Re: Freeze/thaw and signed zone files

2019-02-22 Thread @lbutlr
On 22 Feb 2019, at 12:12, Tony Finch wrote: > Get it from the link above, if you want :-) Doh! OK, got it, installed it, changed the path to perl, and that’s pretty slick. -- "I don't think the kind of friends I'd have would care.” ___ Please visit

Re: Freeze/thaw and signed zone files

2019-02-22 Thread @lbutlr
I did try manually updating vi nsupdate -l > zone example.com > update add example.com. 86400 IN SOA ns1.example.net. admin.example.com. > 2019022200 3600 300 1209600 3600 > update add konamicode.example.com. 86400 IN CNAME www.example.com. > send ; Communication with ::1#53 failed:

Re: Freeze/thaw and signed zone files

2019-02-22 Thread Tony Finch
@lbutlr via bind-users wrote: > On 22 Feb 2019, at 09:54, Tony Finch wrote: > > You might want a config like > > > > zone "example.com" { > > type master; > > file "master/example.com”; > > Not example.com.signed? No, in inline-signing mode the zone you interact with

Re: Freeze/thaw and signed zone files

2019-02-22 Thread @lbutlr via bind-users
On 22 Feb 2019, at 09:54, Tony Finch wrote: > You might want a config like > > zone "example.com" { > type master; > file "master/example.com”; Not example.com.signed? > update-policy local; > auto-dnssec maintain; >

Re: Freeze/thaw and signed zone files

2019-02-22 Thread Tony Finch
@lbutlr wrote: > > Nope, now the .signed file isn’t touched at all after the zone file is edited. > > zone "example.com" { > type master; > file "master/example.com.signed"; > update-policy local; > auto-dnssec maintain; > }; It sounds to me like you are expecting it to

Re: Freeze/thaw and signed zone files

2019-02-22 Thread Tony Finch
Grant Taylor via bind-users wrote: > > I'm sorry. I gave you the wrong command. You want "sync", not "flush". You don't need to sync as well as freeze: `rndc freeze` also syncs the zone. Tony. -- f.anthony.n.finchhttp://dotat.at/ Faeroes, Southeast Iceland: Southerly, veering

Re: Freeze/thaw and signed zone files

2019-02-22 Thread @lbutlr via bind-users
On 21 Feb 2019, at 20:43, Grant Taylor via bind-users wrote: > > On 2/21/19 6:28 PM, @lbutlr wrote: >> rndc reload did not recreate (or at least update the time stamp) on the >> .signed file. > > Hum. Maybe it's something different about how you're doing DNSSEC than I am. > > I have BIND

Re: Combining forward with master zone.

2019-02-22 Thread King, Harold Clyde (Hal)
Thank you all for your help with this. -- Hal On 2/21/19, 4:04 AM, "bind-users on behalf of Matus UHLAR - fantomas" wrote: >On Wed, Feb 20, 2019 at 3:40 PM King, Harold Clyde (Hal) >wrote: >> Could I just define needs.example.com as a zone in a separate file so: >> >>

Bind Installation on Windows server

2019-02-22 Thread Martin Akamphuber
Dear bind users In the moment I have a bind 9.7 installed on Windows Server 2003 and its working perfect for years. Now my Problem: I tried to install a new bind server on Windows 2012 r2 and Windows 2016 servers I tried to install the new 9.11 version and the installation said no digital