moving DNSSEC to a hidden master
Alan Clegg
alan at clegg.com
Sat Oct 12 17:59:33 UTC 2013
On Oct 11, 2013, at 10:54 PM, David Newman <dnewman at networktest.com> wrote:
> 4. "Check that the new server is working and you can update
> the zone by using nsupdate."
>
> This is where things fall apart. I run 'rndc freeze' and increment the
> zone file's serial number (or make any other change), and then run 'rndc
> thaw' and 'rndc reload'.
>
> There's no change in serial number, and there's no error reported in the
> logs.
>
> What am I missing?
What log messages are you getting from named? What is the "zone" entry in your named.conf that relates to the zone in question?
I would strongly recommend forgetting all about "freeze the zone and edit" as a method of updating... move completely to dynamic zones if at all possible.
AlanC
--
Alan Clegg | +1-919-355-8851 | alan at clegg.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20131012/b363138b/attachment.bin>
More information about the bind-users
mailing list