On 08.08.2013 14:46, Havard Eidnes wrote:
It seems to me that when you configure OpenDNSSEC to use DNS to fetch an unsigned zone and provide a signed zone, it behaves differently from a proper DNS server in one important aspect, namely that it does not appear to do periodic SOA queries towards the provider of the unsigned zone, and it does not appear to answer SOA queries itself, but rather appears to depend singularly on notify messages to trigger zone transfers and re-signing operations.
AFAIK this is also with ODS 1.3 which supports incoming AXFR only. As workaround we have a cron job with "rndc notify ..." on the Bind server to send NOTIFYs every 5 minutes to ODS.
regards Klaus _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
