[Opendnssec-user] Transition time in the past.
Siôn Lloyd
sion at nominet.org.uk
Tue Mar 25 13:15:56 UTC 2014
On 25/03/14 13:06, Fred.Zwarts. wrote:
> We are running ODS 1.4.3 for some weeks now. We have some zones for
> which we use policies with shared keys. It has been running well. I
> have seen a few zones that performed a ZSK roll-over at the wschedules
> times. But now I discovered a zone for which the active ZSK has a
> transition time a few days in the past. It looks as if it did not roll
> over in time.
> Each night, ODS is stopped in order to make a consistent backup of its
> state and started afterwards again with "ods-control stop/start",
> resp., but this does not trigger a roll-over for transition times in
> the past.
> Is there a good explanation for this behaviour, or is it a bug?
>
Hi Fred,
Is there a replacement key published in the zone? If so what state is it in?
Are there any log messages to do with that zone that might give a clue
as to what is happening?
Stopping and starting the enforcer should be fine, assuming it starts
back up properly of course (log messages should indicate if it failed to
restart).
Sion
More information about the Opendnssec-user
mailing list