On 1/20/20 6:28 AM, Brian J. Murrell wrote:
I'm really not sure about what the name of this feature I am going to
describe would be. I would probably call it an "overlay view". But I
am sure there are better names.
I get why you say "overlay view", but I think I'd try to avoid the
"overlay"
On 1/20/20 9:06 AM, N. Max Pierson wrote:
My terminology seems to be the issue here, so let me try and
rephrase/elaborate : )
;-)
I was not aware there was anything built in that would let you
add/remove/change the zone itself from the master.
Yes, Catalog Zones. I think it's only a few ye
NSEC3 is like a toilet window. You want it translucent, not transparent. For
that purpose, it serves well.
--
Ondřej Surý — ISC
> On 21 Jan 2020, at 17:05, Jim Reid wrote:
>
>
>
>> On 21 Jan 2020, at 15:59, Daniel Stirnimann
>> wrote:
>>
>> I agree that re-salting is kind of pointless
>
> On 21 Jan 2020, at 15:59, Daniel Stirnimann
> wrote:
>
> I agree that re-salting is kind of pointless
So, just like NSEC3 then? :-)
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mai
> Just don’t do that, there’s no sensible reason to change salt that often (or
> ever). I don’t know where the advice to change salt often comes from, but
> the advice has been wrong for so many years.
I agree that re-salting is kind of pointless (we still do it for .ch
though because so far I'
Hi Niels,
> On 21 Jan 2020, at 15:43, Niels Haarbo via bind-users
> wrote:
>
> Hello BIND users
>
> Our DNSSEC signer changes NSEC3 salt every 30 days. The signer resigns all
> the relevant records and the zone is transferred using IXFR to the
> authoritative servers (6 nodes).
Just don’t
Hello BIND users
Our DNSSEC signer changes NSEC3 salt every 30 days. The signer resigns all the
relevant records and the zone is transferred using IXFR to the authoritative
servers (6 nodes).
Two of the 6 authoritative servers (BIND 9.11.13 and 9.11.14) are affected by a
performance decline sh
7 matches
Mail list logo
