[Opendnssec-user] RE: Build problem with Beta 2 version of OpenDNSSEC

Alexd at nominet.org.uk Alexd at nominet.org.uk
Thu Oct 22 06:53:46 UTC 2009


HI Paul - 

Thanks for the files, and sorry for the slow response.

> The zones file(s) are in the unsigned folder within the tarball that
> I resent to you yesterday. I?m resending the tarball and including 
> the contents of the two zone files below:

Both of these files now run on my system with only one problem (see 
below). I also had to rename the second zone to example.com, as it didn't 
seem to match the test-zone.nl name.

Currently, the second zone is not correctly signed by the signer (I think 
there is an issue with spaces after the $ORIGIN statement). This can be 
resolved by removing the spaces (i.e. $ORIGIN example.com;<comments>).

I haven't had a chance to look at the other config files you sent. If you 
are still having problems with trunk (and the $ORIGIN change above), then 
please let me know. Hopefully the $ORIGIN bug will be fixed soon.

Thanks,


Alex.

> 
> example-zone.com:
> @ IN SOA  dev-ng-core4 dnsuser ( 4 10800 3600 604800 86400 )
>   IN NS   dev-ng-core4
> localhost      A     127.0.0.1
> ajax           A     192.168.5.24
>                MX    10 ajax
> odysseus       A     192.168.5.23
>                MX    10 odysseus
> achilles       A     192.168.5.20
>                MX    10 achilles
> diomedes       A     192.168.5.22
>                MX    10 diomedes
> dev-ng-core4   A     192.168.5.1
>                MX    10 dev-ng-core4
> menelaeus      A     192.168.5.28
>                MX    10 menelaeus
> agamemnon      A     192.168.5.21
>                MX    10 agamemnon
> 
> test-zone.nl:
> $ORIGIN example.com.     ; designates the start of this zone file in
> the name space
> $TTL 1h                  ; The default expiration time of a resource
> record without its own TTL value
> example.com.  IN  SOA  ns.example.com. username.example.com. (
>               2007120710 ; serial number of this zone file
>               1d         ; slave refresh (1 day)
>               1d         ; slave retry time in case of a problem (1 day)
>               4w         ; slave expiration time (4 weeks)
>               1h         ; minimum caching time in case of failed 
> lookups (1 hour)
> )
> example.com.  NS    ns                    ; ns.example.com is the 
> nameserver for example.com
> example.com.  NS    ns.somewhere.com.     ; ns.somewhere.com is a 
> backup nameserver for example.com
> example.com.  MX    10 mail.example.com.  ; mail.example.com is the 
> mailserver for example.com
> @             MX    20 mail2.example.com. ; Similar to above line, 
> but using "@" to say "use $ORIGIN"
> @             MX    50 mail3              ; Similar to above line, 
> but using a host within this domain
> example.com.  A     10.0.0.1              ; ip address for "example.com"
> ns            A     10.0.0.2              ; ip address for 
"ns.example.com"
> www           CNAME ns                    ; "www.example.com" is an 
> alias for "ns.example.com"
> wwwtest       CNAME www                   ; "wwwtest.example.com" is
> another alias for "www.example.com"
> mail          A     10.0.0.3              ; ip address for 
> "mail.example.com", any MX record host must be
> 
> 
> Thanks,
> 
> Paul
> 
> 
> 
> 
> 
> From: Alexd at nominet.org.uk [mailto:Alexd at nominet.org.uk] 
> Sent: Friday, October 16, 2009 3:03 AM
> To: Rickard Bondesson
> Cc: opendnssec-user at lists.opendnssec.org; Sitowitz, Paul
> Subject: Re: [Opendnssec-user] RE: Build problem with Beta 2 version
> of OpenDNSSEC
> 
> > We will work on this problem. Alex, do you have enough of 
> > information to be able to find this problem? 
> 
> It would be very useful to get a copy of the zone which was to be 
> signed. Then I could try to reproduce the problem and fix it. 
> 
> 
> Alex.[attachment "issue-bundle.tgz" deleted by Alex Dalitz/Nominet] 
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20091022/a7360a57/attachment.htm>


More information about the Opendnssec-user mailing list