Inline Signing does not update SOA?
Bischof, Ralph F. (MSFC-IS40)[NICS]
ralph.bischof at nasa.gov
Tue May 8 13:09:35 UTC 2012
> -----Original Message-----
> From: Mark Andrews [mailto:marka at isc.org]
> Sent: Monday, May 07, 2012 4:54 PM
> To: Bischof, Ralph F. (MSFC-IS40)[NICS]
> Cc: bind-users at lists.isc.org
> Subject: Re: Inline Signing does not update SOA?
> In message
> <A605629600C9A347B5881FFE16F101FB3D82823520 at NDMSSCC07.ndc.nasa.g
> ov>, "Bischof, Ralph F. (MSFC-IS40) [NICS]" writes:
> > Hi,
> > I am testing with BIND 9.9.0 and inline signing. I have run upon
> > something that I cannot figure out. W hen I update the SOA record of
> > the master zone file, if I reload the zone with "rndc reload", the SOA
> > record is updated. If I perform a stop/start of the named executable,
> > the SOA change is not updated. I can even se e in the log file where
> > the unsigned zone's serial number is incremented, yet the signed
> > version does not ch ange. Below you can see where I started named,
> stopped named, made a change in the SOA and incremented the s erial
> number, then started named. After that, I incremented the serial number
> once more then performed an "r ndc reload".
> If you only changed the SOA serial then this is expected behaviour.
> The unsigned zone's serial is less than the signed zone's serial.
> Named works out what has changed in the unsigned zone apart from the
> serial and applies that to the signed zone. That said I can see a bug where
> changes only to the SOA other than the serial will be ignored.
I did not explain myself well. I am making changes to other parameters in the SOA besides the serial number (MNAME, Email, Retry TTL, etc). It does appear as if the changes are being ignored.
Per guidance of Evan Hunt, opened Bug #29271.
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
Ralph F. Bischof, Jr.
NASA Agency IPAM/DNS/DHCP
More information about the bind-users