rndc: 'sign' failed: permission denied

I've configured bind-9.7.1 with DNSSec and stored the keys online, to allow dynamic updates via nsupdate. Here are the relevant bits from my named.conf: options { ... dnssec-enable yes; directory "/var/named/db"; key-directory "/var/named/keys"; ... }; key

Re: Shortcut the lookup algorithm *other* than via 'forward' ?

, Mar 02, 2010 at 12:36:49PM +1100, Mark Andrews wrote: > > In message <20100302003617.ga27...@foober.net.cmu.edu>, "L. Gabriel Somlo" > writ > es: > > Kevin, > > > > > For redundancy, you might want to consider slaving ".local" and >

Re: Shortcut the lookup algorithm *other* than via 'forward' ?

Kevin, > For redundancy, you might want to consider slaving ".local" and > "example.com" on the remote servers. Note that you don't need to Thanks for the reply ! I am slaving and/or stubbing some of our zones in some instances, and redundancy is not what I was concerned about. I am simply loo

Shortcut the lookup algorithm *other* than via 'forward' ?

Hi, I am looking for a way to start the DNS lookup algorithm somewhere further down the tree, instead of at the root, but only for a small specified set of domains. I have a relatively large/complex DNS installation, where we run our own .LOCAL TLD mapped to RFC1918 IP space. Various departments