Bind 9.9.0b2 inline signing...
kmcconville at albany.edu
Tue Nov 22 18:32:43 UTC 2011
Jan-Piet you get the Gold Star!!! You totally got it right!
If I specify a "rndc reload", the journal files never get updated and Bind loads the outdated signed file. However, if I specify an "rndc reload ualbanytest.org" - the changes get picked up and a journal file is created for the unsigned zone as well.
-rw-rw-r-- 1 named root 1096 Nov 22 13:06 ualbanytest.org
-rw------- 1 named named 772 Nov 22 13:08 ualbanytest.org.jnl
-rw------- 1 named named 10523 Nov 22 13:16 ualbanytest.org.signed
-rw------- 1 named named 14727 Nov 22 13:08 ualbanytest.org.signed.jnl
Now, I'm guessing (hoping) that for the production release of 9.9, we can go back to using "rndc reload" without having to specify each individual zone? Currently in production we just use the "rndc reload" without specifying the zone name. Or is having to specify the zone going to be the new normal?
University at Albany
From: Jan-Piet Mens [mailto:jpmens at gmail.com] On Behalf Of Jan-Piet Mens
Sent: Tuesday, November 22, 2011 1:02 PM
To: McConville, Kevin
Cc: bind-users at lists.isc.org
Subject: Re: Bind 9.9.0b2 inline signing...
> 22-Nov-2011 11:25:28.320 general: notice: all zones loaded
> 22-Nov-2011 11:25:28.320 general: notice: running
This looks to me as though you've cycled the server, which isn't currently allowed. Evan pointed out recently here that it can actually corrupt the zone...
My experience is that, after changing the zone, I have to reload with the zone name explicitly given:
rndc reload zonename
What I'd do is remove journal and the signed version and start over. :)
More information about the bind-users