Primary zone not fully maintained by BIND
Tony Finch
fanf at isc.org
Mon May 23 13:48:24 UTC 2022
Sandro <lists at penguinpee.nl> wrote:
>
> I was notified this morning by my registrar, that validation of my zone
> records failed. Upon inspection, it turned out that only the SOA record was
> still up to date. A AAAA and MX al returned RRSIG expired.
Yuck, that's painful.
> Since I want to avoid this happening again, I would like to understand what
> went wrong.
The place I would look first is the log messages from `named`: is it
complaining about anything?
One of the things I have to take care with (because I have got it wrong
several times!) is filesystem permissions: can `named` read the .private
keys? can it read and write to the zone files? can it read and write to
the directories containing the keys and the zone files?
--
Tony Finch <fanf at isc.org> (he/they) Cambridge, England
Rattray Head to Berwick upon Tweed: Variable, mainly south, 2 to 4,
becoming northwest 4 or 5, occasionally 6 later. Slight, occasionally
smooth in south, becoming slight or moderate later in north. Showers,
perhaps thundery at first. Good, occasionally poor at first.
More information about the bind-users
mailing list