red, each view of the zone would have a separate DNSSEC key.
>
> I think it is fine using the same key-directory. The only thing is when
> you change your configuration in the future such that the dnssec-policy
> is different for each view of the zone, you have to also change the
>
Hello all,
I am consolidating our old split DNS consisting of internal and
external dedicated servers(VMs) into one primary server with views
(there will be secondaries, but they are not important to the
question). The old previous configuration is using inline-signing and
auto-dnssec. I will be sw
y;’
> and removed ‘inline-signing yes;’. Put back ‘inline-signing yes;’ if you
> want named to maintain two instances of the zone.
>
> --
> Mark Andrews
>
> > On 6 Mar 2022, at 03:49, Josef Vybíhal wrote:
> >
> > Hi everyone,
> > today I switched more dom
Hi everyone,
today I switched more domains from inline-signing do dnssec-policy and
I noticed something that I quite do not like. So I want to ask if
that's normal and if there is a way to stop it from happening.
I had this:
zone "EXAMPLE.com" {
type master;
file "master/EXAMPLE.com.zone";
gned domain and bam, CDS+CDNSKEY records
are published after time specified in policy.
Josef
On Thu, Aug 12, 2021 at 10:08 AM Matthijs Mekking wrote:
> Hi,
>
> On 12-08-2021 09:02, Josef Vybíhal wrote:
> > Hi, for a second day, I am scratching my head over (automatic)
> > publ
Hi, for a second day, I am scratching my head over (automatic) publishing
CDS/CDNSKEY records. When I read Matthijs Mekkings KB article at
https://kb.isc.org/docs/dnssec-key-and-signing-policy, I wanted to try
dnssec-policy. Up until now, I successfully was using inline-signing with
auto-dnssec.
I
6 matches
Mail list logo
