Hi,
So I have multiserver setup and today I issued a dns rewrite command because the zone serial was out of sync (my fault, forgot to check the ssl checkbox on one server) but when looking at the datatask log I noticed some errors on signed dnssec zones. Why is an external server trying to rewrite them?
Can't an external server just skip these because they are signed? Another solution would be to also transfer the keys to external servers when using multiserver...
So I have multiserver setup and today I issued a dns rewrite command because the zone serial was out of sync (my fault, forgot to check the ssl checkbox on one server) but when looking at the datatask log I noticed some errors on signed dnssec zones. Why is an external server trying to rewrite them?
2021:11:16-13:14:06: Unable to save zone domain.com: named-checkzone returned:
loading "domain.com" from "/etc/bind/domain.com.db.temp.17697.8WSbRzgAOx" class "IN"
zone domain.com/IN: has no NS records
zone domain.com/IN: not loaded due to errors.
Can't an external server just skip these because they are signed? Another solution would be to also transfer the keys to external servers when using multiserver...