[Pdns-users] Removing Dnssec records from slave PDNS servers
bert hubert
bert.hubert at powerdns.com
Wed Feb 17 16:13:40 UTC 2016
On Wed, Feb 17, 2016 at 03:47:57PM +0000, Marc van de Geijn wrote:
> Unfortunatly, the serial is updated on the master and synced to the slaves, but the slaves keep reporting the NSEC3 & RRSIG records. The master does not report these records when doing a AXFR from the slaves.
Can you show the actual output of 'pdnssec show-zone' on both master and
slave please?
Bert
>
> Met vriendelijke groet,
>
> Marc van de Geijn
> bHosted.nl
>
> Mail: marc at bhosted.nl
> Tel: 020 3118211
> Facebook: https://www.facebook.com/bHosted.nl.Webhosting
> Twitter: https://twitter.com/bhostednl
>
> -----Oorspronkelijk bericht-----
> Van: bert hubert [mailto:bert.hubert at powerdns.com]
> Verzonden: woensdag 17 februari 2016 16:41
> Aan: Marc van de Geijn <marc at bhosted.nl>
> CC: pdns-users at mailman.powerdns.com
> Onderwerp: Re: [Pdns-users] Removing Dnssec records from slave PDNS servers
>
> On Wed, Feb 17, 2016 at 06:27:59AM -0700, mvdgeijn wrote:
> > Hi,
> >
> > I was wondering what the best way is to remove Dnssec records from the
> > slave PDNS servers? Our master and slave DNS servers are all PowerDNS servers.
> > They are kept in sync using AXFR and are all on different locations.
> >
> > At this moment it seems that when I disable Dnssec on the master for a
> > domain, this information is not transferred to the slave DNS servers.
>
> Increase the serial (pdnssec increase-serial is an easy way, or pdnsutil on 4.x).
>
> That should trigger the slave to refetch without the DNSSEC.
>
> Bert
More information about the Pdns-users
mailing list