> Hi, > > After reinitialising the inline-signing process (for example by > removing the journal files or redeploying the master server) the > freshly signed zone's serial number will usually be behind the > authoritative version on the slaves causing transfers to fail > possibly leading to expired signatures, zone expiry, etc.
If you redeploy the master server, couldn't you just copy the journal files over from the old server? And, the rest of the time, never remove journal files. > Currently, bumping the serial number of the unsigned zones to exceed > that of the slaves is required, however it would be /convenient/ to > have a one-shot method (perhaps via rndc) for specifying the signed > zone serial number such that this doesn't require edits to the > unsigned zone files. > > This is especially useful in bootstrapping scenarios where the zone > data is held under strict revision control or generated by some > provisioning system that "owns" the serial number. > > Am I on my own with this or would others find this useful? > > > Thanks, > > Terry Tom Schulz Applied Dynamics Intl. sch...@adi.com _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users