Using DNSSec with BIND
Mike Rostermund
mike at kollegienet.dk
Wed Oct 26 17:53:56 UTC 2011
Hi all,
I've managed to set up two new DNS servers. One as a master, and the
second as a slave.
All works perfectly using the traditionally DNS services, but I want to
get DNSSec up and running.
So far I've managed to create the key's needed for my zones, sign the
zones, load these zones into
BIND and I can query to get a correct answer if I ask for it (with all
DNSSec stuff added).
My question is now: What is the best practice for resigning the zones?
I dont want to manually sign the zones each time they run out.
So what is 'usual' way to make this happen? There must be some sort of
nice way, so I dont have to
create some nasty homebrew shellscript and add such as a cronjob.
Best regards
Mike Rostermund
More information about the bind-users
mailing list