Catalog zone failure
Aram Sargsyan
aram at isc.org
Mon May 1 09:43:23 UTC 2023
> Interesting. I ended up just removing the TXT record but it is unclear
> why the zone entries would use that tsig labeled one instead of the
> globals since they were not referencing the tsig custom properties.
The labeled primaries have similar weight as the unlabled ones, and it's an entry validation error - named tries to generate a secondary zone configuration for the new entry based on the global configuration defined in the catalog zone's custom properties (sine there is no overriding configuration defined in the entry zone itself), and when reaching a labeled primary server in the list, which has no corresponding IP address record, the whole entry processing operation fails.
The example configuration in ARM[1] provides a valid case with both the TSIG key and an IP address, but if you think that it is unclear, then please open a Gitlab[2] issue, and we can try to improve the documentation.
> Thanks for the pointer, I'm up and running.
That's good to hear, and thanks for the update.
[1] https://bind9.readthedocs.io/en/v9.18.14/chapter6.html#catalog-zone-custom-properties
[2] https://gitlab.isc.org/
Aram
More information about the bind-users
mailing list