Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.protocols.dns.bind > #57
| Path | csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!aioe.org!news.glorb.com!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Torinthiel <torinthiel@data.pl> |
| Newsgroups | comp.protocols.dns.bind |
| Subject | Re: Resign a zone |
| Date | Tue, 08 Nov 2011 10:44:41 +0100 |
| Lines | 23 |
| Approved | bind-users@lists.isc.org |
| Message-ID | <mailman.17.1320745508.68562.bind-users@lists.isc.org> (permalink) |
| References | <CANYqYkPEkKmZ9oknPLqcyX1dBsVJd2w0UKgBjTM0WFEEag8F0Q@mail.gmail.com> |
| NNTP-Posting-Host | lists.isc.org |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=UTF-8; format=flowed |
| Content-Transfer-Encoding | 7bit |
| X-Trace | usenet.stanford.edu 1320745508 2862 149.20.64.75 (8 Nov 2011 09:45:08 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| To | bind-users <bind-users@isc.org> |
| Return-Path | <torinthiel@data.pl> |
| X-Original-To | bind-users@lists.isc.org |
| Delivered-To | bind-users@lists.isc.org |
| User-Agent | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.2.15) Gecko/20110303 Lightning/1.0b2 Thunderbird/3.1.9 |
| In-Reply-To | <CANYqYkPEkKmZ9oknPLqcyX1dBsVJd2w0UKgBjTM0WFEEag8F0Q@mail.gmail.com> |
| X-Spam-Status | No, score=-1.9 required=5.0 tests=AWL,BAYES_00, T_RP_MATCHES_RCVD autolearn=ham version=3.3.1 |
| X-Spam-Checker-Version | SpamAssassin 3.3.1 (2010-03-16) on mx.ams1.isc.org |
| X-BeenThere | bind-users@lists.isc.org |
| X-Mailman-Version | 2.1.14 |
| Precedence | list |
| List-Id | BIND Users Mailing List <bind-users.lists.isc.org> |
| List-Unsubscribe | <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe> |
| List-Archive | <https://lists.isc.org/pipermail/bind-users> |
| List-Post | <mailto:bind-users@lists.isc.org> |
| List-Help | <mailto:bind-users-request@lists.isc.org?subject=help> |
| List-Subscribe | <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe> |
| Xref | x330-a1.tempe.blueboxinc.net comp.protocols.dns.bind:57 |
Show key headers only | View raw
On 2011-11-08 10:34, rams wrote: > Hi , > I have signed zone and already i have resigned two times. Now again i > am resigning zone but after resign zone , RRSIG values are not changed. > the same old values displaying. Any wrong in me. Could you please guide > me how to change RRSIG values. There could be several issues with this, please give some more info. How are you signing your zone? dnssec-signzone? automatically using bind? Some other software? If you're using dnssec-signzone and pass it old signed zone data it regenerates signatures only if signature end time falls within a period defaulting to 1/4 signature valitity time (so with default signature period it's 7.5 days). If you re-sign your zone say 10 days in advance, it won't change old signatures. You can change it with -i. Other software probably behaves similarly. Also, if you're signing your zone off-line and upload it to bind, did you remember to change SOA and reload master? Regards, Torinthiel
Back to comp.protocols.dns.bind | Previous | Next | Find similar
Re: Resign a zone Torinthiel <torinthiel@data.pl> - 2011-11-08 10:44 +0100
csiph-web