[Pdns-users] Different RRSIG's on master and slaves
mvdgeijn
marc at bhosted.nl
Tue Sep 24 08:38:59 UTC 2013
Hi,
I'm having trouble locating the problem why for one of our domains the RRSIG
record is different on the master and on the slaves (on the 2 slaves they
are identical). All DNS servers are PowerDNS servers running version 3.3
with MySQL backend. Transfers are done using AXFR.
Using dig +dnssec SOA:
MASTER:
concepthouse.nl. 3600 IN RRSIG SOA 8 2 3600 20131003000000
20130912000000 37080 concepthouse.nl.
nbB9I23pT6eTpPrJi12J6lW6R3CvYhjD0tZgR0k5K3ZARsFc+rBULYwF
9yIYyMhQWHMcWFhBI8khi8U96DT8cMu884Mp/3n5N8Ey3bm5BLVDipEJ
NErDp/1jE8JLdGOLvqIP5+3aBGCD8EhJ108OTykk0R/rEmXBCXNBP5O0 sEA=
concepthouse.nl. 3600 IN SOA ns1.bhosted.nl.
hostmaster.bhosted.nl. 2013092403 10800 3600 302400 3600
SLAVE 1:
concepthouse.nl. 3600 IN RRSIG SOA 8 2 3600 20131003000000
20130912000000 14754 concepthouse.nl.
hnVskWJ8HvqVj77fevulu4OprL6Yq9A7JD405gspWvlhcf4dsm/Jgmwv
fZyoHFA8Z04LmMNyfUNfXXRGd0ZufGONKU/5qSd2mTeAmapGE1ompyyP
u5JAcaF1EYumjkwBML75mD+bBfAhJm8Z6fD0fjcvIXoMemzb3qVAMysZ iMU=
concepthouse.nl. 3600 IN SOA ns1.bhosted.nl.
hostmaster.bhosted.nl. 2013092402 10800 3600 302400 3600
SLAVE 2:
concepthouse.nl. 3600 IN SOA ns1.bhosted.nl.
hostmaster.bhosted.nl. 2013092402 10800 3600 302400 3600
concepthouse.nl. 3600 IN RRSIG SOA 8 2 3600 20131003000000
20130912000000 14754 concepthouse.nl.
hnVskWJ8HvqVj77fevulu4OprL6Yq9A7JD405gspWvlhcf4dsm/Jgmwv
fZyoHFA8Z04LmMNyfUNfXXRGd0ZufGONKU/5qSd2mTeAmapGE1ompyyP
u5JAcaF1EYumjkwBML75mD+bBfAhJm8Z6fD0fjcvIXoMemzb3qVAMysZ iMU=
As you can see the serials are the same, but the DNSkey number is different.
How do I fix this? Disable DNSsec for this domain (and removing all
DNSkeys), and after that enable it again? Or is there another way?
Kind regards,
Marc van de Geijn
--
View this message in context: http://powerdns.13854.n7.nabble.com/Different-RRSIG-s-on-master-and-slaves-tp10349.html
Sent from the PowerDNS mailing list archive at Nabble.com.
More information about the Pdns-users
mailing list