Milan Jeskynka Kazatel <kazat...@seznam.cz> wrote: > > Why does Bind keep resign zone in a loop over and over in a few minutes?
It only signs a few records at a time to avoid eating all your CPU (my server seems to average 53 records at a time, coincidentally). It spreads out re-signing according to the sig-validity-interval: by default it takes about 3 weeks to re-sign the zone completely. You can make it a sign in bigger chunks to some extent by increasing sig-signing-signatures and sig-signing-nodes, but there are other hard-coded parameters (related to jitter on signature times) which make these options less effective than you might expect. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Forties, Cromarty, Forth: Cyclonic 4 to 6, becoming west 6 or 7, perhaps gale 8 later. Slight or moderate, becoming moderate or rough later. Occasional showers. Good, occasionally moderate. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
