Hi all,
I'm planning to setup a salve opendnssec server to backup the configuration
files and .db files of the master, this will help when the master meets
disastrous incident, like power-off.
The method I have figured is as follows:
1.scp master's configuration files and .db files to slave at a fixed-rate which
would be less than the resign period configured in kasp.xml
2.slave detects master's service status, when the master is down, slave will
become master and starts all opendnssec processes, we assume the current master
has the same configuration files and .db files.
3.start the former master and configure it as slave to detect the new master
What I'm not sure is that, there may be a time when the master is down before
it scps the latest configuration files and .db files, especially the .db files.
How can I make sure the two server share the same keys? Can RequireBackup
attribute guarantee this? If so, I have to develop a script to monitor newly
created but not in use keys,right?
Best regards,
Stuart
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
