Hi All, We are doing automatic testing with opendnssec-1.4.0rc2 using INBOUND Adapter and OUTBOUND Adapter both configured DNS and two BINDs used as the inbound source and outbound source respectively.
We use a shell script to add 100 domains to the inbound BIND every 10 minutes and each with 2 DS RRs, 1 NS RR and 1 A RR. At first, it works great and the signing process is smooth, too. But after a day's testing, we have observed that after a time signerd failed to sign the incoming RRs (or even failed to receive them) and the check script got NXDOMAIN from the outbound BIND, let alone the RRSIGs. We tried to restart opendnssec proceses to check where the problem was and found that after restarting, all the missing RRs are received by opendnssec and signed successfully via AXFR, now we can get NOERROR from the outbound BIND. We have got two logs from opendnssec for you to troubleshoot. We did the same nsupdate processes (one domain with 2 DS RRs, 1 NS RR and 1 A RR) to the inboud BIND before and after restarting opendnssec and get failed suffixed and restart suffixed logs. I hope that will help, thank you. Best regards, Stuart
opendnssec.restarted.log
Description: Binary data
opendnssec.failed.log
Description: Binary data
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
