Tony, Our environment has the secondary set up as a slave with 'raw' zones in the same paths, so upon primary failure, change the zone roles to 'master' and include the inline signing stanzas.
They keys are duplicated using an external process. Happy days. Now if only BIND could to a true multi-master-signer. Oh, the pipe dreams! Stuart > -----Original Message----- > From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of > Tony Finch > Sent: Tuesday, 22 May 2018 8:23 PM > To: Michael Sinatra > Cc: bind-users@lists.isc.org > Subject: Re: redundant bump-in-the-wire signers using BIND > <snip> > > (My recovery plan for a failed signer is to reprovision a replacement > from scratch.) _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
