[Opendnssec-user] OpenDNSSEC 2.1.0 released

Yuri Schaeffer yuri at nlnetlabs.nl
Fri Apr 21 08:05:34 UTC 2017

> So noone really tested migrating a MySQL backed OpenDNSSEC
> installation from 1.4 to 2.x? I'm a bit concerned about this, as there
> are a lot of TLDs using OpenDNSSEC. Do they all still use 1.4? Do they
> not use MySQL? Didn't anyone test this in development?

Well, I did test it. But it is a complex migration because the database
layout and key state representation changed radically. Unfortunately I
can only test a subset of every imaginable situation in my lifetime.

It is true (my impression) that most people run OpenDNSSEC with SQLite
and the migration script was initially developed (and mostly tested for
corner cases and such) for SQLite and later adapted for MySQL. Same
database layout, slightly different SQL dialect.
In that process there was an oversight of some SQL dialect issues, like
the comment syntax. But depending on your MySQL version /and/ the
contents of your database this may or may not be a problem. It wasn't
for me at the time and went undetected.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20170421/3da30b4a/attachment.bin>

More information about the Opendnssec-user mailing list