-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Volker,
If there is no .axfr file, it cannot be moved to be the designated unsigned input file. Was the transfer successful? Did you get a <domainname>.axfr file in the unsigned directory? Does the zone_fetcher log useful information? Best regards, Matthijs On 06/24/2010 02:38 PM, Volker Janzen wrote: > Hi, > > I'm currently trying to get a setup working, where OpenDNSSEC has to use > AXFR to fetch the unsigned zone from a hidden master DNS server and should > later serve these signed zones to the authorative DNS servers. > > OpenDNSSEC should AXFR from a Bind server. When Bind loads the new zone, > it sends the AXFR to OpenDNSSEC (bind is configured with also-notify > ip/port of OpenDNSSEC). What I get in the logfile is the following > (<domainame> is the correct name of the zone): > > Jun 24 12:40:02 h1773255 ods-signerd: Received command: 'sign <domainame>' > Jun 24 12:40:02 h1773255 ods-signerd: Scheduling task to sign <domainame> > at 1277375590.64 with resign time 7200 > Jun 24 12:40:02 h1773255 ods-signerd: acquire cond > Jun 24 12:40:02 h1773255 ods-signerd: notify > Jun 24 12:40:02 h1773255 ods-signerd: release cond > Jun 24 12:40:02 h1773255 ods-signerd: Releasing lock on engine > Jun 24 12:40:02 h1773255 ods-signerd: Sending response: Zone scheduled for > immediate resign > Jun 24 12:40:02 h1773255 ods-signerd: Done handling command > Jun 24 12:40:02 h1773255 ods-signerd: Client socket shut down > Jun 24 12:40:02 h1773255 ods-signerd: worker 1 acquiring lock > Jun 24 12:40:02 h1773255 ods-signerd: worker 1 acquired lock > Jun 24 12:40:02 h1773255 ods-signerd: worker 1 released lock > Jun 24 12:40:02 h1773255 ods-signerd: Got task for worker 1 > Jun 24 12:40:02 h1773255 ods-signerd: Worker 1 run task > Jun 24 12:40:02 h1773255 ods-signerd: Zone action to perform: 4 > Jun 24 12:40:02 h1773255 ods-signerd: Fetch zone: > /var/lib/opendnssec/unsigned/<domainame>.axfr > Jun 24 12:40:02 h1773255 ods-signerd: Fetch zone: > /var/lib/opendnssec/unsigned/<domainame>.axfr > Jun 24 12:40:02 h1773255 ods-signerd: Input file missing: > /var/lib/opendnssec/unsigned/<domainame> > > I read in the docs that zonefetch stores the AXFR result as the input file > adapter plus an additional ".axfr" extension. It appears that signerd > cannot find the AXFRed file. > > So my question is: how can I fix this? > > I'm using OpenDNSSEC 1.1.0.dfsg-1 on a Debian lenny (with backports). > > > Best regards, > Volker Janzen > > > _______________________________________________ > Opendnssec-user mailing list > [email protected] > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJMJGiQAAoJEA8yVCPsQCW5tgoH/A71OgeODWoOkpZOn2OQSjw1 VRZa5dMCCE6tW/D1Mz6LXuAjxp0Q22cmgM/1SX/Ie0erSM0sltJbqsa38irFdlhx aedCSUdPuHph2cymShRR44yRyjhOsL9wxAd+jUxuEztRR0hvmk4WI77zUDeVxiLr 2vQeS9dueiiBfYxGpykRdCBk8PaNs646tnGhixs/b1hzSZXn+IZGUJxykbuleWc9 uBHGj8pRUCD4MiNQCUMyzz+aB1KYPlE0QoC2zkS1TJ72GqEsBRavH+UG1Zqcvgjg uVfHxud1eNYfPUd3uR4ks4UMHCWugR5g7y63vqPXkOilRTBqjcCZogzVJZlwC94= =Vsii -----END PGP SIGNATURE----- _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
