DNSSEC and upgrading/restoring
Alan Clegg
alan at clegg.com
Tue Jan 28 11:49:28 UTC 2014
On Jan 27, 2014, at 7:32 PM, David Newman <dnewman at networktest.com> wrote:
> Asking again, in a different and more generic form: When rebuilding a
> bind 9.9.4 server running DNSSEC with auto maintain, are there any steps
> I need to take beyond just backing up /var/named/etc/namedb (this is on
> FreeBSD) and restoring?
>
> This server is authoritative and primary, and has slaves for multiple
> domains.
>
> I'm concerned about keeping keys, serial numbers, and any other dynamic
> info in sync.
Should be problem what-so-ever.
Just stop the old server, do the backup, restore it where your new system expects it then start the new one. A brief outage of your master should be no issue is your slaves are working correctly.
Do make sure that the new version is built with the same options as the old one if you are replicating the file system locations of the data. 8-)
AlanC
--
Alan Clegg | +1-919-355-8851 | alan at clegg.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140128/7f405453/attachment.bin>
More information about the bind-users
mailing list