NSD 2.1.2, secondary, signed zones
Wesley Griffin
wgriffin at sparta.com
Fri Oct 15 20:31:37 UTC 2004
So I'm trying to do something that's probably highly experimental and
possibly unsupported by the combination of NSD and named-xfer. But I'm
going to ask here anyway, as the archives don't show anything relevant.
I've got NSD 2.1.2 on FreeBSD 4.10. Compiled with --enable-dnssec and
pointing at the BIND 8.4.5 named-xfer program. I also have a signed zone
(netsec.tislabs.com.) that's signed. I'm trying to get NSD to secondary
the netsec zone.
I'm getting errors when I run nsdc update. zonec is complaining about
unterminated parenthesis and unrecognized RR types. You can see the
error output here:
<http://www.netsec.tislabs.com/conf/buddy/nsdc_update.out>.
named-xfer _is_ axfer-ing the zone. It doesn't, obviously, understand
the new DNSSEC RR types, so it is storing the zone with the RRs in
unknown RR format. You can see the file that named-xfer writes here:
<http://www.netsec.tislabs.com/conf/buddy/netsec.tislabs.com>.
Is NSD just not parsing the zone properly? Is named-xfer doing some
wrong? Am I trying to be too cutting-edge? :)
--
Wesley Griffin <wgriffin at sparta.com>
More information about the nsd-users
mailing list