Hello, Hidden master (NSD 4.1.0), signer (OpenDNSSEC 1.4.6 using DNS adapters), and public DNS (NSD 4.1.0), all under FreeBSD 10.0-STABLE.
I'm planning to update the whole setup to the latest NSD 4.1.16, OpenDNSSEC 1.4.14, FreeBSD 11, therefore I cloned all servers and performed an update in the lab. Everything is working fine except that it seems that I lost automatic zone updates performed by OpenDNSSEC. In 1.4.6, there was one update per day, per zone. In 1.4.14 I don't see any updates for three days already. My kasp.conf remained unchanged: <Zone> <PropagationDelay>PT43200S</PropagationDelay> <SOA> <TTL>PT3600S</TTL> <Minimum>PT3600S</Minimum> <Serial>datecounter</Serial> </SOA> </Zone> - if I manually bump the serial on hidden master, and reload the zone, it's instantly reflected on the public DNS; - automatic ZSK roll-over triggers SOA increment as well; - shutting down OpenDNSSEC, clearing of /var/opendnssec/tmp/, and starting OpenDNSSEC triggers updates too. I see constant communication between the hidden master and the signer: [2017-07-03 12:34:45.090] nsd[6547]: info: axfr for mydomain.org. from 192.168.60.203 Jul 3 12:34:45 SRV-SIGNER-CLONE ods-signerd: [xfrd] zone mydomain.org request axfr to 192.168.60.202 Jul 3 12:34:45 SRV-SIGNER-CLONE ods-signerd: [xfrd] zone mydomain.org got update indicating current serial 2017033002 from 192.168.60.202 But no updates between the signer and the public DNS. Thank you in advance. _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
