[Opendnssec-user] manual key rollover results in "1970-01-01 01:00:00"
Casper Gielen
C.Gielen at uvt.nl
Thu Nov 9 17:00:04 UTC 2017
Op 08-11-17 om 16:52 schreef Yuri Schaeffer:
>> In an attempt to locate anomalies in my database, the following value is
>> different (domain "dennisbaaten.com" in the table "zone"):
>> nextChange: "0"
>
> Ah. That explains some of it. I discovered a bug that causes this value
> not to be written some time. (and for a couple more timestamps that are
> also for display only) I'll fix that in a next release.
Dennis and I seem to be working in parallel. I just ran into this on my
test system.
I have one zone that has the same problem (1970-01-01 01:00:00) and also
nextChange = 0. (I guess that's the same value). It does happen to be
the zone that I use for most of my testing.
root at metagross:~# ods-enforcer key list --zone scpdata.org
Keys:
Zone: Keytype: State: Date of next transition:
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org ZSK retire 1970-01-01 01:00:00
scpdata.org ZSK retire 1970-01-01 01:00:00
scpdata.org ZSK active 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK retire 1970-01-01 01:00:00
scpdata.org KSK ready waiting for ds-seen
key list completed in 1 seconds.
The large number of KSKs is due to testing. This zone uses fairly
aggressive KASP timings to speed up testing.
Anything I can do to help?
--
Casper Gielen <cgielen at uvt.nl> | LIS UNIX
PGP fingerprint = 16BD 2C9F 8156 C242 F981 63B8 2214 083C F80E 4AF7
Universiteit van Tilburg | Postbus 90153, 5000 LE
Warandelaan 2 | Telefoon 013 466 4100 | G 236 | http://www.uvt.nl
More information about the Opendnssec-user
mailing list