Different signed serial numbers
Alessandro Vesely
vesely at tana.it
Thu Sep 25 10:36:29 UTC 2025
On Thu 25/Sep/2025 02:34:01 +0200 Mark Andrews wrote:
>> On 24 Sep 2025, at 19:36, Alessandro Vesely <vesely at tana.it> wrote:
>>
>> [...] I assume signed serials have definitely disqualified this synchronization checking technique. Are there any alternatives?
>
> Using inline-signing is a *choice*. Named will happily sign a zone without using it. It is
> there for those that want to continue to use a text editor for updating the zone content. One
> can choose not to use it and to use rndc freeze/thaw when updating the zone file (not recommended)
> or to use nsupdate to update the zone content (recommended). Yes, you have to learn how to use a
> new tool. It’s not particularly hard.
Using nsupdate I'd loose the inordinate amount of comments I maintain in the
zone files. I edit them so infrequently that I need notes to recall the
reasons and the pitfalls of those settings.
Best
Ale
--
More information about the bind-users
mailing list