post the zone
> stanzas for leadmon.org for both views?
> 
> AlanC
> --
> a...@clegg.com | acl...@infoblox.com
>           1.919.355.8851


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to