hooks in bind's DNSSEC automation to trigger external scripting of DS RECORDS updates, when CDS/CDNSKEY polling is (still) not available?
matthijs at isc.org
Thu Jun 17 10:09:56 UTC 2021
On 16-06-2021 17:04, PGNet Dev wrote:
> @jpmens was kind enough to share the original basis for the simple perl
> He also mentioned
> Logging of CDS/CDNSKEY generation for workflow
> which requests:
> Would it be possible to log CDS/CDNSKEY generation in such a way as
> that a "simple" workflow can be implemented in order to create tooling
> which reacts on the log and performs a dynamic update on a parent zone.
> Whenever a CDS/CDNSKEY is published in a child zone, BIND could
> create a log record indicating for which zone this has occurred.
> and appears to have been implemented (?), but not committed/released.
This logging was added in 9.16.7
More information about the bind-users