[Pdns-users] DNSSEC Expiry with slaves
troy.kelly at really.ai
Thu Aug 24 02:05:48 UTC 2017
Thank you in advance for your advice, I'm sure this is a simple one - I
just can't find anything that seems to resolve our issue.
We recently implemented DNSSEC, and then more recently had several of the
RRSIG's expire - and those domains become unoperational.
We use PowerDNS as a stealth master, with public nameservers supplied by
one of our infrastructure providers.
Where we don't make regular changes to the domain - we are going to keep
experiencing this expiry issue.
Is there some (cron job?) solution that we can implement to roll over and
notify a domain before the RRSIG's expire?
I had thought of a weekly pdnsutil increase-serial for every domain - but
it seems like a real kludge of a solution.
This email and any attachments may contain confidential or privileged
information and may be protected by copyright. You must not use or disclose
them other than for the purposes for which they were supplied. The
confidentiality and privilege attached to this message and attachment is
not waived by reason of mistaken delivery to you. If you are not the
intended recipient, you must not use, disclose, retain, forward or
reproduce this message or any attachments. If you receive this message in
error please notify the sender by return email or telephone, and destroy
and delete all copies. Really Really, Inc. does not accept any
responsibility for any loss or damage that may result from reliance on, or
use of, any information contained in this email and/or attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pdns-users