[Opendnssec-user] Two questions
Roman Serbski
mefystofel at gmail.com
Tue Sep 2 10:11:35 UTC 2014
Hello,
I'm running NSD 4.0.3 as a hidden master and OpenDNSSEC 1.4.6 on a
separate server getting plain zones from the hidden master via DNS
adapters. Everything is working fine, but occasionally I get the
following in the logs of OpenDNSSEC:
Sep 2 10:33:08 srv-signer ods-signerd: [xfrd] zone domain.org request
udp/ixfr=2373323896 to 192.168.157.46
Sep 2 10:33:08 srv-signer ods-signerd: [xfrd] bad packet: zone
domain.org received error code NOTIMPL from 192.168.157.46
Sep 2 10:33:08 srv-signer ods-signerd: [xfrd] zone domain.org request
axfr to 192.168.157.46
Sep 2 10:33:08 srv-signer ods-signerd: [xfrd] zone domain.org got
update indicating current serial 2014082701 from 192.168.157.46
where 192.168.157.46 is the IP of my hidden master.
However, the zone is transferred without any problems and I do see
domain.org.axfr and domain.org.ixfr files in tmp directory. Is it
expected?
And the second question: could somebody please explain the reasons for
increasing ZSK lifetime from 30 to 90 days in the default policy?
Thank you in advance.
More information about the Opendnssec-user
mailing list