[Opendnssec-user] Notify debugging
Rick van Rein
rick at openfortress.nl
Thu May 15 20:43:06 UTC 2014
Hi Fred,
> The /var/opendnssec/tmp/rug.nl-xfrd-state file still shows the old soa serial 2014051506, where the unsigned system is already at 2014051520.
> To me it looks as if opendnssec receives the zone, but does not process it.
> Any other ideas to diagnose this problem?
Can you have a look at /var/opendnssec/unsigned/rug.nl* ?
If the zone changes arrive (I assume the mutliple arrivals are due to zone updates, each resulting in a NOTIFY) then you should find it there, probably as rug.nl.axfr.
That should help you distinguish if it is a transport problem or a signer-trigger problem.
You can manually trigger resigning to see if it is a matter of the new arrival not triggering the signer properly, with
ods-signer sign rug.nl
-Rick
More information about the Opendnssec-user
mailing list