I'm trying to sync the kaspdb between two servers, which I expect to do periodically to counter drift between two signing boxes.
On the primary, I'm using ods-ksmutil backup to prepare and create /var/opendnssec/kasp.db.backup: -rw-r--r-- 1 ods ods 39936 Sep 24 10:36 /var/opendnssec/kasp.db.backup I'm scp'ing that file over to the secondary server. Can I make ods-enforcerd use this kaspdb without a restart of ods-enforcerd? I tried to make the secondary server do an "ods-ksmutil backup rollback" to make it read the .backup config into running config...but I get "There were no keys to rollback". I'd've expected there to be a "restore" option or what not...what am I missing? What's the preferred method for syncing two signers? Thanks, -Jacob Zack Sr. DNS Administrator - CIRA (.CA TLD)
_______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
