[Opendnssec-user] About High Availablity for OpenDNSSEC

Siôn Lloyd sion at nominet.org.uk
Tue Aug 26 09:26:29 UTC 2014

On 25/08/14 03:33, gaolei wrote:
> I wonder if enforcer runs on both nodes,what will happen ? Does the
> enforcer on slave have to be stopped?

There are several things that could make two enforcers use different
keys. Even though it uses the oldest suitable key it finds it may
enforce multiple zones in a different order because of slight
differences in runtimes or system reboots, etc... As time goes on the
possibility of the two machines diverging increases.

Basically there is no advantage to running the enforcer on the slave,
only possible downsides. So long as the signer on the slave agrees about
which keys to use then switching to the slave should work, in your case
where you have the same backend database then failover would involve:

1) starting the enforcer on the slave machine so that it picks up the
current keyset
2) checking that the files in the signconf directory have current timestamps
3) checking the keys in use in the zone match the current "live" set
(i.e. the keys that are out in the wild)

then you should be good to publish from the slave.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20140826/2f9736b2/attachment.htm>

More information about the Opendnssec-user mailing list