On Oct 13, 2013, at 9:03 PM, David Newman <dnew...@networktest.com> wrote:
> >>> This is where things fall apart. I run 'rndc freeze' and > >>> increment the zone file's serial number (or make any other > >>> change), and then run 'rndc thaw' and 'rndc reload'. So, I'm going to jump back a bit here.... If the configuration that you posted is what is actually running, you should get the following when you try to "rndc freeze": root@server00:/etc/namedb# rndc freeze example.com rndc: 'freeze' failed: not dynamic root@server00:/etc/namedb# With the associated logging: 14-Oct-2013 17:36:00.310 received control channel command 'freeze example.com' You have views... is the definition of the internal one different from the external one (which you posted)? So, I re-created your zone with the following zone entry: zone "example.com" in { type master; file "master/example.com"; allow-query { any; }; allow-transfer { any; }; notify yes; key-directory "keys/"; inline-signing yes; auto-dnssec maintain; }; This zone isn't dynamic based on what you have posted. It also works fine when I make changes (no "freeze"/"thaw" needed): == Commands typed == root@server00:/etc/namedb# ls bind.keys keys master named.conf rndc.key root@server00:/etc/namedb# cd master root@server00:/etc/namedb/master# ls example.com example.com.jbk example.com.signed example.com.signed.jnl root@server00:/etc/namedb/master# vi example.com root@server00:/etc/namedb/master# rndc reload example.com zone reload queued root@server00:/etc/namedb/master# == Logging produced == 14-Oct-2013 17:39:26.565 received control channel command 'reload example.com' 14-Oct-2013 17:39:26.571 zone example.com/IN (unsigned): loaded serial 2 14-Oct-2013 17:39:26.571 zone example.com/IN (signed): serial 4 (unsigned 2) And for those of you that have taken the DNS and BIND class, yes, I'm really using the very same lab environment that you used in class to test things... it works! AlanC -- Alan Clegg | +1-919-355-8851 | a...@clegg.com
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users