OT: Bind 9.9.0B1 Inline-Signing Question
Jan-Piet Mens
jpmens.dns at gmail.com
Fri Nov 11 11:42:28 UTC 2011
> So the error being logged isn't really an error, it just looks like
> one; we should probably see about silencing it.
The error is indeed confusing, maybe it should say "not yet signed" ?
11-Nov-2011 12:32:35.838 zone inline.aa/IN/internal (unsigned): loaded serial 2
11-Nov-2011 12:32:35.838 zone inline.aa/IN/internal (signed): not loaded due to errors.
> When you modify your static zone file and run 'rndc reload', named
> will detect the changes that you've made via the same mechanism as
> ixfr-from-differences, generate signatures for the new records, and
> add those to the signed version of the zone automatically.
Almost. rndc reload behaviour has appaently changed. What actually
happens on my copy of BIND 9.9.0b1 is:
$ rndc reload
rndc: 'reload' failed: up to date
$ echo $?
1
named (running with -g) shows:
11-Nov-2011 12:36:08.377 zone inline.aa/IN/internal (signed): (master) removed
11-Nov-2011 12:36:08.378 reloading configuration succeeded
11-Nov-2011 12:36:08.378 reloading zones failed: up to date
(The message "(master) removed" may cause the odd heart attack... :-)
$ rndc reload inline.aa
zone reload successful
$ echo $?
0
Named then prints:
11-Nov-2011 12:38:16.911 received control channel command 'reload inline.aa'
11-Nov-2011 12:38:16.912 zone inline.aa/IN/internal (unsigned): loaded serial 3
11-Nov-2011 12:38:16.912 zone inline.aa/IN/internal (signed): loaded serial 5 (DNSSEC signed)
11-Nov-2011 12:38:16.912 zone inline.aa/IN/internal (signed): reconfiguring zone keys
11-Nov-2011 12:38:16.913 zone inline.aa/IN/internal (signed): next key event: 11-Nov-2011 13:38:16.913
A second (futile) reload:
$ rndc reload inline.aa
zone reload up-to-date
$ echo $?
0
Regards,
-JP
More information about the bind-users
mailing list