6 Zář
2017
6 Zář
'17
13:32
On 09/06/2017 01:15 PM, libor.peltan(a)nic.cz wrote:
Hi Volker,
thank you for your question.
Your suggestion is almost correct, just a little correction:
knotc zone-freeze $ZONE
# wait for possibly still running events (check the logs manually or so...)
Or check
knotc zone-status $ZONE +freeze
for
[$ZONE] freeze: yes
knotc zone-flush $ZONE # eventually with '-f'
if zone synchronization is disabled in config
$EDITOR $ZONEFILE # you SHALL increase the SOA serial if any changes made in zonefile
knotc zone-reload $ZONE
knotc zone-thaw $ZONE
Reload before thaw - because after thaw, some events may start processing, making the
modified zonefile reload problematic.
BR,
Libor
Dne 5.9.2017 v 23:17 Volker Janzen napsal(a):
Hi,
I've setup knot to handle DNSSEC signing for a couple of zones. I like to update
zonefiles on disk with an editor and I want to clarify which steps need to be performed to
safely edit the zonefile on disk.
I currently try this:
knotc zone-freeze $ZONE
knotc zone-flush $ZONE
$EDITOR $ZONE
knotc zone-thaw $ZONE
knotc zone-reload $ZONE
As far as I can see knot increases the serial on reload and slaves will be notified.
Is this the correct command sequence?
Regards
Volker
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users