DNSSEC bug or working as designed?

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,221
Location
Maastricht
I'm running 1.58.2 so the newest DA and multiserver setup.

Yesterday I created some DNSSec domains which worked fine. Today suddenly 1 (from my company) wasn't signed anymore and my domain was not reachable anymore from a lot of servers.
I had to use this command do get the files over to the other server, after that things started to work again:
Code:
 echo 'action=rewrite&value=named&domain=mycompany.com' >> /usr/local/directadmin/data/task.queue
So far so good.
But I also removed a DNSSec from another domain and forgot 1 thing:
Edit the named.conf. Change the zone entry for that domain from domain.com.db.signed to domain.com.db
after that, named would start again.

But this brought me to the idea to also check this on the remote server of the multiserver setup.

I've seen the remove server of the multiserver setup only uses the .db files and not the .db.signed files. Is that correct?

Because if the main server would shut down, the secondary server is asked, and since dnssec is missing there, won't this generate incorrect answers?
 

raghav

Verified User
Joined
Sep 8, 2011
Messages
26
I'm new to DA and have no idea on this. Lets try tagging @DirectAdmin Support;
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,893
Location
GMT +7.00
Hello,

The other server in a cluster will have only domain.com.db file with a signed zone inside of it. That's OK and expected.
 
Top