DNSSEC

Joseph S D Yao jsdy at cospo.osis.gov
Fri Dec 10 18:11:16 UTC 1999 

On Tue, Dec 07, 1999 at 12:42:15AM -0700, Robert E. Lee wrote:
> While signing my zone file:
> 
> bash-2.03# dnssigner -zi named.foo -zo named.foo.signed -st -k1 foo.com \
> dsa 52965 -ps -no-p1
> 
> ERROR Parsing error: named.foo[    1-    6] : Expecting miniumum ttl - end \
> of line
> 
> bash-2.03# cat named.foo
> @       IN SOA miami. (
>                                 1129199902      ; Serial
>                                 10800           ; Refresh after 3 hours
>                                 3600            ; Retry after 1 hour
>                                 604800          ; Expire after 1 week
>                                 3600 )          ; Minimum TTL of 1 hour
> 
> (That has the information from the file).  I've also tried a ttl of 1 day.
> There is information below .. but the line following the ttl line is
> blank. 
> 
> Any thoughts?
> 
> Robert E. Lee
> Sun Enterprise Certified Engineer
> Technical Consultant, Integratus Inc.

In another version of this, of the three that you posted, you changed
"@" to "miami.foo.com."  This was unnecessary, but it did show that you
intended this file to refer to that domain, and contain such hosts as
"ns.miami.foo.com", "www.miami.foo.com", "mail.miami.foo.com", etc.

Where you have "miami." in this version, you should have the name of the
system that is the master name server: e.g., "ns.miami.foo.com."  This
should then be followed by a VALID e-mail address for the hostmaster of
this domain.  Something like "hostmaster.miami.foo.com." or 
"rel.integratus.com."

This will probably fix your problem, but two more things:
	With BIND 8.2ff, the last number is no longer the "minimum" TTL.
	It is the negative caching time.  You might want it to be
	something a bit longer than an hour.
	Also, the minimum caching time is no longer a part of the SOA
	resource record.  Instead, you can specify a default at the
	beginning of the file that will become part of each resource
	record that needs it, by saying [something like]:

$TTL		86400

-- 
Joe Yao				jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

More information about the bind-users mailing list