> NOTE: At this point zone in /unsigned gets signed and move to /tmp and > /signconf files are also generated. The zone is signed in /signed but still > unable to fill +dnssec queries.
My guess is that BIND does not know where the signed zone is. You just added allow-transfer in BIND-config. I suspect that you expect OpenDNSSEC to transfer the zone to BIND using AXFR. In fact, OpenDNSSEC will write the zone to file and tell the name server to reload it. OpenDNSSEC 1.4.0 will have outbound AXFR. For now, you have to edit BIND config to point to the signed zone file. // Rickard _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
