automatic resigning in 9.6.x
R Dicaire
kritek at gmail.com
Sat Mar 7 04:24:02 UTC 2009
Hi folks, searched the docs, and list archives and have found only one
reference in the archive regarding implementing the automated
resigning of zones. From a listmail response by Mark Andrews dated Tue
Oct 14 23:39:45 UTC 2008 in response to Subject: Gritty details of
automatic resigining in 9.6? by Chris Thompson, in which Mark states:
Re-signing applies to secure dynamic zones. Named updates
the serial and generates ixfr's just like it would for a
UPDATE request. Think of it as a internally generated
UPDATE request to replace signatures that are scheduled to
re-generated. That generation is done when 1/4 of the
signature validity interval remains though it is tunable.
What is a "dynamic zone" in this context?
I assume the "secure" means the zone file has been signed at least once?
Does the named user also need write access to the zone files to
accomplish the resigning?
More information about the bind-users
mailing list