Hi,
Disabling inline-signing is a good workaround. The issue is that BIND
with inline-signing maintains a signed file separately and needs to bump
the SOA SERIAL.
The serial queried is for the DNSSEC signed zone, but the dynamic update
is done against the unsigned version of the zone. Hence
Am 08.07.2023 um 08:48 schrieb Matthias Fechner:
If I try now to update some records remotely on the server I see in
the log of the server:
==> /var/named/var/log/named.log <==
08-Jul-2023 07:40:22.962 update-security: info: client @0x848ac0760
93.182.104.69#18475/key
Am 05.07.2023 um 13:13 schrieb Matthias Fechner:
So far, nsdiff generates expected output, next step is now to apply
the changes in an automated way.
If I try now to update some records remotely on the server I see in the
log of the server:
==> /var/named/var/log/named.log <==
08-Jul-2023
3 matches
Mail list logo