Re: Auto-dnssec maintain and 'continous' resigning

2013-04-04 Thread Alan Clegg
On Apr 4, 2013, at 12:07 PM, Phil Mayers wrote: > On 04/04/13 16:55, Carlos M. Martinez wrote: >> Thank you very much for all the bits, certainly very helpful. >> >> My problem is that this cycle of zone signing triggers zone number >> increases and generates dozens of NOTIFY messages and the c

Re: Auto-dnssec maintain and 'continous' resigning

2013-04-04 Thread Phil Mayers
On 04/04/13 16:55, Carlos M. Martinez wrote: Thank you very much for all the bits, certainly very helpful. My problem is that this cycle of zone signing triggers zone number increases and generates dozens of NOTIFY messages and the corresponding zone transfers to all slaves within a short period

Re: Auto-dnssec maintain and 'continous' resigning

2013-04-04 Thread Carlos M. Martinez
Thank you very much for all the bits, certainly very helpful. My problem is that this cycle of zone signing triggers zone number increases and generates dozens of NOTIFY messages and the corresponding zone transfers to all slaves within a short period of time, something which I believe is not very

Re: Auto-dnssec maintain and 'continous' resigning

2013-04-03 Thread Mark Andrews
In message <515a92a5.3020...@imperial.ac.uk>, Phil Mayers writes: > On 04/01/2013 07:36 PM, Carlos M. Martinez wrote: > > Reframing the question in more general terms... Which events trigger a > > zone re-sign and reload when using "auto-dnssec maintain" ? > > As someone else has already said, zo

Re: Auto-dnssec maintain and 'continous' resigning

2013-04-03 Thread Phil Mayers
On 04/01/2013 07:36 PM, Carlos M. Martinez wrote: Reframing the question in more general terms... Which events trigger a zone re-sign and reload when using "auto-dnssec maintain" ? As someone else has already said, zone updates, signature expiration and key events. In particular, it's normal

Re: Auto-dnssec maintain and 'continous' resigning

2013-04-01 Thread Alan Clegg
On Apr 1, 2013, at 2:36 PM, Carlos M. Martinez wrote: > Reframing the question in more general terms... Which events trigger a > zone re-sign and reload when using "auto-dnssec maintain" ? Obvious ones: modifications to the dynamic zone Less obvious ones: key events (publication/activatio

Re: Auto-dnssec maintain and 'continous' resigning

2013-04-01 Thread Carlos M. Martinez
Reframing the question in more general terms... Which events trigger a zone re-sign and reload when using "auto-dnssec maintain" ? regards, ~Carlos On 4/1/13 12:04 PM, Carlos M. Martinez wrote: > Hello all, > > I have a few zones signed with DNSSEC and "autodnssec maintain". I have > one partic

Auto-dnssec maintain and 'continous' resigning

2013-04-01 Thread Carlos M. Martinez
Hello all, I have a few zones signed with DNSSEC and "autodnssec maintain". I have one particular zone that every now and then (I'm working on finding a pattern or trigger) This re-signing process runs for a while, incrementing the serial each time and growing the journal until stopping. I know