DNSKEY and RRSIG DNSKEY TTL values aren't changed after changing of zone's TTL
Александр Остапенко
aleks.ostapenko.post at gmail.com
Mon Aug 15 08:06:57 UTC 2016
Hello.
I'm using BIND 9.9.5.
My steps:
1. Sign zone using one 1 ZSK and 2 KSK: a) adding "*auto-dnssec
maintain;*" and "*inline-signing yes;*" directive into zone section of
named.conf; b) setting publication and activation timestamps to current
time in key files; c) *rndc reload*.
2. Change TTL value in the zone file ($TTL 86400 ==> $TTL 432000).
3. Increase serial number in SOA record by 1.
4. *rndc reload*.
After that - DNSKEY and RRSIG DNSKEY records still have 86400 value in TTL
(checked via *dig*).
What could be the reason for such behavior?
Kind regards,
Aleks Ostapenko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160815/7acae70d/attachment.html>
More information about the bind-users
mailing list