[Opendnssec-user] Resigning period issue

刘硕 Tue, 03 Jul 2012 18:34:25 -0700

Hi Matthijs,
I have a zone with "lab" policy in kasp.xml, and its default Resign period is 
"PT10M", but I find the log shows the signing is not continuous,bellow is a 
brief of the log:
$ cat /var/log/messages | grep "STATS" 
Jul  4 05:13:05 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=3 reused=2 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 05:33:05 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=3 reused=2 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 05:33:05 CST-BJ-104 ods-signerd: [STATS] example RR[count=1 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)]


Jul  4 05:43:05 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 06:03:05 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 06:13:05 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=3 reused=2 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 06:23:05 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 06:33:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=1 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 06:43:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=3 reused=2 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 07:03:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 07:13:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=3 reused=2 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 07:23:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 07:33:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 07:33:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=1 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=1 reused=4 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 07:53:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=3 reused=2 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 08:03:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 08:13:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 08:23:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=3 reused=2 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 08:33:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 08:43:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 08:53:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 09:03:06 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 09:09:58 CST-BJ-104 ods-signerd: [STATS] example RR[count=1 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=3 reused=2 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)] 
Jul  4 09:19:58 CST-BJ-104 ods-signerd: [STATS] example RR[count=0 time=0(sec)] 
NSEC[count=0 time=0(sec)] RRSIG[new=2 reused=3 time=0(sec) avg=0(sig/sec)] 
TOTAL[time=0(sec)]  

As can be seen from above, at some time signing process doesn't work ,such as 
05:23:05,05:53:05,etc.And at 05:33:05, there are even two signing record!
I don't know what's the problem, if the automatic resigning doesn't do its work 
as expected, I would like to add the ods-signer command in crontab,but I don't 
think it's a good idea, because there would be an situation that both the 
crontab and the opendnssec's signerd sign the zone file. Any ideas?

Thank you all!

Best regards,
  Stuart



Stuart Lau

_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user

[Opendnssec-user] Resigning period issue

Reply via email to