[Opendnssec-user] OpenDNSSEC in a hidden master setup
mefystofel at gmail.com
Tue Aug 26 12:27:46 UTC 2014
On Tue, Aug 26, 2014 at 12:19 PM, Klaus Darilion
<klaus.mailinglists at pernau.at> wrote:
> At first I would start tcpdump on the ODS server and watch if there are
> incoming NOTIFYs if you increase the serial and reload the master. Then
> watch out if ODS makes a zone transfer (AXFR or IXFR). Further, the
> incoming handler of ODS will write the received zone to disk somewhere.
> Check if you have a new file with increased serial. Then the signer
> should be notified (I think via some unix socket) about the signing
> process (I once had file permission problems on this socket).
Thank you very much Klaus.
Stupid me -- incoming 53/udp was blocked on the hidden master.
Everything works like a charm now!
More information about the Opendnssec-user