> So my understanding is that for the time being I’m going to have to run the
> following after adding or removing a zone.
> ods-enforcer loneliest export
>
> To avoid any foot-shootery?
Yes, you can do a 'zonelist export' to make sure the zonelist.xml
contains all configured zones. BUT you don
Hi
So my understanding is that for the time being I’m going to have to run the
following after adding or removing a zone.
ods-enforcer loneliest export
To avoid any foot-shootery?
Regards
—
David Peall
> On 16 Sep 2016, at 3:10 PM, Yuri Schaeffer wrote:
>
> Hi David,
>
> Thanks for your re
Hi David,
Thanks for your report!
> I’m added zone 2 and 3. I updated a TSIG key for domain 2 and then
> updated the enforcer and it deleted all my domains?
Well this is a bit embarrassing... Since 2.0 we declared the database
leading over the zonelist.xml for the configured zones. But to provi
Hi
Zone 1 has been running for a months in a test environment.
I’m added zone 2 and 3. I updated a TSIG key for domain 2 and then updated the
enforcer and it deleted all my domains?
opendnssec version 2.0.1
root@signer1:/etc/opendnssec# ods-enforcer update all
Policy default already up-to-da
Hi Juan,
> We have compiled ods (at version 1.4.10) on a RHEL7 and added some numb
> zones for testing but ods-signerd is crashing:
>
> Sep 16 12:49:38 plat ods-signerd: ObjectFile.cpp(122): The attribute
> does not exist: 0x0002
> Sep 16 12:49:38 plat kernel: ods-signerd[12271]: segfault at
Hi,
We have compiled ods (at version 1.4.10) on a RHEL7 and added some numb
zones for testing but ods-signerd is crashing:
Sep 16 12:49:38 plat ods-signerd: ObjectFile.cpp(122): The attribute
does not exist: 0x0002
Sep 16 12:49:38 plat kernel: ods-signerd[12271]: segfault at 20 ip
00
"Yuri Schaeffer" schreef in bericht
news:7b52287e-c6d9-7862-dcdc-3c9db8c8f...@nlnetlabs.nl...
We never had this problem with 1.4. From our /etc/opendnssec/kasp.xml:
PT15H
PT86400S
PT10800S
datecounter
The kasp.xml has not
> We never had this problem with 1.4. From our /etc/opendnssec/kasp.xml:
>
>
>PT15H
>
>PT86400S
>PT10800S
>datecounter
>
>
>
> The kasp.xml has not been touched since December 2015.
> So, there must be something else. Could
"Yuri Schaeffer" schreef in bericht
news:46da313f-2c47-92b1-8c3d-cc1af1ec6...@nlnetlabs.nl...
Hi Fred,
The log message "If this is the result of a key rollover ..." suggests
(at least to me) that it is normal that a manual intervention is needed
during a roll-over, but we are not used to it.
"Yuri Schaeffer" schreef in bericht
news:46da313f-2c47-92b1-8c3d-cc1af1ec6...@nlnetlabs.nl...
Hi Fred,
The log message "If this is the result of a key rollover ..." suggests
(at least to me) that it is normal that a manual intervention is needed
during a roll-over, but we are not used to it.
Hi Fred,
> The log message "If this is the result of a key rollover ..." suggests
> (at least to me) that it is normal that a manual intervention is needed
> during a roll-over, but we are not used to it.
> Is this a bug, or is it the intended behavior?
> Are there new options to be included in t
Recently we upgraded to ods 2.01. from 1.4.10. During key roll-overs we
never needed to update our input zones as long as we used version 1.
This night ods was still in the process of retiring the backup keys, used in
version 1.4.10, when it started a ZSK key roll-over. After that the signer
ref
12 matches
Mail list logo