Hi — Michael Grimm <[email protected]> wrote:
> I recently noticed, after trying to modify one of my zones, that some of my > zones fail zone transfers (one example): […] > All failing zones do have TLSA records in contrast to those zones transfering > well. > Thus I did remove those TLSA records for testing, and yes, now zone transfers > work without any issue. As a workaround I did switch to 'Adapter type="File"' in the <input> section of zonelist.xml for those zones. Now, those records are signed as expected. And, the signed zone is transfered to my nsd slaves without errors. Thus, I am left with understanding/debugging why xfr from my nsd hidden primary will fail for zones with TLSA records set, and why the very same zone files with commented TLSA records can by xfr-ed without any issue. Any ideas? Thanks and with kind regards, Michael _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
