Bind 9.20 inline signing - not signing whole file, only dynamic updated entries.
Benoît Panizzon
benoit.panizzon at imp.ch
Fri Apr 17 13:42:56 UTC 2026
Hi Peter
I'll crank up logging just after this email.
> The rndc commands to check the status of a signed zone are:
> rndc dnssec -status example.com
> rndc zonestatus example.com
# rndc dnssec -status 0-31.57.161.157.in-addr.arpa
dnssec-policy: default
current time: Fri Apr 17 15:36:24 2026
# rndc zonestatus 0-31.57.161.157.in-addr.arpa
name: 0-31.57.161.157.in-addr.arpa
type: primary
files: woody.ch.rev
serial: 2007126016
signed serial: 2007126016
nodes: 31
last loaded: Fri, 17 Apr 2026 09:04:20 GMT
secure: no
key maintenance: automatic
next key event: Fri, 17 Apr 2026 13:40:44 GMT
dynamic: yes
frozen: no
reconfigurable via modzone: no
I suppose secure: no is not what it should be.
key maintenance: automatic
next key event: Fri, 17 Apr 2026 13:40:44 GMT
If I am not mistaking, this is in about 1 minute. Is there a delay
until the zone is being signed? Was I not patient enough?
# date -u
Fr 17 Apr 2026 13:41:38 UTC
# rndc signing -list 0-31.57.161.157.in-addr.arpa
No signing records found
# rndc zonestatus 0-31.57.161.157.in-addr.arpa
name: 0-31.57.161.157.in-addr.arpa
type: primary
files: woody.ch.rev
serial: 2007126016
signed serial: 2007126016
nodes: 31
last loaded: Fri, 17 Apr 2026 09:04:20 GMT
secure: no
key maintenance: automatic
next key event: Fri, 17 Apr 2026 13:50:44 GMT
dynamic: yes
frozen: no
reconfigurable via modzone: no
Still no joy - cranking up logging.
--
Mit freundlichen Grüssen
-Benoît Panizzon- @ HomeOffice und normal erreichbar
--
I m p r o W a r e A G - Leiter Commerce Kunden
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Pratteln Fax +41 61 826 93 01
Schweiz Web http://www.imp.ch
______________________________________________________
More information about the bind-users
mailing list