KSK stays published 3 days after delete time
Mark Andrews
marka at isc.org
Thu May 10 22:59:00 UTC 2012
In message <CABUciRkMv4HRwvwvqe=z+=XKw9ccJHNtzPMy6SfA4L+tzEjWvQ at mail.gmail.com>
, Alexander Gurvitz writes:
> On Thu, May 10, 2012 at 11:04 PM, Axel Rau <Axel.Rau at chaos1.de> wrote:
> >
> >> Did you delete it manually (at 2012-05-07T14:55:02.569706) ?
> > Yes; i.e. my script.
> >> If so, maybe it's still in the zone because BIND doesn't know the timing
> >> metadata anymore ?
> > I thought that would be in the journal or internal repository of named.
>
> I guess there's no such "internal repository". I guess bind meant to
> look at the metadata from the key file, and now as it haven't the
> file, it knows no timing data. It's not going to delete keys just
> because the file is missing, because the key file can be purposely
> missing if someone chooses to store keys offline. Though It's all my
> guesses.
That's about it. Named only keeps the next event time internally.
To fix this restore the K* files. Named should then detect and
process them when it does its next scan for new keys..
> Alex
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list