[Opendnssec-user] AXFR's Between OpenDNSSEC + PowerDNS
lennon at orcon.net.nz
Mon Jun 20 01:05:32 UTC 2011
>You are missing one important point. OpenDNSSEC doesn't provide outgoing
>zone transfers, it has to rely on a nameserver to do that. It can do
>incoming zone transfer (pull a zone from a nameserver).
What I wanted to do is.. Pull a zone..... Sign the zone and then push it
via an AXFR to a slave (or get the slave to pull the zone from the
opendnssec) . Ie Acting as a signing proxy.
But what you are saying with opendnssec is it will request via an AXFR ->
sign and then place the files on the harddrive (say in
/var/lib/opendnssec/signed directory) and then you have to do something
Ie run powerdns/bind again on the box where the files are and it will axfr
them to the slaves.
(hidden master powerdns server) -> opendsnsec (saves files to directory)
-> powerdns on the same box to axfr them to slaves.
More information about the Opendnssec-user