Hi, What is the best practice for signing/re-singing zones with journal? We manually resign our domain, and use journaling, resigning is a PIA. if we forget to thaw, the zone bails and stays unloaded because journal roll forward error, which bring the question why? since resolution to this is stop named, remove journal file and restart, could named and rndc not be smarter in these instance? or at very least, reload zone from file so at least it does not take unsuspecting peoples off air.
So, way we (try to remember to) do is: (modify zonefile if need) rndc freeze dnssec-signzone -options rndc thaw or is better way? it is the freeze/thaw we keep forgetting :-!
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
