Hi
Using BIND-9.16.1.
In the last ISC dnssec webinar
(https://www.youtube.com/watch?v=2aB__FZZQ84) I heared, that CDS/CDNSKEY
records automatically should be published when using dnssec-policies.
My policy looks like this:
dnssec-policy "test-policy" {
dnskey-ttl 60;
keys {
On Wed, Apr 08, 2020 at 10:22:55PM +, Evan Hunt wrote:
> You didn't mention what version you're running, but IIRC, this was
> added in 9.16.
My mistake, 9.17.
On most Unices you can specify /dev/stdin as the filename though, and
that should work with any version.
--
Evan Hunt -- e...@isc.or
On Wed, Apr 08, 2020 at 02:58:12PM -0400, Matthew Pounsett wrote:
> It looks to me like named-checkzone isn't able to read a zone file from
> stdin.
You didn't mention what version you're running, but IIRC, this was
added in 9.16.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
__
Matthew Pounsett wrote:
>
> I like your suggestion of using /dev/stdin as the file though.. I bet I can
> make that work until 9.18 is out.
Anand's trick has worked for me for many years :-) nsdiff has used
`named-compilezone /dev/stdin` since I originally wrote it in 2011...
Tony.
--
f.anthony
On 4/8/20 1:55 PM, Anand Buddhdev wrote:
named-checkzone wants a file, so give it a "file":
named-checkzone ripe.net. /dev/stdin < ripe.net.zone
You might also consider <(...) files.
named-checkzone example.com <(cat example.com.db)
Note that it would work with "cat file | ..." but I abso
On Wed, 8 Apr 2020 at 15:55, Anand Buddhdev wrote:
> Note that it would work with "cat file | ..." but I absolutely hate the
> cat-pipe combination. I've been known to mark down interviewees who
> offer a solution that involves cats and pipes :)
>
That was just a minimal example to demonstrate t
On 08/04/2020 20:58, Matthew Pounsett wrote:
> It looks to me like named-checkzone isn't able to read a zone file from
> stdin.
>
> % cat example.com.db | named-checkzone example.com -
> zone example.com/IN: loading from master file - failed: file not found
> zone example.com/IN: not loaded due t
Cool, thanks! Nice to see my feature requests being implemented even
before I ask! :)
On Wed, 8 Apr 2020 at 15:05, Ondřej Surý wrote:
> Matt,
>
> this has been merged into March release 9.17.0:
>
> https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/2552
>
> Unfortunately, we don’t back
Matt,
this has been merged into March release 9.17.0:
https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/2552
Unfortunately, we don’t backport new features, so either you need to follow the
9.17 track or backport the patch yourself. It should be fairly straightforward
to backport it to
It looks to me like named-checkzone isn't able to read a zone file from
stdin.
% cat example.com.db | named-checkzone example.com -
zone example.com/IN: loading from master file - failed: file not found
zone example.com/IN: not loaded due to errors.
% cat example.com.db | named-checkzone example.
Hi Philippe,
On 4/7/20 3:46 PM, Philippe Maechler wrote:
> Hello bind users
>
>> The answer is almost, as long as the zone has a DNSSEC policy configured:
>>
>> zone "newdomain.de" {
>> type master;
>> file "../master/newdomain.de";
>> dnssec-policy default;
>> }
>>
>> The only thing not ye
11 matches
Mail list logo
