Freeze/thaw and signed zone files
@lbutlr
kremels at kreme.com
Fri Feb 22 19:02:44 UTC 2019
On 22 Feb 2019, at 09:54, Tony Finch <dot at dotat.at> wrote:
> You might want a config like
>
> zone "example.com" {
> type master;
> file "master/example.com”;
Not example.com.signed?
> update-policy local;
> auto-dnssec maintain;
> inline-signing yes;
> };
>
> Alternatively, with your current config you can update the zone using
> https://dotat.at/prog/nsdiff/ like this:
>
> nsdiff example.com master/example.com | nsupdate -l
Where the second one of those is my example.com.signed file?
Is nsdiff a separate package? It’s not on my FereeBSD 11.2 system with Bind 9.12
--
Well boys, we got three engines out, we got more holes in us than a
horse trader's mule, the radio is gone and we're leaking fuel and if we
was flying any lower why we'd need sleigh bells on this thing... but we
got one little budge on those Roosskies. At this height why they might
harpoon us but they dang sure ain't gonna spot us on no radar screen!
More information about the bind-users
mailing list