DNSSEC bug or working as designed?

Richard G

Verified User
Joined
Jul 6, 2008
Messages
12,504
Location
Maastricht
I'm running 1.58.2 so the newest DA and multiserver setup.

Yesterday I created some DNSSec domains which worked fine. Today suddenly 1 (from my company) wasn't signed anymore and my domain was not reachable anymore from a lot of servers.
I had to use this command do get the files over to the other server, after that things started to work again:
Code:
 echo 'action=rewrite&value=named&domain=mycompany.com' >> /usr/local/directadmin/data/task.queue

So far so good.
But I also removed a DNSSec from another domain and forgot 1 thing:
Edit the named.conf. Change the zone entry for that domain from domain.com.db.signed to domain.com.db
after that, named would start again.

But this brought me to the idea to also check this on the remote server of the multiserver setup.

I've seen the remove server of the multiserver setup only uses the .db files and not the .db.signed files. Is that correct?

Because if the main server would shut down, the secondary server is asked, and since dnssec is missing there, won't this generate incorrect answers?
 
I'm new to DA and have no idea on this. Lets try tagging @DirectAdmin Support;
 
Hello,

The other server in a cluster will have only domain.com.db file with a signed zone inside of it. That's OK and expected.
 
Back
Top