[Opendnssec-user] Hot standby redundancy with OpenDNSSEC 1.4 and DNS Input Adapter

Ville Mattila vmattila at csc.fi
Fri Apr 12 11:45:26 UTC 2013


On 12.04.2013 13:50, Jakob Schlyter wrote:
> On 12 apr 2013, at 12:46, Ville Mattila <vmattila at csc.fi> wrote:
>> This wouldn't be a problem if we could make OpenDNSSEC use `unixtime' as
>> SOA serial number.  But we can't because our zone management system only
>> supports `datecounter' (YYYYMMDDNN) format which makes OpenDNSSEC
>> fallback to `counter' mode:
> You can have OpenDNSSEC overwrite the SOA serial number with unixtime, even though your zone management system uses something completely different.

That's what I was expecting it to do, but with policy set to use
`unixtime' and receiving `datecounter' serial it seems ods-signerd
v1.4.0rc3 reverts to `counter' mode (quoting my previous message):

Apr 12 12:34:17 signer1 ods-signerd: [namedb] unable to use unixtime as
serial: 1365759257 does not increase 2013041212. Serial set to 2013041213
Apr 12 12:34:17 signer1 ods-signerd: [namedb] update serial: 2013041212
+ 1 = 2013041213

Ville Mattila

More information about the Opendnssec-user mailing list