OT: Bind 9.9.0B1 Inline-Signing Question
Evan Hunt
each at isc.org
Sat Nov 19 00:47:05 UTC 2011
On Fri, Nov 18, 2011 at 11:57:51PM +0000, Spain, Dr. Jeffry A. wrote:
> I'd like to ask for clarification on the operational issue stated below.
> Suppose there are no current changes to an inline-signed master zone,
> i.e. myzone.db.signed timestamp is later than myzone.db timestamp. In
> this circumstance, is it safe to stop and restart the bind service or
> reboot the system?
>
> What about the situation where changes made by nsupdate have been
> recorded in the journal files but have not yet been written to the zone
> files? In other words, myzone.db.jnl timestamp is later than myzone.db
> timestamp, and myzone.db.signed.jnl timestamp is later than
> myzone.db.signed timestamp, and myzone.db.signed.jnl timestamp is later
> than myzone.db.jnl timestamp.
Both of these should be fine. The only thing you need to worry about is if
changes to a zone are loaded for the first time in a newly-started server:
i.e., you've updated the zone and then shut down the server, or shut down
the server and then updated the zone.
We expect to have this addressed by the time 9.9.0 is final.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list